Managing your Passwords the Easy Way!

Posted: October 15, 2015

It is time! It is time to add complexity to your passwords and to simplify your password management! It is time to make bizarre passwords of absurd lengths – and it is time to give up memorizing bizarre passwords of absurd lengths!

In SplashData’s 2014 list of worst passwords “123456” topped the list with “password”, unsurprisingly, being the second most commonly used password.  Other passwords in the Top Ten were “qwerty”, “dragon” and “football”.   This list shows the importance of keeping names, easy numeric patterns and popular sports teams out of your passwords.  Many people use weak passwords and, to make matters worse, reuse them for all of their password needs.

Why Have Unique Passwords?

Password reuse is a serious problem because of how frequently passwords are compromised. When your password gets compromised, hackers have an email address, username, and password combination they can try on other websites. If you use the same login information everywhere, a compromise at one website could give the bad guys access to all your accounts. If someone gains access to your email account in this way, they could use password-reset links to access other websites, like your online banking or credit cards.

One good way to prevent password compromises from being so damaging is to use unique passwords on every website. Also, use strong – long, unpredictable and containing numbers and symbols - passwords.

Easier said than done though, right? Between email, Facebook, Twitter, Instagram, online banking and health care, many of us have dozens of accounts to keep track of, remembering strong passwords is nearly impossible without resorting to some sort of trick. One good trick is to use a password manager that can remember your passwords for you.

Using a Password Manager

Using a password manager will make managing your online life a little bit easier.  It will increase your security (always a good thing) and free you from the hassle of having to remember dozens of passwords for all your accounts, or worse, storing them on post-its next to your computer!  By using a password manager you don’t need to be concerned with logins, email addresses or personal information as the password manager locks all that away, safely and securely.

For new accounts some password managers also remove the hassle of coming up with yet another – unique and secure – password as they can do that for you.  Some will check websites for certain fields and fill out username and password information for you.

Random, easily generated and strong passwords sounds good right?  Well yes, for the most part it is but all this security does come with some risk.  The biggest risk being all your eggs are in one basket, so to speak – especially if you opt to use a cloud based solution.  If a hacker succeeds in getting your master password, then they have the keys to your kingdom.

Another important consideration is the master password, which you use to secure the vault.  If you forget your master password, you are locked out of the safe with no access to the contents.  There are steps you can take minimize these risks though. Most new smart phones use fingerprint readers and your fingerprint is your password.

Despite the risks though, the benefits of using a password manager greatly outweigh the dangers of using and reusing insecure passwords and you can take comfort in knowing you protected yourself when the news reports the next big data breach.

Getting Started with Your Password Manager

There are many different password managers available. Some for free and some for a cost. Many do the same thing, but some come with a lot of bells and whistles. Which password manager to choose is a personal decision and may require some research to find one that best meets your needs. Making recommendations for specific software managers is beyond the scope of this article, but many Ag IT staff have used KeePass* and been happy with it.

*Where trade names appear, no discrimination is intended, and no endorsement by Penn State is implied.