So you're using a password management tool to keep track of
all your passwords. What if that tool gets hacked? That's not a joke — it happened
last month at LastPass, a web-based service that encrypts multiple
passwords. Although LastPass users' actual passwords weren't compromised, their
email addresses and password reminders were.
The LastPass incident is a valuable reminder that the most
secure place to store your passwords is still inside your head. But can you
remember the password for every website you use without making the security
mistake of reusing passwords? We certainly can't. That's why at Xantrion, we
recommend and use a simple trick that generates passwords that are hard to
crack but easy to recall. It just takes three steps:
- Start with a word you won't forget, and spell it with at least one special character. For example, "apple," spelled "4pp!e." You'll use this "seed" password in all your other passwords.
- Come up with a simple algorithm based on the site's domain name. For example, you could use the first and last letters of the name as the first and last letters of your password
- Combine the two. In our example, then, your password for WebEx would be w4pp!ex, and your password for Salesforce would be s4pp!ee.
You can make the details as complicated as you want, but as
long as you remember the domain name and your personal algorithm, it's easy to
generate unique, high-quality passwords you still won't have to write down or
store anywhere.
No comments:
Post a Comment