After our nice password reset, I thought it was time to cover some of the basics of password creation and usage.
Important password tips:
- Never write them down
- Do not use family/pet names or other identifiable information
- NEVER USE THE SAME PASSWORD ON MORE THAN ONE SITE/SERVICE
Creating a secure password
Just like shot put or long jump, the longer the password, the more secure. However, some sites freak out with passwords that are too long, so we need to come up with a happy medium. I like to use the site UseAPassphrase.com:
It would be great to be able to use a password like imposing erasure joystick moisture
as is, but too many sites require special characters, capitals, and numbers. To help satisfy these requirements, I take two or three words from UseAPassphrase.com, capitalize the words, and add a special character or number. You don’t (and shouldn’t) use the passphrase as is. Generate a couple of new passphrases and pick and choose some words.
For my example, I’m settling on value hamster joystick
(which also doubles as a band name). To satisfy password requirements, I will capitalize each word, separate them by hyphens, and add a number to the end. My final secure password is Value-Hamster-Joystick6
. Easy to remember, easy to type.
My password would take 19 septillion years to crack. Compare that to a password that looks secure, 6*9K$TE2U9CS^wg
:
Neither passwords are going to be cracked anytime soon, but which one would you rather have to use?
Storing your passwords
The easiest way to get started with a password manager is to let Google Chrome store them for you.
DO NOT STORE PASSWORDS ON SHARED COMPUTERS OR WHEN YOU ARE NOT SIGNED IN TO CHROME. ANYONE THAT HAS ACCESS TO YOUR COMPUTER MAY BE ABLE TO ACCESS YOUR PASSWORDS!!
Go to the three dot menu in the upper right and select Settings:
Select Passwords:
And check that Google offers to save passwords and auto sign-in are turned on:
Now, when you use a password, Chrome will offer to save the password:
And when you re-visit the site, Chrome will fill in your username and password after you click on the Username field:
If you want to look up a password, you can visit passwords.google.com on the web to examine your passwords or to export them to use with another service. You can also delete old passwords or non-working passwords.