RapidStudio Tip Number 3: The Taming of the Passwords.
These days it seems every site wants you to register and log in, every password has different rules, and every username is based on some other of my personal information, I can't even remember my new cell number, how am I supposed to remember the myriad of login credentials that are demanded of me each time I venture onto the internet?
Usernames and passwords protect our online identity, they are the face and voice by which we are recognised by the many different sites we visit and interact with. As I am sure you can imagine, it's important to keep this information secure, not hand it out freely to anyone you encounter on the internet. keeping in mine - that each and every time we type it - we are giving it to someone.
here are some rules (explained) to guide you to a safer and easier online experience:
Keep your most important passwords private.
If you register with a website, often times you give them your email address as part of the registration. If your password for that website is the same as the password you use to log into your email, you have just given them (if their database is not encoded, their employees / developers can easily see your password) the ability to access to your email account.
For this reason it's very good to have different passwords for important, reputable sites (email), and for less reputable / community / social / small e-commerse sites.
Make your most important passwords difficult-to-guess
It's probably unlikely that someone is stalking or conning you, but still, when it comes to online banking, other financial sites and your email, your password is all that keeps anyone but you out. If you use things like your maiden name, kids / lover's names or date of birth as your password, this information can often be gleaned from social sites like Facebook (even if you are not a member, your family members or friends might inadvertently expose when talking about birthday celebrations or other social matters.
It's also very important to remember that most "forgotten password" buttons will email you your password, so if someone does gain access to your email account, they can retrieve passwords from most of your other online accounts.
So how do I get this right?
There are a few options when it comes to managing your passwords, each with it's own drawbacks.
My personal favourite - I save them all in a 256bit one-way encoded database (very secure) on a flashdisk that I keep in my wallet (so I have it with me most places). I copy a backup on my PC and on my Gmail in case I loose the disk or it breaks. I use a small free easy-to-use program called KeePass that encodes and decodes the database whenever I need to see my passwords. This is all a lot easier than it sounds, and a great way to keep safe and still never forget a password. it's quick and east to use ans very secure. It also generates secure passwords for you.
The drawbacks: if someone were to figure out how to crack the 256bit hash it would be possible for them to get the passwords. You need one main password to protect the whole database which needs to obviously be a secure password. If you don't back-up your database, and loose it - all your passwords are lost.
KeePass.info
Another option is to create a set of 3 or 4 passwords, a complex one for financial information, a second one for your email, and a third one for social / community / e-commerce sites. You really should not write the first two down.If you choose passwords that nobody can guess, and you can remember, this is 10 out of 10 - the best and most secure of all options. The key is, you need to remember them one way is to try and choose a combination of letters and numbers that are memorable to you. An example might be your ID number with the number "0"s swapped for letter "o"s and "1"s for "i"s or "L"s. Don't use the example - cos I and anyone else reading this will guess it - just follow it as a guide.
The drawback of using numbers you will remember is that it's easy for other people to guess - you also have to remember these complicated numbers by heart.
Other options - making songs or stories to help you remember them, or make the password something related to the account / website or writing them down somewhere private. I'm sure you realise writing them down is one of the least-secure options - not at all recommended.
The main things to remember:
My personal suggestion (for those of us who struggle to remember) use KeePass. KeePass.info
The Taming of the Passwords.
Usernames and passwords protect our online identity, they are the face and voice by which we are recognised by the many different sites we visit and interact with. As I am sure you can imagine, it's important to keep this information secure, not hand it out freely to anyone you encounter on the internet. keeping in mine - that each and every time we type it - we are giving it to someone.
here are some rules (explained) to guide you to a safer and easier online experience:
Keep your most important passwords private.
If you register with a website, often times you give them your email address as part of the registration. If your password for that website is the same as the password you use to log into your email, you have just given them (if their database is not encoded, their employees / developers can easily see your password) the ability to access to your email account.
For this reason it's very good to have different passwords for important, reputable sites (email), and for less reputable / community / social / small e-commerse sites.
Make your most important passwords difficult-to-guess
It's probably unlikely that someone is stalking or conning you, but still, when it comes to online banking, other financial sites and your email, your password is all that keeps anyone but you out. If you use things like your maiden name, kids / lover's names or date of birth as your password, this information can often be gleaned from social sites like Facebook (even if you are not a member, your family members or friends might inadvertently expose when talking about birthday celebrations or other social matters.
It's also very important to remember that most "forgotten password" buttons will email you your password, so if someone does gain access to your email account, they can retrieve passwords from most of your other online accounts.
So how do I get this right?
There are a few options when it comes to managing your passwords, each with it's own drawbacks.
My personal favourite - I save them all in a 256bit one-way encoded database (very secure) on a flashdisk that I keep in my wallet (so I have it with me most places). I copy a backup on my PC and on my Gmail in case I loose the disk or it breaks. I use a small free easy-to-use program called KeePass that encodes and decodes the database whenever I need to see my passwords. This is all a lot easier than it sounds, and a great way to keep safe and still never forget a password. it's quick and east to use ans very secure. It also generates secure passwords for you.
The drawbacks: if someone were to figure out how to crack the 256bit hash it would be possible for them to get the passwords. You need one main password to protect the whole database which needs to obviously be a secure password. If you don't back-up your database, and loose it - all your passwords are lost.
KeePass.info
Another option is to create a set of 3 or 4 passwords, a complex one for financial information, a second one for your email, and a third one for social / community / e-commerce sites. You really should not write the first two down.If you choose passwords that nobody can guess, and you can remember, this is 10 out of 10 - the best and most secure of all options. The key is, you need to remember them one way is to try and choose a combination of letters and numbers that are memorable to you. An example might be your ID number with the number "0"s swapped for letter "o"s and "1"s for "i"s or "L"s. Don't use the example - cos I and anyone else reading this will guess it - just follow it as a guide.
The drawback of using numbers you will remember is that it's easy for other people to guess - you also have to remember these complicated numbers by heart.
Other options - making songs or stories to help you remember them, or make the password something related to the account / website or writing them down somewhere private. I'm sure you realise writing them down is one of the least-secure options - not at all recommended.
The main things to remember:
- Don't ever ever use the same password for for your account at www.some-porn-site.co.za or www.some-social-site.co.za as for your email or bank account
- Don't use passwords that are easy to guess - or write them down near your computer where people can see them
- Do make sure you have a sure-fast way of remembering your passwords with confidence
- Do make sure you have a way of remembering them that will not leave you feeling confused or intimidated
My personal suggestion (for those of us who struggle to remember) use KeePass. KeePass.info
Comments
Post a Comment