Password management

With another 2 high profile password leaks this week I though it might be an idea to discuss password management.

So with the best will in the world I only know of one person who has a unique alpha numeric password for every single on line log in for the rest of us there is simply too many to keep track of.

So I thought I would explain my own twisted logic on how I manage my passwords.

Secure passwords
These are for important things that include my bank details or are registered email addresses for accounts that have my bank accounts as their contact address.
These are all different from each other and are full alpha numeric upper and lower case passwords

Normal security
This is for things like other email addresses or on line stores that don’t store my credit card details, I have 3 of these overall that means if I can’t remember which one I set it I will guess it before I lock the account. They are still apha numeric but easier to type to my hand (that still doesn’t mean qwerty123) they are just designed to alternate hands when typed to make them faster.

Untrusted sites
Sometimes I order form companies that I don’t know and with anyone who’s reputation I don’t know I won’t trust them with any of my “good” passwords so I have a few dictionary words that I have used as passwords since a kid. Being all grown up now though I don’t rely on these as trustworthy so use them as almost disposable passwords on accounts that I don’t use anywhere important.

Things to remember
Remember to keep a unique strong password on the email address you use with your bank or big online stores like amazon. There is no point in keeping a secure password on your accounts if all the hacker has to do is access your email account and request a new password from the banks …

Never give a password over the phone (unless its an identifier set for the phone call) or click through a link in an email to a password box.

Passwords will be revealed, databases will get hacked, even hashed passwords will be broken. All you can do is react quickly when it happens

This entry was posted in Web Security. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>