Password security is something that is obviously important, yet I'm surprised that even though this is common knowledge, a lot of people don't take enough precautions when it comes to protecting their passwords. In this post I'm hoping to provide some tips that will make it easier to protect your important passwords.
Everyone knows the common places to find passwords; under the keyboard, on a Post-It stuck to the monitor, under the desk blotter, in the desk drawer, and my personal favorite, the list of passwords taped to the front of the laptop (I mean, really, what's the point of putting a password on your laptop if you're going to tape it to the front of it?)
The same people who have "ASK FOR ID" emblazoned on the back of their credit card and who would never even consider writing their ATM pin number on the back of their ATM card don't seem to hesitate a moment when it comes to keeping a list of passwords in their wallet.
My first piece of advice is to come up with one password that is a combination of numbers, letters, and symbols that is next to impossible to guess. Even better, come up with a "passphrase", a passage from a book, an obscure quote, or any phrase that is longer than the traditional password. Passwords and passphrases should be as obscure as possible in general, and if you can come up with one really good password/phrase that you are sure to remember, then you can secure the rest of your passwords easily.
What you need to do is set up an encrypted password database application, if you're a Mac user you already have one (the Keychain) and all that you need to do is set up your password/passphrase on your Mac, open the Keychain, and use the "Secure Notes" section to track your passwords. If you have a PC, you can download several applications that will encrypt files. The one I recommend is Oubliette (the project is no more, but the program is still there for download). Simply install the program and create a new file that is encrypted with your password/phrase. Store all your passwords in this file and you don't have to worry about either losing them or having prying eyes obtain them.
Most modern cell phones also come with a "password keeper" application that stores your passwords in an encrypted database, while this can be convenient, unless you have a tried and true method to back up your cell phone and restore this database if the phone is lost, it's probably not the best place to keep your passwords.
By keeping your passwords in an encrypted file you have the convenience of having them handy and all in one place without the possibility that anyone who wanders into your office can read them off your desk.
About Me
- Jonathan Watts
- Los Angeles, CA, United States
- I have over 15 years of professional experience in the I.T. field, working with individuals and small to mid-size businesses. I've received a certificate in Project Management from UCLA, and I am a member of PMI. I have expertise in Active Directory, Open Directory, VMWare, Windows, Mac OSX, *nix, Exchange, IIS, Cisco, Forefront TMG, MARS, ACS, CSA, EMC, NetApp, and Websense. I've worked in all aspects of I.T., from end-user support to engineering and design.
Subscribe
Posts
Comments