Passwords – How to Choose Them and How to Manage Them

Introduction

This is the first in a series of short articles about computers and their everyday use. I hope you find them informative and useful. This one is about passwords – some dos and don’ts when picking them, and some ideas to help remember them. The text of this article is currently as it appeared in the September 2012 edition of The Open Door magazine. A more detailed version will follow shortly.

Why you shouldn’t reuse a password

As soon as you go online it seems that nearly every website asks you to invent and remember a password - your bank, Amazon, eBay, Apple’s iStore. Many people give up on this after the first three or four, and reuse passwords. This is a bad idea. Passwords have a habit of “leaking” out into the open, and you have no control over how your password is managed by others online. Some well-known sites have used poor storage techniques and then been hacked. If one of your passwords becomes known, it cannot compromise the others if you avoid reuse.

How not to pick a password

How to pick a password

It’s important that a password is good, or “strong” as cryptologists say, and that you don’t re-use it and don’t write it down. Choose a password that has the following properties:

Email and password security

A big risk to the security of your passwords is the use of email on public networks. If you’re connected to the internet via public Wi-Fi, don’t download email using programs like Outlook, Thunderbird, etc. Reading email using webmail in a browser is OK as long as the site has an https prefix (note the “s”). If you must download email on a public network, always change your email password as soon as you get home.

Using software to manage your passwords

It’s unnecessary to burden your memory with anything more than one password if you use a password manager. It’s software that allows you to create, store and manage all your passwords in a single encrypted file on your computer. You then choose a single, master password to unlock this file whenever you need to gain access to your other passwords. It can even open sites in your browser and log you in automatically. One of the best-known password managers is open-source and free. It’s called KeePass, and can be downloaded here: http://keepass.info