I just finished registering some new tools this morning, and like nearly everything these days the company asked me to set up a logon for their site. I now have 603 logons (more or less) for different sites. I suspect most of us have many, perhaps not that many.
I was asked for a password. I thought it might be useful to people to know how I manage this. First of all, I have a few rules:
- I try not to reuse passwords on different sites. We see so many examples of sites being compromised, I want to eliminate the risk of say my power tool company being hacked and giving up a password for my Internet Banking.
- I use complex passwords, usually 16 characters including upper and lower case letters, numbers, and special characters. I get these randomly generated so there is no pattern to guess.
- I don’t write the passwords down anywhere someone might easily access them.
So how do I manage 600 or so passwords? I use 1Password. There are a number of tools like this, this one has a family plan that lets five family members share a subscription. 1Password runs on computers, tablets and phones, which means you always have your (encrypted) passwords and other key personal details with you. I have a recovery code printed in my safe at home, which also means that my estate could access all my information when that is necessary.
The best thing about 1Password is that it can automatically fill in a logon form on a web site, so you don’t need to remember those hundreds of passwords, and you can even use biometrics (like fingerprint) to open 1Password.
I really recommend using this process to minimize your risks of being hacked.