Passwords are the keys to our online lives. With our passwords, people can read our email, post on our social media accounts, see our banking data... and lock us out of our own accounts. So it's important to treat them with great care. But how? Here are a few hints on a good password policy.
- Do not reuse passwords, ever. Reusing passwords means that breaking into one of your accounts also compromises others. At the very least, add some letters that differ for each site.
- Switch to two-factor authentication wherever you can.
- Do not keep the same passwords forever. It's good practice to change them every year, especially the important ones.
- Do not use passwords such as your date of birth, partner's first name, or pet's name. People can find those easily by looking at social media or even talking to you or your friends.
- Do not rely too much on often-used substitutions of letters by numbers. A zero instead of the letter o is not exactly hard to guess.
- If you have trouble remembering your passwords, use a password manager. Read more about that here.
- It's not a horrible solution to write important passwords down, as long as you make sure you're not leaving them in places where others can find them.
- An option could be to create them in the form of fake 'people', stored in an address book (either digital or physical), whose made-up names help you remember what they belong to, and whose address or telephone numbers are the password. If you saw 'Amalia 035-3445899' written down in my little black book, would you think that was a password hint for my Amazon password? It's not, but it could have been.
- Another way to make a decent password that's easy to remember is to make a sentence that's meaningful to you, and use the first letters of each word to form your password. For example: the sentence 'My old aunt Emmy has 3 pretty cute Greyhounds' stands for the password MoaEh3pcG but is a lot easier to remember, especially if you use it for your account on the website where you buy your dog food, or the social network where your aunt always posts pictures of her dogs.
- If it's allowed, you could also use four (or more) random words that you can easily remember by drawing a picture of them in your mind, instead of a hard to remember and much shorter 'normal' password. Let XKCD guide you here (just do not reuse his example).