How to Manage Your Passwords

Guide Note

With all of the online memberships and e-mail accounts you need to log into, how can you keep track of all the different passwords? This page will give you tips and tricks on How to Manage Your Passwords.

Table of Contents

• Introduction: How to Manage Your Passwords
• Remembering Passwords Yourself
• Managing Passwords on your Browser
• Password Management Software
• So What is the Best Method?

Introduction

• If you surf the web regularly, chances are you have more online accounts and memberships than you can keep track of. Even beyond the 'net, plenty of other applications require logins these days. With every account comes a required username and password that you must remember, and when you have to unlock your computer, sign in to your e-mail account, and log on to Facebook, trying to manage all those passwords can be a cumbersome task. Fear not: there are methods to avoid clicking the "Forgot your password?" link every time you want to check your MySpace comments.

• There are essentially three basic methods to managing your passwords: remembering them yourself, managing them with your web browser, and using password management software.

Choosing a Password

• No matter what method you end up using to manage your passwords, the first concept you should be familiar with is how to choose a good one.

1. Use combinations of letters, numbers, and (when applicable) special characters.
2. Mix upper case and lower case when passwords are case-sensitive.
3. Keep them to about 8 characters on average.
4. Don't use regular words or phrases. The more straightforward the password, the easier it will be to hack.
5. Don't use numbers associated with your identity (such as birthdays, phone numbers, social security).

Remembering Passwords Yourself

Re-using the Same Password

• From bank accounts to social bookmarking, trying to memorize all of your passwords can make your head spin. Instead of attempting the impossible, many people just use the same password for every account they have. Unfortunately, besides the fact that password guidelines and restrictions are different for every website, using a single password is not a safe habit no matter how obscure it may be. If someone finds out what it is, they instantly have access to every bit of your personal information they could ever want to get.

• This is not a recommended method for password management. Using an identical (or similar) username for every site, however, is a much less dangerous proposition.

Writing Your Passwords Down

Don't keep passwords in your little black book (photo by Lavinia Martin)

• Some people resort to a sort of "password address book" where they write down usernames and passwords in a notebook as a reference. Unfortunately, this is a similarly insecure habit because of the possibility of someone getting their hands on it, particularly if you are keeping it around the office. If you decide to write them down, keep your password book in a locked drawer or someplace safe!

Develop a Password System

• The best way to try to memorize each password is by developing a system that allows you to generate a different memorable password for each site or application. Lifehacker has a great post on choosing and remembering great passwords. By using a combination of a base password, numbers, special characters, and elements from the names of the sites themselves, you can create passwords that are different for every account that you can remember without any outside help.

PROS

1. Remember passwords at any time on any computer.
2. Generate different passwords for every site or application.
3. No hard copies of passwords means no one can find them.

CONS

1. If you forget your passwords/password formula, you are out of luck.
2. If a dedicated hacker discovers your formula or method, they can access all of your information.
3. Changing passwords can become a difficult task.
4. Constantly re-typing passwords can become tedious and time-consuming.

Managing Passwords on your Browser

Firefox security preferences allow you to remember passwords (photo by Mahalo)

• For many people, the vast majority of the passwords we use are for websites. One of the simplest ways to manage your online passwords is through your web browser. Most popular browsers (Firefox, Internet Explorer, Safari, and Opera) have password saving capabilities. Usually they are as simple as typing in your information once, then clicking "yes" when asked if you would like the browser to remember them.

PROS

1. Quick and easy access to passwords and user names without having to constantly re-type.
2. Often have the option of a single "master password" for all sites.
3. Manage your passwords easily in the browser's preferences.
4. Select completely different passwords for each site.

CONS

1. Limited to online passwords.
2. Limited to only your personal computer(s) for security reasons.
3. Anyone with access to your computer could potentially log in to your accounts.
4. If your cache is cleared, you can lose your password information.

Password Management Software

Don't let passwords give you a headache (photo by Daniel Szwalkiewicz)

• If you need to remember passwords for more than just the internet, or you desire an added level of security, it may be time to use password management software. These applications are more versatile than web browsers and often come pre-installed on your computer (such as Apple's Keychain).

• There are many other options for password managing applications, however. Find some examples in the resources section of this page. Because there are so many, it's a good idea to try a few out to see which fits best for you.

PROS

1. Save passwords for any website, document, or application.
2. Use a single "master password" to access all of your info.
3. Quick and easy access to passwords and user names without having to constantly re-type.
4. Use a variety of unrelated passwords for different sites and applications.
5. Change your passwords often without worry.
6. Often more secure than using a web browser.

CONS

1. Limited to only your personal computer(s) for security reasons.
2. If your computer crashes or data is lost, unmemorized passwords will be lost as well.

So What is the Best Method?

• The best way to manage passwords will depend on your situation, but the ideal strategy would be a combination of what we have already discussed.

1. Use a method of generating and memorizing passwords for sites that you will be using often (from home and on other computers).
2. Increase the variety and obscurity of passwords for the less important accounts.
3. Use software to organize both the commonly-used passwords in addition to those for lesser-used accounts.
4. Change passwords often, especially any "master passwords" you may be using.
   • (They should be changed about once a month for maximum security results.)
5. Be safe and careful with your passwords and other sensitive information!

Resources for How to Manage Your Passwords

• Lifehacker: Geek to Live: Choose (and remember) great passwords (July 5, 2006)
• Lifehacker: Keep Your Passwords Safe (October 10, 2007)
• PC Magazine: Manage Your Passwords (December 19, 2000)
• Quamut: How to Set Strong Passwords
• eHow.com: How to Remember Any Number of Passwords
• eHow.com: How to Choose a Safe Password
• eHow.com: How to Keep your Passwords Safe...
• About.com: Manage Passwords Safely--and Simply  

Password Management Software

• Download.com: Password Management Software 
• Wikipedia: Keychain (Mac OS)
• Chapura: TurboPasswords
• PC Magazine: Norton Confidential Review (August 4, 2006)
• CP Lab: Password Manager XP
• KeePass
• RoboForm