There’s a lot of advice out there about passwords – how to generate them, store them, manage them. It’s certainly important to get a grip on your passwords – especially after Heartbleed, possibly the greatest vulnerability in Internet history.
But for many of us (myself included), the idea of managing ALL those passwords is overwhelming. I have accounts that I can’t even remember. We recently did a little survey in social media (thanks to those of you who participated!) and 58% of you have over 20 password-protected online accounts, or simply too many to keep track of.
Getting all those passwords in order – setting a unique, strong password for each individual account – might seem a little like starting a new healthy diet and exercise regimen – you know you should do it, but you just don’t. So we asked Sean Sullivan, our Security Advisor here at F-Secure, for some advice. Sean boiled it down into this simple tip (no, it's not the one above in the photo!):
Identify the critical accounts to protect, and then make sure the passwords for those accounts are unique and strong.
Sean’s advice takes into account the fact that many of us have accounts for services where little personal information is stored.
“If you created an account for some website and there’s hardly anything more in there than your username and password, then that’s probably not a critical account,” he says. “But your Amazon account with your credit card info, your bank account, your primary email accounts, the Facebook account with your life story, these are examples of the critical ones. If you don’t have time or inclination to tackle everything, at least take care of those.”
Another example of a critical account is an email account that is used as the point of contact for password resets on other accounts. For these “master key” accounts, it’s also a good idea to activate two-factor authentication if available.
By unique, Sean means that your password shouldn't be used for any other accounts. By strong, he means use a combination of letters, numbers and special characters and the longer the better.
Oh, and about that survey. Here are some more of the results:
43% of you reported using the same password for more than one important account.
40% of you use a password manager to keep track of your passwords.
57% of you changed passwords after hearing about Heartbleed (and 11% hadn't heard of Heartbleed).
If you want an easy way to create unique, strong passwords and protect them too, check out F-Secure Key. It’s free to use on any one computer or mobile device.
Image courtesy of Lulu Hoeller, flickr.com