Managing Too Many Passwords

In my previous post (Complex Passwords for Complex Security) I detailed the importance of complex passwords.  After posting, I thought of all the passwords we have to remember, and felt like I should post an addition to it.  By no means do I condone writing down passwords, but having worked in an office IT enviornment I know for a fact it happens.  So instead of ignoring the problem, I thought it would be helpful to at least offer some advice to make it as secure as possible.

There are programs available that will securely store your passwords.  A good free program is called “Password Safe” by Bruce Schneier.  Mr. Schneier is an internationally renowned security technologist and is the author of several books. Password Safe can be found on Sourceforge at http://passwordsafe.sourceforge.net/index.shtml.  

If you don’t feel like installing a new program, I present several ideas below that can help keep the passwords you must write down secure and safe.

Say NO to Sticky Notes

Sticky notes are great and they stick to the edges of our monitors quite nicely. Unfortunatly this is one of the first places people will look for a password, so it is an unsafe place to keep them written down.  

Some people might not look in the details of a file.  Word documents are great for this because they have several fields which can be filled in with anything, as shown in the picture below:

Still, your password is in plain text, and that is less than desirable.  How can we fix that?

Remember that Decoder Ring?

It may sound juvenile, but ciphers can be a great way to write down a password that only you can read.  

A cipher is, by definition, an alogrithm for performing encryption and decryption — a series of well-defined steps that can be followed as a procedure.

Sounds complicated, but we can make it much simpler…

Add Characters

Sounds deceptively simple, but adding a character or two that you know you won’t have in your password might fool someone.

Instead of writing down your password “Soccer1997,” change it to “Sockcier1997.” Just remember to remove the k and i, and you’ve got your password! Try not to use blatantly out of place letters like x and z.  It would be pretty obvious that they were not meant to be there.

Move Those Fingers!

Like I mentioned in my last post, moving your fingers over or down one key can result in a “word” that is difficult to understand.

Moving fingers right one key turns “Soccer1997” into “Dpvvrt2008.”  See the picture to get an idea of what I’m talking about.

Using this method, S becomes D, o becomes p, c becomes v, etc…

Now you just have to remember to look at the character on the keyboard to the left of the written letter, and bingo!

My Favorite Method

Try working your password into a sentence and write that down.

For the example of “Soccer1997,” you might write down…

I played Soccer in 1997.

or

Soccer was a very popular sport in 1997.

What seems like an innocent little statement is in fact your password, if you just know where to look.

Also try using a hint that will help you remember what your password is…

The sport I played when I was young (soccer), and the year my child was born (1997).

Last but not least, good old Mnemonics

Mnemonics is making a word or acronym out of the first letters of a series of words. So for example…

Instead of writing “Soccer1997,” you might write…

Sadly, oranges couldn’t change everyone’s response in 1997.

This sentence dosen’t make any sense, but that dosent matter.  You can even use any words you want, it dosen’t have to make a complete sentence.  When you look at the first letters and then the number you have your password and that’s what’s important.

In Conclusion

The best option is to choose a secure password and use it for everything, but sometimes you can’t do that. 

Remember, writing down your passwords is NEVER your most secure option, and should be avoided at all costs, but I realize it is sometimes unavoidable.  Try using these methods to make it harder then pulling a sticky note off the monitor or looking under a mousepad.  You might even try combining them!

If you have any crafty ideas, as usual, post them below!