In our previous lessons in this course, we taught you how to make a strong password (and avoid a weak one), how to replace one of your passwords with a more secure one, and how to reset a password if you forget it or think somebody has cracked it. To support these essential skills, we're now going to go over some general strategies of how to keep your passwords in order and get the most security possible out of them.
Tips for managing your passwords
1. Use some sort of memory trick to remember your passwords.
In the last tip for our How to Make a Strong Password tutorial, we suggested starting with a memorable (but uncommon) phrase, writing down the first letter of each word, and then substituting numbers and symbols based on sounds and shapes. This would result in a strong password that was easier to remember. While it's probably simpler to work from the ground up like this, you may be able to remember a complex password that you build from the top-down by using the other tips in that article.
For example, "gh$nd4B&8xq%" might be remembered by sounding out some of the letters, numbers, or letters that look similar to symbols. You might come out with something like "ghost and four Band-Aid execute". Okay, that sentence doesn't make a whole lot of sense, but hopefully you get the idea of how you can sound out what a password looks like in order to develop a memory trick.
2. If it's easiest for you, write your passwords — or better yet, just clues about them — down.
We realize that memory tricks might not be for everyone. The simpler thing to do, if you need help remembering your passwords, might be to write your passwords down. Even if you do use memory tricks, you might want to write those down, too, just so you can remember them.
If you're going to write your passwords (or memory tricks) down in order to remember them, don't do so right on your computer or other digital device. If a hacker installs a spyware program or otherwise takes control of your computer, they might be able to find all of your passwords and use them to break into all of your Internet accounts.
Instead, the best idea is to write your passwords down on a physical piece of paper, or in some sort of address book or diary. Make sure that you store your list of passwords in a secure place, where only you know where it is and/or can get at it.
If you're able to use memory tricks effectively, write them down instead of your actual passwords. That way, if someone else finds your list, they will have to figure out how your memory tricks work in order learn your passwords, instead of having them spelled out in plain view.
3. Don't use the same password(s) for multiple websites.
"Remembering all of these passwords is hard!" we hear you say. "Can't I just make things easy on myself by using a few strong passwords that I know off by heart for all of my accounts?"
While you might be able to get away with this, depending on how strong your passwords are, know that you're generally taking a large (and rather unnecessary) risk by doing so. The reason for this should be obvious: if a hacker manages to break the password on one of your accounts, then they don't have to do any extra work in order to break into any other of your accounts that share the same password.
It may be tedious and time-consuming, but the best way to make sure that your Internet accounts stay secure is to use a different password for each of them. This ensures that if a hacker breaks into one of your accounts, you will not have made it easy for them to break into any others.
4. Change your passwords occasionally.
Even if you use strong passwords, hackers and malicious programs can pick away at them and try to figure them out over time. Therefore, another good way to keep your passwords secure is to change them occasionally, perhaps every three months or so. This undoes any progress that troublemakers may have made at cracking your passwords, ensuring that you always stay one step ahead of them.
5. If you think an account has been hacked, try resetting its password.
As we noted in our How to Reset Your Password tutorial, resetting your password for one of your Internet accounts is a strategy that you can use if you think that someone knows how to get into that account without your permission. As an added bonus, some websites (such as Facebook) will kick out anyone who happens to be using your account when you reset your password, so you may be able to turn the tables on an intruder.
If you wish to reset the password for an account because you think someone has hacked into it, one suggestion that we'll make is to do so from someone else's computer. The reason for this is because if someone hacks one of your accounts, they may have also hacked into your computer (or they may at least be able to access the information necessary to do so). Therefore, if you try to reset your password from your own computer, the hacker may be able to manipulate your computer's actions in order to block your attempts, or even lock you out of your computer.
A final tip that we'll give for remembering your passwords and keeping them secure is to use a password manager. We'll get into what these are and how to use them in the next few tutorials in this course.