I was wondering how many times a day we have to enter a password? Curiosity got the better of me so I started counting and gave up when I passed 40 before lunch!
It’s a constant struggle. Not just remembering the ones we have, but finding new ones that fit the relevant criteria required. Such as, a requirement to include letters and numbers, upper and lower case, or other symbols. Then you have to remember them all – especially difficult for the sites you only use occasionally.
The more complicated the password, the more difficult it is to crack. For example, a three character password has 1 million combinations. Whereas with six character the combinations are now up to 1 trillion. That’s why most websites require a minimum of eight characters. The more characters, the harder it is for the ‘bad guys’ to crack.
You are told every password should be different to ensure security, but how realistic is it to have dozens of different passwords?
Then, of course, you should also never, ever share our passwords with anyone. Yet there are times you want your partner to be able to do the supermarket online shopping or book the cinema tickets on your behalf. Surely your nearest and dearest are trustworthy and won’t do anything dodgy with your online accounts?
As technology advances in leaps and bounds I fully expect that, one day, the need for passwords will be just a faded memory. You can already see this with the increased use of fingerprint, iris, facial, and voice recognition in our smartphones. But until these can be used on all our websites, apps, and devices, what should we do?
Putting them on a spreadsheet is even less secure than having them in a little black book on your desk. It means that as soon as someone gets access to your computer, they get access to every online account you have. At least the little black book is only accessible by the people who can get to your desk! I don’t recommend either of these as a password management strategy.
There are people who recommend you have only three passwords. An easy to remember one, a slightly more complicated one. And one with lots of random letters, numbers, symbols, etc. However, if someone cracks your log into YouTube or Twitter – it can take hours or days to rectify the situation even if they can’t actually raid your bank account as a result.
These days the most secure option is to use a password manager. Not only does this mean that you can have a different, exceptionally strong password for every single site, but most will allow you to log in automatically without having to type them in.
Be careful, however, as storing all your passwords in one repository can be risky. It should have exceptional security itself, and the passwords should be securely encrypted.
For corporate use you can even allow colleagues to log in to password protected sites without giving them the passwords themselves. So, if a member of staff leaves, you don’t have a string of passwords to change on the day they leave.
There are numerous password managers to choose from, and various other password related security issues that we can help with. If you’d like to explore a more secure method of protecting your log ins please do give us a call.
Send us an email!