Ned Pelger's blog on construction, design and other weirdness. Email him at ned@constructionknowledge.net
Please help him win his readership competition against his son Lex at the Construction Phone Apps Blog
CONSTRUCTION KNOWLEDGE BLOG
August 17, 2011
more on passwords
In a followup to my old man’s post about passwords, I’d like to share two of my favorite password tricks:
LastPass:
LastPass website
This is a handy little application that installs directly to your web browser in a minute or two. It stores any passwords that you tell it to and can even automatically sign into sites. It’s very handy for your less important websites like Facebook, shopping sites, Netflix and other places that no one would particularly care to hack anyway. I need a lot of accounts for our construction phone app development and I like not having to remember user names or passwords. LastPass fills it all in for me.
This is only to be used on a computer that you consider to be secure and has a password because once somebody is on it, they can log into any sites that you have saved. So even though I keep my computer locked up tight, I memorize my Gmail and bank passwords because they’re just too important to trust to anybody else.
How to create & remember easy passwords:
By looking at the XKCD cartoon from two posts ago (by the way, XKCD is the best and dorkiest comic on the web), you learn that a series of four words is better than a jumble of letters. The easiest way to remember all your passwords is to write them all down in one place right at your desk so you can glance at it when needed. But of course that breaks the first rules of computer security.
Unless you create a code. And who doesn’t take a childlike delight in creating codes that only you know?
So here’s my trick: Create a series of word associations that signify the real word to you. For instance, on the password sheet at your desk, you write:
color vehicle flower love
But you know that really means:
red boat rose sarah
For every new site, change the order of the words so you don’t have the same password for any one site. It often happens that a hacker figures out a password from a data breach somewhere on the web and then can apply it to your other accounts if you reuse passwords.
Some passwords require letters to be capitalized so make sure to write them correctly on your sheet: ie (Flower love Vehicle color). If numbers are required, you could write them just as they are or for an added measure of security, always write the number 1 higher or lower than the real number.
I recently went through and increased my password security for all my important sites and I encourage you to do the same. Especially if you have a bunch of similar passwords that you have never changed. But if you only do this for one site, do it for your email. If someone gets into that, they can reset the passwords for every other site – then hijack your digital life for sending spam, draining bank accounts or sending fake proposals of marriage to ex-girlfriends (true story, don’t ask).