Passwords. How to make them do their job

Remember when you didn’t have to remember passwords? Those easy, carefree days?

Sadly, they are long gone – and you need a password for just about everything. Are you one of those people who picks their name as their password, maybe changing a letter to a number? Or do you use a combination of your kids’ names and birthdays or ages? Probably best to answer that quietly in your head …

You’re not alone – in fact in 2013 a group compiled a list of millions of stolen passwords from around the world and published the top 100 passwords used. 123456 was ranked Number 1¹. It comes as no surprise that websites are now starting to prevent you from using 123456 or other strings of text like the word ‘password’!

So how does one pick the perfect password? Read on, and find out …

Spring clean your passwords

One day passwords will be in the past – as fingerprint technology gets smarter and our screens become savvier. Until that day, you need to get your passwords in order. We know, it sounds about as thrilling as organising your sock drawer.

First things first: if you have one password, this has got to change. Seriously, it’s a bad idea, and you’re pretty much asking for your data to be stolen. Consider Julie’s story. We have made her up, but her story is as real – and as common – as it gets.

Julie’s tale for one-password wonders

If we met Julie, she would probably say something like this.

“For as long as I can remember, my password for everything had been the same: my surname and my year of birth – Crawford1965,” because our fictional friend is based on password users across the world. “I thought because it had a capital letter and some numbers that I was fine … until the day I realised my bank account was depleting faster than normal.”

Julie had been hacked. Cyber criminals recognised a weakness in her browser software, and seeing she had saved passwords in the keychain tried to apply them to her bank’s website, with success.

“If I had had a different password for banking compared to other websites, I would have been okay, probably,” she is likely to say. “My issue was that by saving the password in the keychain, the hackers tried to apply it to every website I had ever been to, and obviously, it worked.” Lesson learned, thanks pseudo-Julie - with a story that mirrors so many real-life experiences.

Get smart

So let’s get smart about passwords. There are a few ways to get savvier about password protection, and a few ways that are best avoided. Let’s discuss …

Web-based/Mobile app-based password managers
Make no mistake, these managers are useful. You get to pick one master password, and then the application or website stores the rest securely for you. It’s as simple and as difficult as that, because you have to a) make sure every other password is different, and b) pick a cracking master password that no one can guess. No pets' names or surnames. Certainly no birthdays or first names. Get creative and get organised! This is probably our favourite method – but try to save the information to your device instead of uploading it online.

Saving your logins in the browser
Also called a ‘keychain’ on your computer, many web browsers prompt you to let them fill out the information for you, saving you about 30 seconds of time. If those 30 seconds are really that important to you, go for it – but if you can spare those seconds, save your security! The take-home message is that these keychains aren’t worth it: if your computer is hacked, all your security is gone … and will take a lot longer than half a minute to retrieve.

Local (desktop) password managers
Yep, a great idea if you only use one computer or laptop. Not so handy if your work or personal data is spread across myriad devices. If you prefer to do your banking/shopping/networking from one base computer, then this can work for you. But, if you have an iPad/pod/phone plus a desktop, plus a laptop, plus a kindle … this method will just annoy you.

Get smart about your passwords. While it seems unlikely cyber crime could happen to you, suddenly you’re a victim … and that’s when the real difficulties begin.