In my work with clients I have run into passwords in all kinds of unbelievably random and insecure places. I always shrink back from them when I see them… I don’t want to know! Passwords are the key to unimaginable ruin in the wrong hands, and it consistently shocks me how careless people are with this information. (It’s just as bad as how often I see people who don’t do computer backups!)
“I don’t need to have a system… I have one password I use for everything.”
Think again. I know of a person in my area whose Yahoo e-mail password was compromised, and once the thief infiltrated his e-mail account he used forgotten password functi
ons on other websites to unlock many more (they were just emailed right to him!). Since the thief quickly realized that the same password had been used for everything, it was a piece of cake for all accounts to be penetrated. By the time the victim discovered the breach, all hell had broken loose, involving eBay, PayPal, and $32,000 of merchandise about to be shipped to Africa… no kidding.
Lessons learned: Use a very strong password to protect your e-mail account, guard it fiercely, and use different passwords to avoid one compromising all of the others.
You also need to be mindful of being hit by the proverbial bus. Would important people know how to get this information if something happened to you? Make sure that you do have a system and that someone else knows how to access it in an emergency.
Electronic Password Keepers
There are many great database applications made for storing passwords. A previous Lifehack article by Leo Babauta lists ten free apps you can use, but I like SplashID, which costs $20, is available for both Mac and PC, and synchronizes its desktop component with almost all major PDA platforms. I really like having my information with me, securely encrypted, when I am away from my desk. Whatever application you choose, DON’T use a Word or Excel document for this purpose (especially one named “PASSWORDS”) that can be easily infiltrated.
Along with passwords and other login information, I also enjoy using the SplashID database for keeping many other data tidbits, such as software licensing information, identification numbers like my family’s Social Security numbers, my cars’ VIN numbers, computer support information and service tags, and frequent flyer program numbers.
Paper-Based Password Keepers
Some people are reluctant to use electronic solutions, and if so, you can either repurpose an address book or use a 3×5” index card file. (I am sure our loyal readers will have a few suggestions, too.) There are also a few products on the market now that are made just for this purpose, such as the Internet Password Organizer. It’s basically a black, nondescript book with laminated alphabetical index tabs like an address book, but the printed fields are tailored to computer-related needs.
Tips on Paper-Based Systems:
- Use a pencil to write down your entries as they may change.
- Don’t label your card file box or password keeper book with the word “PASSWORDS!” Keep it on the down-low.
- You may want to write down the passwords as “hints” instead of the actual passwords, in case your password keeper is lost or compromised. For a password like “fido1995,” you might write a hint like “dog+year” that you’ll definitely remember.
- If you use index cards, they have more room to write other details about the account, such as logs of customer service notes or order dates.
- Do NOT write password hints that are relative to other accounts, like “same as Amazon,” because that can become a big cross-referencing mess quickly when you change the referred-to accounts.
On a final note, PLEASE do not use your birthday or your children’s names any more! (See this previous Lifehack article on how to create strong passwords.) Whether your system is electronic or paper, one of the best advantages of having a system is that you can use even more secure passwords and change them up, since you are no longer relying on your own memory.