Password safety is crucial when it comes to protecting your data and personal information. Creating unique passwords is good for security, but can keeping track of your passwords particularly difficult.
Do any of the following apply to you?
- Your passwords include dictionary words such as "password" or "secret", or sequential numbers like "123"
- You use the same password for multiple accounts
- Your passwords are written down on a post-it note stuck to your monitor or desk
There are a number of ways to have your computer remember your passwords, but many are not secure! Below are some guidelines for creating and managing your passwords and passphrases.
Note: User account passwords are pointless if your computer automatically logins or you leave your computer logged in and unattended. To protect your data, disable auto-login and password protect your screen saver.
Creating Passwords and Passphrases
We recommend that passwords (and passphrases) you create be a minimum of 12 characters in length, and not be a single dictionary word. Never use your name, the name of a loved one, or significant dates in your password. The more characters you use, the better. Some Reed systems will necessarily have differing requirements - including lower & uppercase letters, numbers, and/or special characters.
Avoid the temptation to reuse passwords. Should a password be compromised on one system, you would instantly be vulnerable on every system where that password is in use. Strive to create a different password for each account you use--computer login, email, network services, financial institutions, etc.
It is nigh impossible to remember a different password for scores of online accounts. It is best to let trusted password management software create and securly store passwords for you.
In cases where you need a password that is both secure and memorable, let your password manager build a passphrase out of random words. For example, a randomly generated password such as correct-horse-battery-staple is both secure and memorable. (Do not use "correct-horse-battery-staple" as your actual password, as this particular example is widespread across the Internet.)
Password Management Programs
Your password management program should offer powerful encryption, as well as convenience of use. Most programs can help you generate strong, separate passwords for each service you need to log into, as well as browser extension for web accounts. There are a number of different password management programs out there; one that we recommend that is cross-platform is 1Password.
Web Browsers and Passwords
Most web browsers offer to save your passwords for you as you type them... some do so securely, others may not. Generally, we recommend disabling this feature in your web browsers, and using a separate password manager instead. A separate password manager will have extensions available for modern web browsers, allowing for easy and secure filling of credentials into the browser of your choice.