February 5, 2013
Taming the Password Beast
Is this my email password, my computer password or my Amazon.com password?
There are all sorts of rules and regulations we’re forced to adhere to when creating passwords, including the total number of characters, use of numerals, non-alphanumeric characters and uppercase/lowercase letters. And because every site has different requirements, it’s just more information heaped upon us. And we never remember if the number comes first, whether there’s an initial cap and how many attempts we have until we get locked out. And consider the number of passwords we’re forced to remember – Mac admin, Wi-Fi, email, iCloud, Amazon.com, banking sites – it gets very crazy very quickly.
Apple’s iCloud service password rules, for example, are pretty standard: A minimum of eight characters are required, at least one capital and one number (although older, non-conforming passwords have been grandfathered in). Other sites go beyond this, requiring a non-alphanumeric character in addition to all the other similar restrictions.
There are plenty of utilities out there that can help store and manage your passwords, including apps available for the iPhone. While I haven’t tried any of these, I wouldn’t ever recommend them, as those types of third-party utilities usually have plenty of flaws, and there is no guarantee that the developers will stick around long enough to provide support in the future.
So short of writing down a list of passwords, is there a quick and easy, yet secure way of maintaining a password list?
Yes there is!
A good way to maintain consistency with your passwords is to use one “keyword” that will remain central to all your accounts. Make it an obscure word, one that others aren’t able to guess. (Animal lovers tend to use the name of their pets, Grateful Dead fans use “Jerry” and birthdays, boyfriend/girlfriend’s names and street addresses are more popular than you would ever imagine.) So let’s use the word “Buffalo” as our example here, so “Buffalo” will be the word that is the common thread in all your passwords.
The first thing to do is to open a new spreadsheet in Excel. Under the FILE menu, select “Password” and enter your password keyword (in this case, Buffalo) in the “File Passwords” fields. Now you can record (rather than remember) your passwords (in an abbreviated format) in the spreadsheet. But nowhere in the spreadsheet is the word “Buffalo” mentioned – only the letter “B.” So if your privacy was compromised, your “real” passwords wouldn’t be visible, just an abbreviation that only you would be able to decipher. So for example, your passwords would be recorded like this:
1Buffalo – would be recorded as1B.
#1Buffalo! – would be recorded as #1B!.
The permutations here are virtually unlimited – and can be easily changed if necessary.
You can also keep any account numbers, user names and password hints in the spreadsheet as well. The secret is to keep your hints generic enough as noted above to prevent full-scale identity theft if it does happen to fall into the hands of evil-doers. Keep hardcopies of the proper documentation (invoices, account numbers and last four credit card numbers) in a secure place in case you need “official” proof of your account in the event you’ve been hacked. And don’t forget to update the password spreadsheet when you make changes to user names and/or passwords.