Be careful with your passwords
We have myriad passwords to remember these days. Many people solve this by using the same or similar ones for many web sites, applications and whatnot. The problem with that approach is that if someone sees one of them you're at risk of them accessing things you don't want them to; like to your email, for instance.
The most dangerous thing for passwords is systems that store them as plain text. That means they are saved just as they are. If your password is "lemonjelly" somewhere in a database is the word "lemonjelly". Now imagine someone finds that out. If that is your password for a chat or game site and your email, it might be revealed to someone you'd rather it wasn't. And most game and chat sites also store your email address. So now they know your email and a password you use.
What they might do is try your game/chat password on your email site (say you use Hotmail, for instance). Would you be happy with the contents of your email account being viewed by this intruder?
Start each password with the same string of characters (let's say "c33p")
End each password with another string of characters (let's say "9nng9")
Put something in the middle that's easy to remember.
Use these examples, you might have
Using good passwords is especially important when you know a site is saving your details in plain text. You will know this for certain if you forget your password: if they send you a reminder of what it actually is, they've stored it in plain text. If they send you a new password they might have stored it in plain text anyway, but it's less likely.
But consider using KeePass or something similar to generate and store really hard password for you. It might be annoying to start with (having to copy and paste it in every time) but the peace of mind from knowing you have done a pretty good job of protecting your data is the pay back.
Oh, and don't let FireFox or IE store your password. That's asking for trouble...
The most dangerous thing for passwords is systems that store them as plain text. That means they are saved just as they are. If your password is "lemonjelly" somewhere in a database is the word "lemonjelly". Now imagine someone finds that out. If that is your password for a chat or game site and your email, it might be revealed to someone you'd rather it wasn't. And most game and chat sites also store your email address. So now they know your email and a password you use.
What they might do is try your game/chat password on your email site (say you use Hotmail, for instance). Would you be happy with the contents of your email account being viewed by this intruder?
What you should do
First, use different passwords on different things. Second, use something like KeePass to store your passwords safely. If you can't be bothered with the second option (KeePass is free, secure and easy to use), and you can't remember lots of very different passwords, try this method:Start each password with the same string of characters (let's say "c33p")
End each password with another string of characters (let's say "9nng9")
Put something in the middle that's easy to remember.
Use these examples, you might have
- c33pmail9nng9 - for Hotmail
- c33pdate9nng9 - for a dating site
- c33pgoogle9nng9 - for your Google account
Using good passwords is especially important when you know a site is saving your details in plain text. You will know this for certain if you forget your password: if they send you a reminder of what it actually is, they've stored it in plain text. If they send you a new password they might have stored it in plain text anyway, but it's less likely.
But consider using KeePass or something similar to generate and store really hard password for you. It might be annoying to start with (having to copy and paste it in every time) but the peace of mind from knowing you have done a pretty good job of protecting your data is the pay back.
Oh, and don't let FireFox or IE store your password. That's asking for trouble...
Leave a comment