Last week’s tip on passwords seems to have been a good one. It was by far the most popular one I’ve ever shared and I got more comments and questions than ever before. Many of those comments were along the lines of “Wow, my passwords weren’t nearly as secure as I thought!”
The question I got the most was along the lines of “How in the heck do you keep track of all the different passwords you use in all the different places you need them?” This is what we’ll look at this week – managing your passwords.
I’ve discussed this in a previous tip titled “&!#@% passwords” that also included a good idea on how to remember 100 different passwords with 1 rule set. Since that’s been over 2 years ago many of you may have missed it and there are some new options that weren’t around back then.
I’m still using KeePass to keep track of all my passwords. KeePass is a desktop password manager which securely saves passwords to web sites, computers, networks, email accounts, etc. etc. on your computer. It will tell you how strong your passwords are and can even generate random passwords for you.
Here’s how it works: you set one master password which opens your KeePass password database. Once you’re in, enter and retrieve usernames and passwords (with optional URL and notes) for various login services (ie, Amazon.com, PayPal, Ebay). KeePass can suggest hard-to-guess random passwords as you set up new login accounts, and it’s small enough to save on a thumb drive so you can take your passwords with you. Because no one has your KeePass master password, it’s very difficult for someone to open the database if your thumb drive or laptop is lost or stolen. (You do have a backup plan right?!?!)
Before you dive in, here are a few things to keep in mind:
1. ONLY install KeePass on a computer you control and own. Don’t set it up on a shared computer.
2.In general, the best place to keep passwords is in your head. But, it’s a good idea to have a different password for each service you log into, so if Someone Bad knows one of your passwords, they can’t log in as you into everything else. So KeePass is a good way to keep track of the different passwords, HOWEVER, it’s not a great idea to rely on software (or monitor sticky notes) for super important high-security passwords.
3, Never, give away your KeePass master database password. Yes, if you’re suddenly struck with amnesia, you’re kind of hosed, but if you were trying to remember all your passwords instead of just the one master, you’d be hosed anyway.
4. The best passwords are easy to remember and hard to guess.
See “How to remember 100 different passwords with 1 rule set” for some tips.
Not convinced? Or looking for other options? Check out this article on the Five Best Password Managers
NOTE: If you are one of the people who keep your passwords in an Excel file, those passwords are relatively easy to bypass.