Passwords: How to Stay Safe
One of the things that clients hear me harp on all the time (I'm seriously like a broken record on this topic) is passwords. Yes, they're a pain. Creating them. Saving them. Remembering them. It all sucks. But we're stuck with this system for now, or at least until biometrics become more widely available à la Minority Report. Although I don't know if I really need khakis badly enough that I want The Gap scanning my retinas.
But my paranoia about passwords exists for a reason. Over the years I've been in business, I've seen SO many cases where poor password management has caused terrible outcomes. And sometimes all it takes is one unfortunate click on a phishing email to start you down the road to identity theft…and needing to change ALL of your passwords at once. Which, as you can imagine, is a giant pain in the you-know-where.
So here are my suggestions for best practices on how to work with passwords!
Use a password manager to safely store your data. My favorite software for this is 1Password, but there are all kinds of other choices that are fine too (LastPass, Keeper, and so on).
Let the manager generate passwords for you (instead of you making them up). Since all of your passwords will be kept in the software's database, you don't have to worry about being able to remember each one.
Speaking of memorizing passwords, you must use a unique password for every login you have, and you shouldn't use any kind of tricks to make them easier to remember. So for example, don't use "Apple1234!" and "Amazon1234!" to attempt to make the passwords "unique" from website to website. It's pretty easy to crack that code, unfortunately.
Passwords should be long (20+ characters), and length is more important than whether or not you add complexity by using numbers, symbols, and the like. So "ihatememorizingpasswordssoiavoiditentirely" is a much better password than "Roxy1!$." You'll also want to be sure you don't add repeating or sequential characters (like "qqqqqq" or "5678").
If you really don't want to use a password manager for storage, then just be sure to keep your data in a secure place. Don't write passwords down on a piece of paper or in a notebook. Don't store them in your contacts program or in your notes app. If you absolutely must use a piece of software you already have, then an okay alternative is to use an Excel document or a Numbers one, but just make sure you password-protect the file. (Here are the instructions for doing that in Excel; here's how you do it in Numbers.)
Finally, never ever EVER email your passwords to anyone, and no reputable company should ever ask you to give one out over the phone, either.
If you have any questions about passwords and how best to keep yourself safe, of course feel free to contact us, but otherwise…be safe out there. Don't let the bad guys win. It's sad that in order to keep them from winning, we have to make things so super inconvenient for ourselves! Life was much easier when all of my passwords had my dog's name and birthdate in them.