Secure Passwords
If you’re like most of our clients, you probably have dozens of passwords for various websites and online accounts. It can be tempting to make your passwords easy to remember so that you can keep track of them more easily, but having a secure, unique password for each account is your first line of defense against hackers and scammers. If this sounds overwhelming, don’t panic: there are ways to help you keep track of this!
What comprises a secure password has been a moving target for the last several years, but over the last year or so, at least some of the basics have been agreed upon. A secure password should have at least one number, one uppercase letter, one lower case letter, one symbol and at minimum, 12 characters.
Creating a Secure Password
You should plan to create a unique password for everything you need to access, and these passwords should be at least 12 characters long. Even if a website says they require fewer characters, such as 8 for instance, making one that is at least 12 characters is still safer. More Web sites are requiring symbols. now I recommend using the same symbol anytime you need to add one.
One simple way to come up with a password is to think of three random words—for instance, I could choose rose, wash, and rover.
Then, I can capitalize each word, and add a number and symbol to meet a website’s password requirement: RoseWashRover$9. Just like that, I have a 14 character password that includes capital and lowercase letters, a number, and a symbol, and it would be pretty tricky for someone to guess.
There are several legitimate web sites that will allow you to check the strength of your password, such as https://howsecureismypassword.net. In addition, the secure site you are creating a password for will often let you know the strength as you are creating it.
Storing and Remembering Passwords
Avoid storing your password in plain sight! Sticky notes are not secure, and pieces of paper get lost or mixed up.
iCloud Keychain: While the requirement to not use the same password for everything may seem daunting, there are now several options to help you which are available for your devices. These options can both create and store your passwords.
First, you must have a password on your computer, iPhone, and iPad. Yes, fingerprint readers or Face ID counts. Give this passcode to a trusted friend or relative in case you forget it. If you lose or forget this password, it cannot be easily retrieved.
Apple’s iCloud Keychain is a great program for storing, and accessing your complex passwords. It’s already built into your iPhone, iPad, and Mac computer so you’ve always got your passwords and credit card details at your fingertips. iCloud Keychain also keeps your Safari website usernames and passwords, credit card information, and Wi-Fi network information up to date across all of your approved devices if you are syncing via iCloud. It will also keep the accounts you use in Mail, Contacts, Calendar, and Messages up to date across all of your devices.
That being said, there are a few caveats to using iCloud Keychain; you must know and remember your iCloud password. You will also be required to enter an iCloud security code to use for recovering your keychain or authorizing other devices. Be very, very sure you know and can easily type your Apple ID/ iCloud ID before authorizing iCloud keychain.
Apple Notes/ Locked Note: This is similar to creating a piece of paper with all of your passwords, but it is stored on your iOS device, and if you use iCloud syncing for Notes, it will be available on all your devices. You can create a Note in your Notes App that is secured using a password for your note. This way, you can create a list of different passwords without anyone else being able to access the note if they somehow got ahold of your device. If you do this, give the password for this note to a trusted friend or relative; Apple cannot help you retrieve the password if you forget it.
Third Party Apps for Passwords: There are several apps that allow you to store your passwords securely. Many of them will allow you to sync your passwords via iCloud or the company’s own syncing services. Some of these apps are free, and some have a fee associated with them. All of these apps offer strong encryption of your files (known as AES 256 encryption), password creation and storage, and warnings of fraudulent web sites.
Some of the best known and highest rated apps are 1Password and Dashlane. My choice is 1Password, and I have been using it for over 8 years.
1Password 7: This is Ronnie’s recommended choice. It has a standalone app for a Mac or PC, and for the iPhone and iPad. The newly released version 7 has a lot of new features. For new users, the standalone app is $49.99 on the computer, and is free on your iPhone and iPad, or you can do a subscription for $2.99 that can be used on all of your devices. 1Password allows syncing via their own cloud, or on iCloud, or through Dropbox or your own wireless network.
Dashlane: Works via a web browser and as a standalone app on a Mac or a PC, and has a standalone app for iPhone or iPad. They use their own “cloud” for syncing, and it costs $4.99/month.
All third party apps require their own separate master password. Store it safely and/or give it to a trusted friend or family member, as you cannot retrieve it if you lose or forget it, and you will lose access to all of your information if you lose it.
All of these options do have a learning curve; the simplest option that is most closely integrated with your Mac devices is iCloud Keychain, but 1Password integration is improving all the time, and it has some really nice features.
Is it time for you to re-think how you are creating, saving, and organizing your passwords? Don’t get overwhelmed—we can help! Call us if you’d like to set up an appointment to go over password management and to make sure your passwords
