How to Safeguard Your Passwords

By
Need help with your passwords? Here are two good ways to generate and protect strong passwords.

Method 1: Use a Password Manager App

A password manager app offers security, convenience and accessibility. Download a password manager app into your computer or smartphone, sign up for an account, and start using the app to store your usernames and passwords. When it’s time to change a password, it can generate a strong password for you.

Now, you only need to memorize one password, which is the password or PIN of your password manager app. As a bonus, your password manager can also automate the sign-in process for you.

A password manager is clearly better than a plain old password list, but it does have some drawbacks. Let’s have a look at them:
  1. A password manager is not immune to security risks. First, if a thief manages to steal your password manager and its password, he gains control of all the passwords you stored in it. Second, if you forget the password of your password manager app, you will be unable to sign into all of your accounts. Third, as a software product that gets continually updated, security flaws can appear and get exploited by password thieves.
  2. Using a password manager exposes you to certain availability risks. First, bugs may appear and prevent it from working properly. Second, if the company that supports your password manager app decides to stop support, your password manager app will soon become incompatible with whatever operating system it runs on, and you will find yourself in a mad scramble to migrate your passwords to a different product.
  3. A premium feature that you may want or need in a password manager might not be free of charge.
If you are not ready to accept these downsides, consider the method below.

Method 2: Maintain a Hint List, Not a Password List

The trouble with a plain old password list is its vulnerability to theft. Keeping your password list under lock and key prevents theft but also severely limits its usefulness. Protecting a softcopy with a password is hardly any protection at all against a determined password thief.

But what if your password list contained only hints instead of the actual passwords? And what if you are the only person who can translate the hints into the actual passwords? If the answer to both questions is yes, then you can put a plaintext copy of this list conveniently in your smartphone or computer.

There’s some preliminary work to do: You must create a technique that lets you mentally convert hints into actual passwords. Here’s a sample:

Memorize a phrase that you will add to the hint to generate the actual password. For example, memorize teakEttle++39. If the password hint is Al, then just append teakEttle++39 to Al to get the actual password AlteakEttle++39. Similarly, if the hint is flaGeLLA2, then the actual password is flaGeLLA2teakEttle++39.

The above technique is simple and easy to use. Now make it more secure with a layer of obfuscation:

Craft a password fragment and its hint from something that only you know, such as the name of a childhood friend or a pet, toy, activity, or place of interest from your distant past. Let’s say that you have a friend named Alfred. He sticks in your memory as “Al the cook." When you see the hint Al in your hint list, you automatically think cook, which you then append to teakEttle++39 to get the password cookteakEttle++39. 

 Now, a password thief not only needs to know your secret phrase teakEttle++39, he must also know what password fragment the hint Al stands for.

 Let's say that cookteakEttle++39 is your Gmail account's password. Your hint list, therefore, should include an entry like this:
Every entry in your hint list should only include your username and the password hint

Additional tips

  1. Never divulge your technique to anybody.
  2. Memorize your technique so that you never have to carry a copy of it.
  3. To prevent yourself from hastily creating a weak hint and password fragment, prepare spares.
  4. If a copy of your hint list goes missing, play it safe: change your passwords.
  5. Use additional layers of security. One way is to protect your hint list with a password. Another way is to protect your accounts with Two-Factor Authentication, as this article explains: Keep Facebook Hackers at Bay with Two-Factor Authentication.

Comments

Post a Comment

Popular posts from this blog

How to obtain your first Professional Tax Receipt (PTR) in the Philippines

By
Image
I would like to share how I obtained my first Professional Tax Receipt (PTR) at the Manila City Hall. I suppose that the procedure and requirements are similar in various jurisdictions in the Philippines. As a first-timer, I needed to prove that I passed the professional licensing exam. So, I brought with me a hardcopy of an email from the company where I was affiliated with which attested that I had passed the licensure exam. I also prepared some money to pay the tax, which amounted to Php 300. Then I went to the Manila City Hall, where I was directed to the Licensing Division on the Ground Floor. There, the staff inspected the email message. Satisfied that everything was in order, he prepared a small slip of paper called "Order of Payment" and instructed me to take it to "Window D" of the Taxpayers' Lounge located on the Ground Floor. At Window D, I paid the tax and was issued an official receipt. The official receipt indicates my profession and the amo
Read more

How I added streaming to my audio system: My experience with the Arylic A50 streaming amplifier

By
Image
  This bird’s-eye view on the Arylic A50 streaming amplifier is for audio enthusiasts who may be in one or more of the following situations: -           Looking for an audio streaming solution -           Needing a small (40- to 50-watt per channel) high-fidelity stereo amplifier for their loudspeakers -           Planning for a multi-zone (multi-room) audio system installation -           Have a tight budget (less than US$200)     -           Are curious about the A50 or about anything related to audio  Disclosure: This is a sponsored post. I received compensation from Arylic by way of a partial refund on the purchase price of their product. Regardless, I only recommend products or services that I truly believe in. What I needed The last time I upgraded my audio system was ten years ago, when I purchased a pair of Paradigm Mini Monitor v.6 speakers and a NAD C 356BEE 80-watt per channel stereo integrated amplifier. A 120-watt Dynaquest DQ-120 subwoofer (purchased in 2002
Read more

How to transfer the ownership of a privately owned vehicle in the Philippines

By
Image
Transferring the ownership of a motor vehicle was a frustrating experience for me. This was because I was not thoroughly familiar with the requirements and the process. I would like to share how I should have done it so that other first-timers will have a more streamlined and pleasant experience. The procedure described below applies to the case where a privately owned motor vehicle is sold by its owner to a buyer. If your case is different, please look for the applicable procedure on web site of the Land Transportation Office: http://www.lto.gov.ph/motor-vehicle-registration/307-transactions-requiring-change-of-certificate-of-registration.html If the seller has just completed all of his mortgage payments, the car needs to be released from its chattel mortgage before it can be sold. Please read this article: What to Do Next After Paying Off Your Car Loan . Let’s begin with some preliminary notes: a) The seller should take the lead in this process. He should see to it that
Read more