Password Safety
If you've been on the internet for any length of time, you've
collected about a zillion accounts and their associated
passwords. Personally, I have over 500 different active accounts
all over the web and probably a thousand more inactive or unused
accounts.
Most people don't have anywhere near that number, but I'll bet
you have at least a couple of dozen. Let's see, you've probably
got an account at your bank's website, a few credit cards,
egroups, perhaps a few webrings, your ISP, email, hotmail,
perhaps AOL, and a few others that you don't use as often.
If you are like most people, you cannot even come close to
remembering it all. In fact, a lot of people simply create the
same account name and password everywhere ... and that's
extremely dangerous.
Let's say a hacker figures out your AOL account and password. If
every other account that you own has the same username and
password ... well, you get the idea. Now all he has to do is
figure out where you have accounts ... but he could just try it
at a number of say, banking sites or credit card sites, and
perhaps he will get lucky. You may make it even easier for him
by mentioning your sites in your AOL emails or on your web site.
So how do you protect yourself? First, make sure your passwords
are all different. Don't use the same password on all of your
accounts ... and try and use a few different usernames if you
can.
Next, be sure and choose some password that are not so easy to
guess. Avoid names (husband, wife, kids, cats and so on), social
security and phone numbers, addresses and anything else that
someone could figure out if they knew anything about you.
Also avoid some common words. Did you know that the most common
password is simply "password". "God" is also common, especially
amoung system managers. Avoid common words such as these.
All right! Now you've got all of your 30 or so accounts set up
with different account names and different difficult-to-guess
passwords. How are you going to remember them all?
Rule number one is be prepared for disaster. Write down all of
your usernames and passwords in a notebook (yes, on paper). No,
really. You need to do this because computers sometimes die, and
when they do it's at the worst possible time. You may not even
have a backup, and if you loose all of your passwords you could
lose a lot.
Keep this notebook safe, perhaps locked in a drawer. It's
probably a good idea to keep a copy in your safe deposit box -
so someone can get to your accounts after you die, perhaps, or
if you are in the hospital or something else happens.
Now keep a computer record also, which you will maintain more
up-to-date. I like using a program called Password Tracker,
although you could just as easily use Excel or even notepad. The
idea is to record all of your account information as you create
or change it. Password Tracker is great because it also gives
you tools to enter the data for you.
A product to avoid is Gator (I use both Password Tracker). This
program is handy for saving passwords and filling in forms, but
it is spyware and transmits details of your surfing habits to a
corporate database.
Be sure and keep backups of the Password Tracker database ...
believe me, you don't want to lose this information if you can
avoid it.
By the way, I've learned to avoid the automatic account and
password features of Internet Explorer. Why? Because there is no
way to save, print out or get to the information. Thus, if the
computer dies I lose my passwords with no way to recover. I
don't use Netscape much, but I would guess the same thing
applies.
To conclude, use different account names and passwords for your
various web sites. Record them on paper and store that somewhere
safe. In addition, you can use programs link Excel, Gator and
Password Tracker to save all of this information for you.
Finally, and very importantly, be very prepared for disaster.