By now, we probably all know that we should have different passwords for every account we have, and use different ones for each website.  You probably also know that they should be a mix of upper and lower case letters, numbers and special symbols. They should be more than 8 characters – and no that doesn’t mean $now White and the 7 Dwarves.  This is what’s known as password hygiene.

That’s all well and good, but how do you remember them all?  Most security professionals would express horror at the suggestion that you have to write them down, but unless the bad guys are actually in your house, they have no access to them if you do. One word of caution before you go and document everything – be sensible.

It might seem like a good idea having a book like the one in the image, but then the bad guys in your house know exactly what they’re taking!  If you are going to write your passwords down, make sure you lock the book away in a secure location where it’s not easily found by intruders.

An alternative is to use one of the many password management apps that are around, but as that’s connected to the Internet then by definition it is vulnerable – especially as it tends to require a master password and if you’ve not chosen a good one of those then your other passwords are easily found.  At the very least, make sure it encrypts your passwords with something like 128 or 256 bit AES.

As with all things, the choice is yours and based on your level of risk appetite.  Personally, I like the flexibility of the electronic app, but I’d combine it with a master password and another token, eg a PIN number sent to my mobile or use of a fingerprint reader.

Advertisements