Mar 26, 2011

Tips for good password management for people with bad memory

I bet I'm not the only one who is strucling with passwords with all different services in the internet and work life. Then in addition I have always had a bit hard to remember details on many things, like names and dates et cetera. I've read and heard many different ways to handle passwords, but I wanted to give my tips, if you are equiped with similar memory that I am.

Password management is easy if you don't care about privacy. You can use same or similar passwords for all services. Or just change a number in your password everytime you have to. Those area really not that secure. In some point for sure, one of the services you have created account, will be hacked. I want to prepared so that everything I have ever been signed to can't be used when one of my passwords will leak.

So here's my tips:
  1. Combine important dates, people and places for your passwords
  2. Have separate password for email
  3. Use different levels of passwords for services
Tip 1 Combine important dates, people and places for your passwords: I use passwords as way to remember also other important things. As an example I could combine my car's license plate number with car model. So if car would be Skoda Octavia and license plate ABC-789, then I could have password SkOcABC789. It wouldn't be easy to hack, but it would be easy for me to remember. Here's an other example, if I would have been in Barcelona in 2006 with my friends John and Jack, password would be JoJa06Barc. You can actually make up these quite easily. Things I have used have been parts of social security numbers of my family, important dates like birthdays, trips, addresses and many more. I find this system quite useful

Tip 2 Have separate password for email: Email is your most important account because, that's the way to recover passwords. If someone would hack you email, it would be really easy to get almost all passwords you have in any services, just by searching from email your account confirmation mails and then with service say that you have forgotten your password. Then you will get new password to email and your account is hacked. This is why I see email account being the most important one and that password I never use in any other services. 

Tip 3 Use different levels of passwords for services: I see this as one of the best ways to make sure that I don't lose it all, when someone gets a password of mine from one of the not that well secured services. So I have basically 4 levels of passwords:
  • 1st level are the most important ones like emails and work passwords. Those I keep unique. So I have 3-5 unique passwords for this level. 
  • Level 2 is the services I use really often like some of the social media's. And I use that password for only the couple main services and nothing else.
  • Level 3 are the ones I do use randomly, but those are not in everyday use. 
  • Then level 4 are all the services you create account without knowing if I'm ever going to use those again, but those require password to be able to even try. 
I've seen this 4 level password management to work for me, but it would work with anything from 2-6 levels depending on your ways to group applications and services you use.

This system has worked really well for me. It makes me feel safe with tens, even hundreds of services I've used and tried. I've always liked to try all things there are available in the web, but still I care about my privacy. This works for me and if you got some tips to take with you, it would be nice. Password management is really hard, but it remains really important before other ways to identify users become popular.  

Written by +Henri Hämäläinen

No comments:

Post a Comment

Word is free, please leave your comment here: