Let’s be real. . . it’s one thing to create secure passwords, but a whole other challenge to do that across numerous websites, accounts and mobile apps.  The number of individual accounts can reach 100+ in no time.  I, personally, had a rude awakening when I started using a password vault (mobile and computer app) to store, track and manage all of my accounts in a central location.  The numbers were just staggering after documenting the amount of accounts that I’d accumulated (just based on what I remembered) as well as anything new over the course of a few years.

A few realizations. . . 

  1. Passwords are a pain-in-the-butt and I can’t wait until they go away!  Seriously, with new technology and the use of other means of authentication we’re not far from reducing or eliminating your traditional passwords for more effective solutions. (e.g. thumbprints, facial recognition, device authentication, etc.)
  2. It’s almost impossible to effectively manage passwords without a tool.  Just consider an average person’s volume of internet-based accounts. . .
  3. At the very least, we need a method of remembering our passwords (with a theme, for example) while not using the same password across multiple accounts.

What could go wrong with Passwords? 

  • Using the same login info (email address / username / passwords) across multiple accounts (social media, messaging, banking, shopping, credit cards, utilities, etc.) can open you up to some real damage.  For example, if you’re gmail account login info is stolen or compromised AND those credentials are the same as your online bank account. . .well, you get the picture, right?
  • Creating and forgetting about accounts and passwords that you’re not using any longer can open you up to more exposure to future incidents.  For example, a retail store account is compromised and contains passwords that you use elsewhere.
  • A lot of accounts mean increased difficulty in effectively managing your passwords (changing passwords, removing old and unused accounts, etc.).

Ok, enough of that. . .what can I do moving forward?

  1. Forget passwords; use passphrases.  Think of a phrase or sentence that you’ll remember (ex. myDogIsReallyCool) and use that instead of a single word.  TIP: Go for 10 or more characters, memorable and easy to type.
  2. Secure your passphrases with capital letters, numbers and/or other special characters (!,$,?, etc.).  Check with your online providers as some of them have specific requirements, so you’ll likely need to base your password off of that.  For example, I can’t use certain special characters or need at least one capital letter in my passwords because my account providers require it.  You can also consider replacing numbers and special characters with letters (ex. Zero looks like the letter O, 1 looks like a lowercase “l”).
  3. Use “themes” for common passwords.  Avoid using the same passwords across multiple accounts, but rather consider using themes of passphrases that you use with slight variations across your different accounts.  For example, you pick a theme around a favorite hobby, movie series, music, etc. and develop your passphrase around that theme for similar types of sites.  And, in order to avoid using the exact same passphrase for multiple sites, you can pick an addition letter or word that reminds you of that particular site to add to your passphrase.  Get creative and put your own spin on it as the more you personalize it, the better you can remember it.
  4. My Advice. . . Just use a password vault.  Like a personal safe/vault, these are apps or software packages that allows you to store all of your usernames and passwords in a single location.  This method might sound complex, but it really does simplify your digital life once you’re all setup.  There are some really good password vault apps that work seemlessly between your laptop and all of your mobile devices (e.g. iCloud keychain, 1Password, LastPass, etc. – just to name a few).  I’ve started to leverage this tactic for my accounts and even have my vault choose complex passwords for me so I never need to know or remember most passwords.  As, I mentioned early – you might be surprised at just how many accounts you have once you tally them up in a single vault.  The best part – most vaults will notify you on the passwords that are older than a certain number of days or even reused in multiple locations.  Most of these tools plug-in to your browser and auto-populate your username and password so that you don’t have to worry about typing (or even copy & paste) them.

Ultimately, I believe that as we advance (technologically) we’ll rely less and less on traditional passwords and begin to see more replacements (as we already have in biometrics and device verification).  This should open doors to many more effective ways of protecting your identity and securing access to your online accounts.  So, until then. . .  hang in there and do your best to securely track and manage all of your digital accounts.