Remember the hapless chap from last week’s column whose password was “Bob?” After switching to a “real” password (which should never be an actual “word,” anyway) and doing some essential repairs, the bad guys stopped invading his computer. Bob has been happier ever since.
Bob has also been following an essential rule of password security: don’t use the same password for everything. Bob has one password for email, another password for eBay, a different password for his bank account and so on.
Why all this password paranoia, you may ask? When it comes to password security, it’s not paranoia, because the bad guys really are after you; they would love to steal every dime you have. Since you asked, though, the answer is this: if your Facebook password is the same as your credit card password, and the bad guys get your Facebook password, guess what else they have?
Please don’t complain to me about this state of affairs. I don’t make the rules of password security; I simply report them to you. In spite of what you may have been conned into believing by Hollywood movies, foolish computer users and TV commercials, the Internet is not some magical, happy and safe fun-land filled with ponies and rainbows. Ignore computer safety at your own peril. The criminal threat is real and it behooves us all to pay attention and take the best precautions we can.
With that disclaimer out of the way, it’s no joke that the number of different passwords a single computer user may need can be challenging. With Windows login, email, eBay, Paypal, Facebook, instant messaging, Amazon, bank and credit card accounts all needing different passwords, it can be a real hassle to manage so much important information.
Forget about memorizing them all. Perhaps you prefer the old-fashioned way of writing them all down and hiding the piece of paper. That’s a perfectly valid method in my opinion, but maybe you desire a more elegant, high-tech solution. If so, you need a handy little program known as a password manager.
Most password management programs work in the same way, in that you still have to establish (and, hopefully, memorize) at least one strong password or passphrase. This single password is the master key used to unlock all of the different passwords needed to login to various websites and services. It can take some time to setup a password management program, but once it’s done, you only have one password to mess with.
KeePass (http://keepass.info) and Password Safe (http://passwordsafe.sourceforge.net) are two of the more popular free password managers out there. Keep in mind the rules of strong passwords when inventing your master password: a gobbledegook mixture of ten or more upper and lower-case letters, numbers and special characters (!@#$%^&*, etc.) is the way to go. Follow the rules and you may find that a password manager is a good fit for you.