A study conducted in October 2014 concluded that the average person needs to remember 19 passwords. At the same time, we are constantly being urged to make our passwords longer and more complex and to avoid names, dictionary words and dates - the very things that would actually HELP us to actually remember so many passwords! So what are the options for keeping our passwords secure without locking ourselves out of our online accounts?
Everyone has their own opinion as to what constitutes a secure password and it's safe to say that a password that is acceptable to one online service may be deemed too insecure by another. But there are a few principles that most security experts agree to:
In other words, what we need are 19 long and completely unintelligible passwords to protect our online identities.
Now there's just the small problem of remembering them all...
Fortunately there's a wealth of tools available to help keep all of this information secure. They are known as password managers (or password safes or password wallets; there's probably other names too, but we've already got enough to remember!).
A password manager is a piece of software that will allow you to securely store details of all the online services you use: the name of each service, the URL (web address), your username/email address, your password and often notes or other ancillary information. These details are stored in an encrypted database protected by a password that you choose. In theory, this is the only password you need to remember.
There are many password managers available, all of which have different features including form-filling, password generation, cloud synchronisation, cross-platform use, etc. The best solution for you therefore is the one that satisfies your needs most closely. Some of the more common ones available today are:
If you're unsure whether a password manager is for you, it's best to download one of the free versions first. Then, if you need different features or just don't like the way the one you've chosen works, you can review any of the others more objectively. Note that even the chargeable password managers are generally only a few dollars per month - a small price to pay for peace of mind.
Even with a password manager, it's wise not to get too complacent about security. The first task should be to review all of your passwords to ensure that they are sufficiently secure - especially the passwords to services that hold your financial details, such as online purchasing accounts. Now that you're using a password manager, it's time to stop using your wife's (or husband's / child's / pet's) name or dates of birth as passwords.
The second task should be to back up your password manager database and store it somewhere secure. The last thing you want is for your computer to fail and to find that you can no longer access your password manager! Take regular backups too - ideally every time you add or change a password.
The third task to think about is the security of your password manager. The password that you use to encrypt this should be the most secure password you've ever dreamt up - for reasons that are hopefully obvious! But make sure it's one that you will ALWAYS be able to remember, as it will be impossible to recover all of your other passwords without it!
The number of online services we need to access is set to increase even more in the coming years. Security experts are already working on other ways of authenticating our identity, including 2-factor authentication or biometrics. Until such methods become more commonplace, passwords are here to stay - choose them wisely and manage them effectively.