When Yahoo recently announced a major breach of 500 million user accounts, it sparked yet another discussion about passwords. In a world where everyone is now drowning in password confusion, keeping lists online, in notebooks or on phones, the never-ending cycle of “invalid password” and “time to change password” grates on even the most patient of souls.
To deal with the need for so many passwords, some people may try to use the same password for multiple sites. However, IT security experts suggest that is not a good idea. If your Yahoo account password is the same as your work credentials or your online banking password and one of those sites is compromised, it increases the risk of other systems being hacked and more of your personal information being compromised.
A better option for those seeking to manage their passwords is a password manager application, which allows you to use one master password to access all of your other passwords.
A simple, online search for “password managers” revealed at least 20 options available to consumers. Prices range from free to $50 a year. Several tech magazines and consumer groups offer reviews of their top picks for password managers. Some password manager applications will select passwords for you, based on the maximum complexity allowed by the site for which you are creating a password. Other password managers will advise you about the strength of your password. It is important to make sure any password manager you choose encrypts all of your passwords.
Another tool you may want to use in conjunction with a password manager is a two-factor authentication tool that would help protect you in the event hackers break into your password manager website. The two-factor authentication tool requires that you also enter a code that is sent to your device. In addition to entering your master password into the system, you also will need to input the random code that is sent to you.
Beverly Jordan, vice president/chief information and transformation officer, uses a password manager with a two-factor authentication app that she has downloaded on her phone. When she logs into her password manager account using her master password, Jordan is prompted to enter a six-digit pin that has been sent to her phone. The pin is only good for about one minute before it changes to a new number. The downside, Jordan explained, is that if she doesn’t have her phone with her, she cannot access her passwords.
If you are still confused about passwords, Baptist Technology Services encourages team members to follow basic guidelines to increase security. First, review all existing passwords and change those that are the same for different sites. Next, make sure that all of your passwords are sufficiently strong. Many sites will give you a message when you create a new password that lets you know whether the password is weak or strong. Finally, finding the perfect password may be impossible, but getting creative can go a long way when creating passwords designed specifically to protect your information.