More About Passwords

I bet you hate passwords.  It seems like everything you want to today use has a password.  Passwords are hard to remember.  When you think you have a good one, someone asks you to change it.  Passwords suck, and because they suck people hate to think about them.  In most cases people end up selecting a password or two that they can remember, and they reuse that password as much as possible.

But think about how much of your life is digital today–your memories, your social interactions, your communications, your work and your money.  If someone gets your password, how much of your life can they wreck?  What could you lose?

Try this.  Go to this website and test some passwords you use.   I bet you'll be shocked how fast your password would fail under modern password cracking attempts on modern computing hardware.  Now think about the companies that have had password database leaks recently.  Sony.  LinkedIn.  Think about how many sites you create an account on that you really don't know anything about.  If they've made security mistakes in their systems, someone can use their system to get your password.

Once someone has your password they can get into your email.  If they have access to your email, they can change your other passwords.  They can log into your online banking system and transfer all your money.  They can steal your identity and run up credit bills in your name. Ars Technica has a great article on modern password cracking and how quickly most passwords can be compromised.

Passwords matter.  Even though the username password system is flawed, it's all we have in most cases today.  That means it's up to you to make the best out of a bad system.  How?

  • Pick strong, unique passwords.  Password generators can be helpful here.  It's best to generate passwords by some truly random means (like Dice) but using a software generated password is much better than what you are likely using now.  Here's a link to a password generator I like:
  • Don't reuse passwords.  Have a different password for every site or service you use.  I know that sounds hard, and it should.  Most people can't remember dozens of passwords.
  • Use a password manager.  Let your computer do the hard work for you.  Lastpass has a free version, and 1Password  is excellent.  Just make sure you secure these systems with a strong, unique password as shown above.

Using the approaches above you can become a frustrating target for password crackers.  Since so many people select really poor passwords, most crackers aren't going to waste time trying to crack a password that takes months, years or even longer to crack.

The only person that can secure your digital life is you.