This is a question we get a lot and it revolves around a few issues:
- There’s a growing realization (which is absolutely correct) that using the same password on multiple sites is inviting disaster – because if one site is compromised, the hackers will use that info against every popular site (email, social media, financial, and medical) they can find.
- The post-its/notes/notebook approach is inherently flawed and if those notes are lost/accessed by someone else – it’s game-over.
- The complexity of passwords along with the head-space to remember them can be a real pain.
The password management solutions:
- The low-tech approach – because you don’t want/like to use the better high-tech approach. This method uses a “root” password and then makes it unique for each site. Here’s how it works:
- Create a “root” password. That is based on something personal, like a hobby, favorite sports team, or favorite place (try to avoid names of family or pets) and add a word about that subject. For example, if you love to cook – HappyCooking (notice the mixed case). Now add some punctuation and a number, like this: HappyCooking!2
- You now have your “root”, now come up with a scheme for “tuning” is per site – like adding the first and last letter of the site, here are a few examples:
- Amazon: HappyCooking!2AN
- Citibank: HappyCooking!2CK
- Walmart: HappyCooking!2WT
- If you run into a site that doesn’t like the punctuation character, establish a go to replacement – like a “1” for “!”, “2” for “@”, etc.
- Now you have a system that is easy to remember and dramatically reduces your risk!
- The better approach – use a password manager, which can auto-generate passwords.
- My two favorites are: LastPass and DashLane - both great products - LastPass has the large market share and is constantly being tested by security professionals to make sure it’s really secure.
- Both offer availability on multiple platforms (Windows, Mac, IOS, android) – so you’ll have what you need with you at all times.
- Both offer business versions (Lastpass for Business and Dashlane for Business) which let you manage employees/staff easily. You can also share access to sites with and between employees without actually giving them the password.
- One BIG unexpected bonus with using a password manager – your productivity will go up because they auto-logon to sites for you. It’s amazing how much time is lost dealing with logons every day.
- Both solutions offer two-factor authentication – please use it.
This is a constantly evolving challenge. Please feel free to reach out for more info or any feedback and we’ll help/update as needed.
Bill Hogan is the Owner and President of Partners Plus. He has over 37 years of experience in the tech industry, specifically IT network consulting for small and medium-sized businesses. Bill has spoken at seminars all over the country and published his latest book in 2018. Partners Plus has been selected by PHL17 as the best Computer and IT Support Company in the greater Philadelphia area.