Password safety is crucial when it comes to protecting your data and personal information. Creating unique passwords is good for security, but can keeping track of your passwords particularly difficult.
Do any of the following apply to you?
- Your passwords include dictionary words such as "password" or "secret"
- You use the same password for multiple accounts
- Your passwords are written down on a post-it note stuck to your monitor or desk
There are a number of ways to have your computer remember your passwords, but most of them are not secure! Follow our guidelines below for managing your passwords.
- Creating passwords
- Password management programs
- Using Keychain in Mac OSX
- Creating your own encrypted archive
Passwords you create should be a minimum of 8 characters in length and contain a combination of uppercase & lowercase letters, numbers, and special characters, and not be a word in the English dictionary. The more characters you use and the more variety of character types, the stronger your password will be. One simple and effective technique is to use a combination of a word and some random characters.
To protect your personal information, create a different password for each account you use--computer login, email, network services, financial institutions, etc.
Avoid writing down passwords or checking the "remember my password" button with programs. It can be difficult to remember various passwords, so you may find it helpful to use a password management program.
Password Management Programs
Your password management program should offer powerful encryption, as well as convenience of use. Keychain is built-in to Mac OS making it easy to use. Refer to our Keychain guidelines below for making it more secure. Password Wallet by Selznick Software is another option for Macintosh users. For Windows users an option is Password Safe. Another secure, open-source, cross-platform option is Password Gorilla.
Keychain is Apple's password management system built-in to Mac OS. It can keep track of your passwords to web sites, applications, servers, etc. and will automatically provide the password when you need it, without you having to type it. The default security settings for Keychain provide weak protection so we recommend you do the following:
Add Keychain to your menu bar
Keychain can be added to your menu bar, which makes it easier to access and see when your keychain is unlocked.
- In Finder, go to the Go menu, select Utilities and click on Keychain Access.
- From the Keychain Access menu, select Preferences.
- On the General tab, check the box labeled "Show Status in Menu Bar".
- A padlock icon is now added to your menu bar.
Make Keychain more secure
After login, your default keychain is automatically unlocked. To make it more secure, it's best to set your keychain to lock after a specific amount of time.
- Click on the padlock icon in your menu bar and select Open Keychain Access.
- From the Edit menu, select Change Settings for Keychain "login".
- Check the box labeled "Lock after 5 minutes of inactivity". Specify 5 minutes, if it's not already set.
- Click the Save button.
Creating your own encrypted archive
An alternative to password management software is to create a simple plain text document that contains your passwords, but then encrypt that file so it is secure. On a Mac, you can create your own encrypted archive of files, by following our simple directions.
For Windows users we recommend BCArchive, a free program that creates encrypted archives. Follow our guide on how to use it.
If you have any questions about password management, please contact CUS.