Computer Update: Creating secure passwords

I’ve been very busy over the past few days. To those of you wish to take care of the password issues on our own — PLEASE TAKE THIS ADVICE SERIOUSLY. This is an e-mail to print out!
Steps for Creating Secure Passwords
1. Having passwords you can remember is not a big deal. At most you should have one password you remember and that will be covered in step #3c below.

2. Two websites that you log into should not share the same password.

3. creating secure passwords
All passwords should have — a capital letter, lowercase letter, number (and symbol if allowed)
Your password should be AT LEAST 10 characters long
a. at a minimum start with the same base for your password – perhaps something that is meaningful to you
ex. Bob1984…..
and then end that password with something meaningful FOR THAT PARTICULAR WEBSITE
ex for Comcast’s website — Bob1984cmst
^^ This strategy helps you differentiate passwords for each site. This is a bare minimum level of security.
b. use a random number generator to create your passwords. this is my favorite tool for creating passwords using this method….
http://www.random.org/passwords/
Again your password should be 10 characters long

c. Use a Password Manager. The password manager is a piece of software on your computer and in your browser (Firefox and Chrome — Internet Explorer if you want to torture yourself).

The two password managers that I recommend are
LastPass.com
– Free for computer only use, although you can pay $12 a year which gets you access on your smartphone
1Password (http://1password.com)
– a $49 1 time purchase.
(Robo Form is also a fine password manager. They charge $20 per year. It’s not as popular as it once was, but they appear to be thriving.)

With either program — all you need to know is ONE OF YOUR PASSWORDS. This is the master password. All of your other passwords are stored in the program and are completely secure. Last Pass and 1Password also have a random password generator that helps you create secure passwords.

Whether you choose 3a, b, or c to deal with passwords, DO ONE OF THEM. If aren’t going to make an appointment to deal with password changes, please change all of your passwords in the next few days. That is the safest blanket advice I can give you.
Conclusion
Finally, I just want to say that I have heard some clients say in the past — I don’t want to deal with passwords. I just want to make it 1,2,3,4,5,6. That’s not acceptable. If you TRULY feel this way — you shouldn’t be on the internet. There may be a day when we can plug a key into our computers that stores all of our passwords, but we are a couple years way from that being easily utilized in consumer applications.

Advertisements