So many passwords, so little memory

April 15, 2009 By Craig Crossman

How many keys are on your keychain? I just looked at mine and counted nine keys. And that's not counting the bulky little remote control key fob that locks and unlocks my car. I've tried to consolidate my keys by making one key fit every lock in the house instead of having different keys for the front door, the back entrance, the shed and some of the different rooms that lock. Then I thought about making just one key that would work for everything.

One key to lock the house, unlock the car, open the Post Office box, access the storage unit I rent, get into my bank's storage box, open the office door, you get the idea. And while that idea would certainly reduce the number of keys I have to lug around with me every day, having just one key for everything would actually be a bad idea, especially when it comes to the issue of security.

Think about it for a moment. What would happen if I lost my one key or even worse, somebody stole it? If I just had nine or 10 different locks, it wouldn't be too bad. I'd just have to change all the locks or at the very least have all of them re-keyed. But what if I had 100 locks or more? That could be a real problem. Yet when it comes to passwords, this is exactly what a lot of us do. Because we have so many passwords guarding all those websites we access and programs we use, it's become a real problem trying to create and then remember so many different passwords for all of them. Yet this is what is being demanded from us when we go someplace online for the first time and that place is designed to store something relevant to us so we can revisit it repeatedly. You need a password to secure it. And that's not even counting all of your applications that require a level of security such as your checkbook program.

Believe it or not, there's a lot of people out there using just one password for everything and they do it because basically they just can't remember a unique password for all the places they go and products they use. Yet having one password for everything is like having one key. It's a bad idea. Losing or forgetting a password is far easier to do than losing a physical key. It's a lot more common than you may think. People forget passwords every day. Just take a look at most websites that ask for your password. Most all of them have a question that asks if you've forgotten it! Typically they will either e-mail it to the address you registered when you first applied for the password or they will let you pick a new one once your identity has been verified. Still it can be a big mess. Fortunately, there are utilities out there that are designed to manage all of your passwords so you won't have to remember any of them.

If you have Windows PC, check out Password Manager ($29.95) from Large Software. If you have a Macintosh, check out 1Password ($39.95) from Agile Solutions. Password Manager and 1Password will remember all of your usernames (you can forget those too) and passwords for every website you visit and the applications you use. Both utilities will work with most any of the popular browsers such as Firefox, Internet Explorer, Safari and Opera. They will even import all of your existing passwords stored in the browser and deactivate the browser's password feature. All of your password information is heavily encrypted by these utilities yet no bridges are burned. If you later decide not to use them, the password file used by your browser will be restored.

Another nice feature offered by these utilities includes being protected from phishing scams that pretend to be legitimate websites so that they might trick you into entering your passwords. Password Manager and 1Password both have smart form fillers that can recognize phishing sites and will not release your password information to them.

When you are away from your computer, both utilities offer a memory stick ability that lets you take all of your passwords with you. When using another computer, simply insert the memory stick into any available USB port and that computer's browser will know to fill in your usernames and passwords whenever you access a website to which you have an account. Removing the takes all of your password information along with it and nothing remains on the borrowed computer.

Passwords are the virtual keys of our time and they need the same, if not even greater protection than your physical keys. Never write your passwords down nor store them in a word processing document where they may be easily discovered. And don't use obvious passwords like your name or birthday. Passwords really should not be words at all. They should be a cryptic combination of letters, numbers and if allowed, punctuation marks. Given the complexity and the large number of passwords we require these days, a password manager really is the best possible solution to a cryptic problem.

On the web:



(Craig Crossman is a national newspaper columnist writing about computers and technology.)


(c) 2009, McClatchy-Tribune Information Services.

Explore further: Tired of Passwords? Replace Them With Your Fingerprint

Related Stories

Tired of Passwords? Replace Them With Your Fingerprint

September 14, 2004

If you're like most people, you have more than a dozen passwords and user names to remember. Whether you're checking your e-mail for new messages, catching up on the news, posting to a Web discussion group, or playing games ...

Networking: The end of 'shoulder surfing?'

February 20, 2006

Some hackers like to "shoulder surf," or steal unsuspecting PC users' passwords by looking over their shoulders at the Internet cafe. Others prefer to crack an account's password -- using sophisticated software programs. ...

Study: Hackers Attack Computers Every 39 Seconds

February 8, 2007

Are hackers trying to get into your computer right now? And what are they up to? A study by the University of Maryland's A. James Clark School of Engineering is one of the first to quantify the near-constant rate of hacker ...

Fingerprint Advances Will Fight Cybercrime

February 24, 2006

Forgot your password? No problem. Biometrics researchers at the University at Buffalo have made important advances that bring closer the day when we can access devices and Web sites with nothing more than the touch of a fingertip.

Help! How to avoid fast-moving computer worm

January 28, 2009

Since early January, a worm that has been referred to by several names, including "Downadup," "Kido" and "Conficker," has been infecting millions of computers around the world. The worm exploits a previously discovered vulnerability ...

Live phishing shows risk of personal info

November 9, 2005

Despite all the warnings about giving out personal information, many people still freely give away seemingly innocuous details that can be used to crack their passwords, according to the results of a "live phishing" survey. ...

Recommended for you

1 comment

Adjust slider to filter visible comments by rank

Display comments: newest first

1 / 5 (1) Apr 15, 2009
Pure advertisement.
Google for firefox addons, category privacy & security. It's all free.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.