Passwords protect every part of your online life. If you don't treat them properly, you're exposing yourself to a whole mess of trouble.
I'm not answering a reader's question today. Instead, I'm offering some advice that everyone on the Internet needs.
Imagine that you had one key that unlocked your house, your garage, your office, and your car. Then, to make sure you always had the key handy, you made about 80 copies. And engraved your address on every one before leaving them in convenient locations.
That's about the level of security you have if you use the same easy-to-guess password for multiple purposes. Far too many people do just that.
Passwords keep strangers off our computers and smartphones. They keep criminals from reading (and writing) our email, updating our Facebook status, and cleaning out our bank accounts.
These outlaws want your passwords so they can make money at your expense. Here's what you need to do to stop them.
Use strong passwords
A strong password is one that cannot be easily guessed, or broken by a brute force attack in a reasonable amount of time. That means no words likely to be found in a dictionary, no common names, and nothing too short. A 15-character password may be 90 times harder to crack than a 14-character one.
You'll notice that I wrote characters, not letters. A good password contains numbers, punctuation, and upper- and lower-case letters.
Basically, you want a long and seemingly random string of characters--as if gerbils danced on your keyboard, with one concentrating on the shift key.
But since you need to remember the password, you probably don't want something truly random. Create a formula that you'll remember but no one else could guess. For instance, you could use the name of your alma mater, spelled backwards, capitalizing every letter that rhymes with the word tree, followed by your phone number typed while holding down SHIFT (to get punctuation), and ending with the year you were born, squared.
Except you shouldn't use a formula that's been published in PC World.
Use a different password for each site
If someone manages to steal your email password, do you want them to access your bank account, too?
To avoid that kind of big disaster, give every site, program, or service a unique password. Never use the same password twice.
But no, I'm not suggesting you come up with and remember countless unique formulas. Read on.
Use a password manager
You can keep all of your passwords in a specialized, encrypted program called a password manager. That way, you only need to remember the password manager's password--and the one you use to log into Windows.
Sign up for CIO Asia eNewsletters.