Password Management Meltdown

One of the problems of modern life is that of creating and managing passwords.  Many of us choose too simple a password and use the same one for multiple accounts, thus seriously compromising our online security.

And it’s not just passwords either; we also have PIN numbers for our mobile phones, bank cards and whatever else.  Add them all together and the result is an impossible number of letters, symbols and digits to keep in our heads.  Worse still, we then have to remember which passwords match which account and, indeed, what username we chose for that account in the first place.

I am a pretty average user and at a rough estimate have about 25 such combinations to remember.  Rather unsurprisingly I often don’t.

So what’s the answer?  How best to create, organise and remember all the tricky little blighters without making it too easy for the hackers?  Help is at hand, but before we begin please, please, please do not be clever and use ‘password’ or ‘backdoor’ or similar as your password.  Lots of other clever people do that, and lots of other equally clever people will consider them worth a guess to see if you’re not as clever as you think you are.

Having got that out of the way, we give answers to your most frequently asked questions:

I know I shouldn’t use short passwords but my dog has a fairly long name and it’s easy for me to remember, so why not?

Okay, a complete stranger might not know the dog’s moniker but what about friends and acquaintances?  Also, have you ever posted a picture of your pampered pooch doing something endearing on Facebook with his name included?  You have, haven’t you?  Anyone looking at your page already knows your name; now all they need is your password.  A quick guess at ‘Marmaduke’ will do the trick.  Prepare to be fraped.

What about those preset security questions for when you’ve lost your password; surely the same applies?

Good point.  “Where did you go to school?” and “What was your mother’s maiden name?” are both eminently Googlable.  The more you interact on the internet the more information about yourself you’ve put out to add to whatever’s out there already.  Consider password reset questions carefully.

I have a special password for important stuff like my online banking; for all the rest I use the same password.

Congratulations on keeping your money safe, but consider this:  You’ve attempted to log onto one of your accounts, let’s say it’s Netflix, and you’ve forgotten your password.  You click forgotten password, follow the prompts and a message is sent to your inbox allowing you to reset it.  Fine.  But now suppose I have your email address and password (your email address is easy to find and I know your dog’s name remember), not only can I go in and watch movies at your expense; I’ve also caused you future inconvenience by changing your password in order to do so.   And of course the same principle applies to any other accounts you might be subscribed to.

Your email password is more important than you might think; it can be the key to all the rest.  Guard it carefully.

I store all my information on my phone, that way it’s always to hand.

Fine, just don’t lose it.

And just in case you do, for heaven’s sake make sure you have a security lock on it.

I’ve thought about what would happen if I lost my phone, so I back up my information in The Cloud where it’s safe.

Good for you, but bear in mind that even if your files are high above and out of reach in the stratosphere, or wherever this Cloud thing is, they can still be hacked.  Just ask certain recently under-dressed and overexposed celebrities.  You’re probably all right though; it’s highly unlikely that professional hackers are desperate to uncover saucy photos of your dog.

Okay, I get the message: I need long convoluted passwords incorporating higher and lower case letters, numerals and symbols and a different one every time. I’m never going to be able to remember them all, putting them on my phone may not be the best of ideas, storing on-line or on my computer carries risks of hacking, so what the heck am I supposed to do?

That is a very good question to which I do not have a definitive answer.  You could try doing what I do and write them all down on a piece of paper.

Of course, security buffs would say that this is not a good idea either because burglars might break in and make off with your precious details.  It is probably safest to put it in a locked lead-lined casket and bury it at the bottom of the garden, only to retrieve it at dead of night when the neighbours aren’t watching.

Just make sure the dog isn’t looking either in case he digs it up; there’s nothing more embarrassing than being hacked by a family pet.


We went out onto the streets of the city to find out how people do actually manage their passwords…


Leave a Reply