Don’t use the same password for everything. If a hacker penetrates one website, and discovers your password, they could try the same password on another site (like your bank’s website). If it works, the hacker could get rich quick and you would be out of luck.
So, how should you deal with passwords? Download KeePass. Use it to generate a DIFFERENT random password for each new website where you need to have an account. Here is a sample randomly-generated password: Y1TbnleYT6vYjXUJZmb6
You ask: How in the heck am I supposed to remember that? You don’t have to. All you have to remember is one master password for your KeePass file. Here are some strategies for making a password that you can remember. Don’t use any of these common passwords. Hint: “password” is not a good password. 🙂
Note: Hackers have a funny way of spelling words. It is called Leet. Some people use Leet for creating passwords. If you are doing that, it may not be as strong as you think it is, because Leet is a hacker’s favorite way to spell. 🙂
If you have already used the same password for lots of different websites, here is something you could do:
- Have your credit card company issue you a new credit card, with a new number.
- Use KeePass to generate a new password for each of your favorite websites, store the new passwords in KeePass, and update the password at the website.
- After you have updated the website password, you can safely enter your new credit card number.
Finally, a note from my daughter Julia, who has a different strategy for password security. It’s not as strong as KeyPass, but it’s a step in the right direction if you’re currently using the same password for everything:
“I don’t store ANY of my passwords electronically. Instead, I’ve memorized a handful of passwords and assigned them each a “sensitivity category.” When I make a new user account, I think: how sensitive will the information in this account be? Then, I choose the password from the corresponding sensitivity category. So, websites with similar amounts of personal information have the same passwords. (For example, my Pandora and Pinterest passwords are the same.) That way, if hackers discover one of my passwords and plug it in everywhere, they won’t find much that they don’t already know. My exception to this rule is banks. Each bank has a different password and the only place they are written down is on a nondescript, physical piece of paper which is hidden. I figure that the risk of someone physically stealing my passwords is WAY smaller than the risk of me getting hacked.”
And what if some hacks KeepPass?
I would suggest not to keep all passwords in one basket 😉