How to Choose and Manage All Your Online Passwords

In the online world, our lives are caught up in passwords. Our social-networking identities, e-mail and even our personal finances are all guarded by passwords. Since most of us have many, many different online accounts, it becomes necessary to manage just as many usernames, ID numbers and passwords. Unfortunately this often leads to poor habits that can undermine the security of your online identity.

The first good habit you should develop is choosing a strong password. Phrases made entirely of words and year numbers may be easy to remember, but they are also simple to crack. Instead of choosing the birth year of your child coupled with your pet's name, consider using a password based on a phrase you can remember. For instance, The Declaration of Independence Was Signed in 1776 creates TDoIWSi1776, which turns out to be a moderately strong password. This way you can choose something memorable, but still decently secure.

The sheer number of accounts can be so intimidating that many of us choose just one password to use for all of our accounts. Imagine coming up with a secure password for each of the sites you've registered with! It's time consuming as well as confusing. Nevertheless choosing a single password is a very bad idea, because as soon as one one of your accounts is compromised, it opens the door for all sorts of other malicious intrusions into your other personal data. And you can't vouch the authentication method used by each of the websites you frequent. One may be weaker than another and expose your password on attack.

So you need multiple, secure passwords to safely go about your business online. How do you accomplish this, how do you keep track of them all? The answer is to use a password manager. These specialized applications keep your usernames and passwords in an encrypted database that is only accessible with one secure master password. They usually allow you to store all the relevant information regarding your accounts--such as notes and usernames--as well organize your accounts with folders and categories. The best of these apps will also check your password strengths as well as suggest new passwords for you. This way, you can keep track of and organize all of your accounts, while keeping your data safe with individual strong passwords.

There are two password managers I generally recommend. The first, for Windows and Mac users, is called KeePass Password Safe. The open source application is widely recognized as one the best password managers out there, and boasts a host of security and usability features that make it safe and easy to use. The other application that I personally use as is Revelation (see great write up by AC CP Eric Fleming here), a fantastic Linux application which has many of the same features as KeePass, but integrates nicely into the GNOME desktop environment. It has a nice little panel applet that keeps all my password securely at my fingertips the whole time I'm at my computer.

It takes discipline and a willingness to change the way you do things to start maintaining a more secure online presence. However, just the peace of mind that comes from knowing that I am much less likely to be hacked is worth a bit of extra work to me. I think it will also be worth it to you.