Upon questioning the administrator about how the password were developed he said "but they are very secure."
To which I replied "not if I have to write it down on a piece of paper to remember it!"
And there is the crux of the problem. We are drowning in passwords, and many of us are using less than high tech means to keep track of which password will unlock what site. Whether your passwords are written on a piece of paper stuck under your keyboard, or obsessively tracked in an Excel document (I'm looking at you dad), the truth is, if we've written the password down, it is at risk for discovery.
So, what is an overwhelmed web surfer to do?
While there seems to be some debate about how complicated a password needs to be to be considered "secure," some recommendations appear to be universal:
- The longer the password, the better (yes, a two-letter password is too short)
- Don't use the same password everywhere (otherwise, you may end up giving away the 'keys to the kingdom.')
- Plan on including a number and/or special character (most sites are going to require it anyway)
- Easy to remember (rather than easy to figure out)
My password system is pretty easy – I have come up with a word that I use for all passwords, to the end of which I tack the first letters of the site I'm accessing. For example:
Password for Overstock.com - Franklin1234Ov
Password for Amazon.com - Franklin1234Am
Password for eBay - Franklin1234eB
The only person who knows the "keyword" is my husband, which I told him in case he needed to access one of my accounts. He uses a similar system to manage his passwords, and I am the only one who knows the key. And for those sites which require we change our passwords on a semi-regular basis, we have extra keywords which we can use.
If you need some help creating a keyword that is super-complex, you may want to use the tips from Microsoft.com, which would give you a password that looks something like this: ?lACpAs56IKMs (Yuck).
How do you keep track of your passwords?