I always wanted to be a spy! It seemed like fun. You’d meet a shadowy figure at night. “The cumquats are ripe this year,” they would say. “Yes,” I would respond, “Jackie Onassis would approve.” We each had the right password, and we could do our Sneaky Spy Stuff. When you only have to remember the names of obscure fruits for a single shadowy encounter, passwords are great.
How to Remember Your Passwords
Unfortunately, now that we have the Interwebs, we have dozens of encounters, shadowy and not, and every single one of them wants a password. For some sites, like my bank, that makes sense. But we even need to set up accounts and passwords for free sites so they can “capture our information” before letting us read their content. We’re buried! How do we keep track of all those passwords?
Remember Your Passwords By Using Password Vaults
The white knight that comes to our rescue is a piece of software called a password vault. Password vaults let you store all your passwords in one place, encrypted so no one can access them. (That means they’re in a secret code that only you can read.) All you do is enter your master password and you have access to all your other passwords. Not even demons from another dimension can get your passwords, unless that dimension includes way more computing power than our own.
Since your passwords will be with you for a while, you want to use a tool that will last a long time. It must be simple and accessible.
Which Password Vaults Should You Use?
I like 1Password. It’s available for the Mac and the PC. It’s really pretty and plugs into web browsers, so you can fill in your login in a web form with a single click. Your 1Password database can be read on any machine with a web browser. It also imports from just about every other password vault out there. There’s also an iPhone, iPad, and iPod touch version, so you can access your data from many places, being confident it’ll work over the long haul.
I also like SplashID from Splashdata. It’s a password vault that runs on Blackberry, Palm, Android, Windows mobile, iPhone, iPod, etc. It’s available on more platforms than 1Password but doesn’t integrate with your browser and isn’t as nice to use.
Web-Based Password Vaults
Web-based vaults also exist. Use these with caution. They also store all your private data, like the secret combination to your Doomsday Device. They say your data is secure, but then, so do banks, and we know how that turned out. Furthermore, if the web service ever goes out of business, you just lost all your passwords. (Bad for you, but possibly good for the world, if you really do have a Doomsday Device.) I like Mobile Password Safe at this link/a>. They claim your data gets encrypted in your browser before it’s ever sent to their servers. If what they say is true, that’s about as safe as it’s possible to get.
Make Your Master Password Really Hard to Guess
The problem with a password vault is that if your evil nemesis gets the password to your vault, that’s all they need to have all your passwords. So make your master password really hard to guess.
Use upper and lower case characters and digits. Plus, the longer the better. This is one case where length matters. My friend Ellen used a whole sentence that was half French and half German as her master password, replacing every letter E with the number 4. I couldn’t possible duplicate the actual password, but the English translation was something like, “If you can read this, you have way too much free time.”
Bernice’s password is 29 characters. They’re the first letters the marriage vow she has helpfully prepared, just in case. “ILAYAMSMAPALAYLTMCASYDALAWBTG” “I lovingly accept you as my soul mate and partner, as long as you listen to me carefully and say ‘Yes Dear’ a lot. As witnessed by the Goddess.” It makes a great password, but she is still single. Draw your own conclusions.
Develop a Way to Generate Passwords
If you don’t like the thought of all your passwords in one place—however safely guarded by your marriage vows—you can come up with a way to create passwords so you can re-create the password when you need it. For example, for a productivity website called GetItDoneGuy, you might construct a sentence like “Get-It-Done is about productivity.” Then use every other letter as your password: Gttoesbupoutvt. To make it a little more secure, replace the first “o” by the number “0” for a final password: Gtt0esbupoutvt.
Just make sure you remember how you generate the passwords, so you come up with the same one each time you visit the site.
I combine these techniques. I generate different passwords for each site, then record them in a password vault that’s protected with a really long password. If I can’t regenerate a password from scratch for some reason, I look it up.
Include Your Password Details with Important Papers
Whichever scheme you use, include the details with your will and estate papers. Much of our lives requires password access. If you’re hit by a car or standing beneath a dirigible when it explodes, your family may need your password-protected information. Write down your master password, how to access your password vault, and how to generate passwords that aren’t in your vault. Keep that paper in your lawyer’s will vault. If your lawyer doesn’t have a physically secure vault, trade him or her in for one who does.
On July 13, I’ll be giving away 3 copies of 1Password courtesy of Agile Web Solutions. I’ll choose the winners from everyone who’s part of my Facebook page, so connect to me at this link.
Stay Safe!
Work Less, Do More, and have a Great Life!