Today’s PSA: Changing passwords.

We all make lazy decisions. I am no exception to that rule. Because of my lazy choices, I now have to change a ton of logins.

This entry is a bit long-winded, so here’s the quick summary:

Your password should be at least 8 letters and numbers. It needs to be complicated to guess, but easy to remember.

Example: You can remember your graduation, right?

Sentence: “I graduated in 1996 from Germantown High”
Password becomes: “GTownHigh1996” or to make it stronger: “@GTownHigh1996@”

Both are rated 100% by the Password Strength Meter @  www.passwordmeter.com/  It has capital letters, special chars, letters and numbers.

To keep all the passwords unique, append the SAME password with the sitename.

Example:

  • GTownHigh1996FBook
  • GTownHigh1996Myspace
  • GTownHigh1996GMail
  • GTownHigh1996Yahoo!

Use a formula like this to create your passwords. You can remember the format, the main content, however if someone ‘hacks’ your Facebook password, they don’t immediately have your Myspace, Gmail, or Yahoo! password.

Of Course, if you don’t want to remember your passwords, but still have them secure, why not give LastPass a try? I have had it for 5+ years, and it’s been a life saver. It has an iPhone and Android app, it’s super encrypted, and can remember all the passwords you forget.

Last Pass

lastpass-logo

Store Passwords in a Secure Vault
All of your passwords and notes are stored safely in a vault. Easy-to-use, searchable, and organized the way you like.
Autofill Every Password
Save passwords as you browse, and LastPass will autofill the login for you next time you sign into that account.
One Account or Many
Have multiple Gmail accounts? 12 WordPress logins? Save unlimited logins for websites, and easily switch between them.
Convenient Access
Get started on any device, free. Your LastPass vault is backed up and synced automatically where you need it.

 

 

 

Ok, so here’s the deal. Most sites now a days make you provide log in information. They usually ask for your email and a password.

If you use the same email on all of them (which you should as a normal user), you often will just provide the same password, just to get an account. Well, what happens when that website is hacked, and now someone has your default email and password? A shit storm, is what. Since you have used that user/password combo on who knows how many sites, you are now vulnerable to all of those sites!

“But Billie, it’s too hard to remember different usernames and passwords for EVERYTHING!”

I totally agree, and that’s why I have five options for you; they all have their merits and downfalls.

1. Use a desktop password manager application:

+ It’s always on your computer
+ It will usually integrate with your browser.
– It is only on that computer
– It may cost $$
– Remote access to it requires pre-planning.

2. Online Password vaults:

+ Most generate random passwords for you
+ Available anywhere you have an internet connection
– If that site is hacked, you could lose the info
– If you lose the master password, you have trouble

3. Mobile Application:

+ Always with you
+ Easy to access
– No copy and paste to the computer
– If the phone is stolen, your passwords are too.

4. Google Docs Spreadsheet:

+ Accessable from any browser
+ HTTPs secured
– It’s online, so the hack risk is still there
– It’s a spreadsheet

5. Print out

+ Lockable
+ Portable
– not editable- steal-able

To give you an idea of my OLD setup: I had 4 main passwords, and then a couple disposable ones for websites that required a one time registration.

This worked well, for a while, but I realized quickly that if ONE site got hacked, then they all could. To prevent cross-site contamination of accounts, I have come up with a simple solution that will let you use any of the systems above, but also give you quick memory to the bulk of your passwords.

For the examples below, We will make the following assumptions:

– – Sites either use a username, account number, or email.

– – Sites have rules about passwords. They need to be more than 6 digits. They need numbers. Some need special characters.

Default Email used: billietest@test.com

Default Username: billietest

Default Username2: billie2010 (in case my first choice is taken)

Now, I had to think of a way I could remember a large number of account passwords without them all being the same. Then it occured to me.

[important]Default Passwords should be something you can easily remember, but something that isn’t dictionary or personal.[/important]

 

 

[warning]

For this example, I will choose a password of  ” TheUnC0la1050″. As you can see, it has capital letters, a ZERO instead of O, and a 4 digit number that is significant to me. It is also 13 chars in length, which makes it hard to guess, or hack.

Now that I have my default usernames and passwords ready, I wanted to make sure that my password was never the same on more than one site. This is where the memory comes in. I know I will remember the usernames, emails, and my common password, so now I can add to it, with a pattern!

[/warning]

As you can see from the above examples, my pattern was to split the domain up by syllables. I took the first part of youtube ‘you’ and then my password, and then the last part ‘tube’ to make a fully unique password that won’t be used on any other site, but that I can remember!

[important]Now, once i have that format, I can put them in my password safe choice, or just keep the pattern somewhere, knowing that I will always have the access I need.[/important]

 

You can check your choice at www.passwordmeter.com/