If you are like me, you probably have around 2 dozen passwords. This is not a ridiculus amount of passwords. If you are using the Internet, you probably have a passwords for your e-mail account(s), online calendar, online photo service, online banking, online stores and credit card services. There are a number of safety tips to keep in mind when creating and managing passwords.
When creating a password, be sure to follow these rules:
- Do not use the same password for different websites or accounts. If one of your accounts in compromised then the others will be too.
- Do not include any personal information in your password (e.g. jsmith). This includes: proper names, birth dates, addresses and telephone numbers.
- Avoid using words found in the dictionary (e.g. mypassword).
- Use both upper and lower case letters.
- Use numbers, but avoid using sequential numbers (e.g. jsmith1234) or repetitive numbers (e.g. jsmith2222).
- Use special characters when permitted to do so (e.g. !@#$).
- Use at least 8 characters and, optimally, 20+. The length of a password determines its strength. Here is an article on how much time it takes to guess a password based on the length of a password (link).
It wouldn't be a bad idea to use a password manager. A password manager stores all your user ids and passwords. All you have to remember is the password to open the password manager. One password to rule them all. In addition, to storing passwords, they also can generate hard to guess passwords. There are several free password managers. I recommend open source KeePass available at Sourceforge. Password Safe and Password Agents are good alternatives.