Around a decade ago, when the number of applications and services one needed to log into could be counted on one hand, people still complained that they needed to remember those few passwords. Now that we have dozens of services that need login credentials, how do people remember all those passwords?
The fact is, they don’t. Remembering dozens of passwords is a pain, so most people just reuse the same passwords for multiple services.
Nearly all websites warn you against using the same password, and ask you to create a strong complex password that is unique to their service. Unfortunately, such a feat is not humanly possible. Even for the average computer user, a dozen different services isn’t a lot to use, and for power users, the number of passwords one needs to remember could be in hundreds!
A simple three-step way to safeguard your identity (okay, two-step)
And thus should be avoided at all costs, yet we all do it. So how can you be secure without needing to remember hundreds of passwords? There are many techniques that can help.
First, through a strict ten-year dietary and exercise regimen involving memory-enhancing drugs, ten hours of meditation a day, and the strategic use of carrots, develop a super-human capacity to remember hundreds of pointless sequences of symbols.
Second, use a pattern while creating passwords such that you can always derive the password from the name of the site.
Third, save your passwords in your browser, or other password-saving services.
For the purpose of this story, we will only cover points two and three.
“Pfft, what’s wrong with using one password for all services?”
What if you have one super-strong-extra-long password? If it can’t be guessed or cracked even by the best supercomputer, surely you are safe! Unfortunately, even this is not true. Not all the sites you use, protect your password as well as they should, and if such a site gets hacked – which is even more likely since they are lax on security – your super-duper password will become part of public record; just that one weird entry among a list of statistics that shows that over 60% people use weak passwords.
Once your password is out there, the rest of your accounts are vulnerable. You might not care if your “I Can Has Cheezburger?” account gets hacked, but it’s your bank account that will be compromised first; before they post an unflattering picture of a cat under your name to add insult to injury. So before you do anything, go change your bank account password now! We’ll wait.
Patterned passwords prevent pointless panicking
Since the goal is to have a strong password that is hard to guess but is also unique for each site, let’s just start with a hard password, such as: “BZnm$psMU3”. It’s complex, but just one password to remember.
For each service you use, append or prepend something to the password that is unique to the site it will be used on. For example, for Facebook you could have “:-)bK”; for Gmail, “gE-male”; for Twitter, “7vitR” and so forth.
The point is to base it on the name of the site. For sites you don’t use so often, you can have a simpler derivation that’s easier to remember, so maybe just “Cheese” for I Can Has Cheezburger?
There is just one flaw in this plan. Everything goes smoothly until you need to change one of your passwords. Perhaps the service got hacked, or just requires you to change the password after a set period. Then things start going downhill, because the rest of your passwords have one pattern and this new one sticks out like a sore thumb.
Save and sync across browsers and devices
Nearly all browsers let you save passwords now, why not take advantage of the feature? If you save passwords, the complexity and number of passwords doesn’t matter, you don’t have to remember them!
Opera, Chrome, and Firefox can even sync passwords across computers (but the same browser) so if you use multiple computers, you don’t need to re-enter them all. Opera and Firefox can even sync to their mobile versions.
Unfortunately, this can be insecure if someone has access to your computer or device. Firefox and Opera allow you to add a master password that protects all passwords; use it.
If you use different browsers across different devices, these single-browser solutions won’t do. In that case, you need something to synchronize across browsers and devices. For this, it is best to use software that work across browsers, such as LastPass, or KeePass. Both are free and have their advantages and disadvantages, which could form a discussion on their own, but here are the basics:
LastPass integrates with nearly all browsers and has powerful syncing support.It automatically recognizes when you log in and saves the login data. It can automatically log you into sites. It has clients for mobile as well, but you need to pay for that feature.Ways
KeePass doesn’t have good support for syncing, but can integrate with a few browsers, and is generally agnostic to which software you are logging into. So you can use it for your email and IM clients as well. It is free and open source across all platforms, mobile as well, but syncing is harder.
There are of course other options, some paid, that you can try, such as 1Password, and PassPack. If you’re putting all your eggs in a single basket, that basket better be damn good! Find and use a software / service you are comfortable with, and protect it well.
1 comments:
Nice article.
If you want GST Bookkeeping Software, then you can apply for that with GSTefilings. They deal with all types of Legal Services that will make your legal journey easy.
Hope it will help
Thanks.
Post a Comment