Make us your home page
Instagram

Today’s top headlines delivered to you daily.

(View our Privacy Policy)

Here's how to keep your passwords safe and accessible

Online shopping and bill-paying are convenient. Keeping track of a dozen complex passwords, on the other hand, is the digital equivalent of herding squirrels. Here to help is Chris Trautwein, chief information security officer for (ISC)2, a nonprofit that educates and certifies information security professionals. Before we explore his three recommended approaches, let's get his least favorite out of the way: using the same password for all your accounts. Trautwein gives the popular one-person, one-password approach a devastating zero out of four stars. If hackers get that one password, they get them all. Don't do it. Here, then, are Trautwein's favorite strategies. Degree of difficulty: easy. If you can handle a desk calendar, you can do this.

It's in the vault

Trautwein says the most secure approach is password vaulting, in which you choose a master password that gives you access to an encrypted database containing all of your other passwords. Popular vaults include KeePass (keepass.info), which is available as a free download, 1Password (agilebits.com/onepassword) and RoboForm (roboform.com).

Many vaults can automatically fill in your password information when you're online, meaning that you only have to remember one (master) password.

Trautwein says he doesn't endorse any particular product, but, overall, he gives the vault approach four out of four stars for security.

Keep a list

Another popular approach is the password-protected Microsoft Word document or Excel spreadsheet, which gets three out of four stars from Trautwein. This option isn't as good as a vault, he says, but it's better than just about everything else. To create a password-protected Word document, go to the Word menu and look for options such as "information protected document" and "encrypt with password."

Paper proof

The old-fashioned offline approach — a sheet of paper that lists all of your passwords — gets anywhere from two to four stars from Trautwein, depending on who is using it. If you're a college student living in a dormitory with a lot of people who may have access to your room, keeping a paper record of your passwords isn't a good idea, he says.

But if you live in your own home with a trusted significant other, paper can be a three- or four-star solution. Make an unlabeled list with your accounts and your passwords and put it somewhere secure, such as a safe or an unlabeled folder in a file cabinet.

Safety first

Whichever approach you take, Trautwein wants you to consider these tips:

• Choose passwords of eight characters or more, each with upper and lower case letters, at least one number and at least one special sign (%,$).

• Change your passwords every 90 days.

• The safest passwords don't contain words, which are vulnerable to hackers using tools that churn through every word in the dictionary.

To make passwords more manageable, consider using a phrase as your starting point, he says. For instance, a Detroit Tigers fan might start with the phrase "Miguel Cabrera was the MVP," then take the first letter of each word (capitalizing where appropriate) to come up with MCwtMVP. Add a jersey number and a special sign and you have MCwtMVP.24.

Here's how to keep your passwords safe and accessible 05/15/13 [Last modified: Tuesday, May 14, 2013 6:15pm]
Photo reprints | Article reprints

Copyright: For copyright information, please check with the distributor of this item, Chicago Tribune.
    

Join the discussion: Click to view comments, add yours

Loading...
  1. Video: Rays Souza on that oh-so-bad dive, and reaction from Twins fans

    Blogs

    What was Rays RF Steven Souza Jr. thinking when he made that oh-so-bad dive for a ball in the seventh inning Friday? Well, we'll let him tell you ...

  2. What was Rays RF Steven Souza Jr. thinking on that comically bad dive?

    Blogs

    What could Rays RF Steven Souza Jr. been thinking in the seventh inning Friday when he dove for a ball and came up yards short?

    Actually, he insisted after all the laughing, teasing and standing ovation from the Twins fans was done, it was a matter of self-preservation.

  3. Judge tosses life sentences for D.C. sniper Lee Boyd Malvo

    Nation

    McLEAN, Va. — A federal judge on Friday tossed out two life sentences for one of Virginia's most notorious criminals, sniper Lee Boyd Malvo, and ordered Virginia courts to hold new sentencing hearings.

    A federal judge has tossed out two life sentences for D.C. sniper shooter Lee Boyd Malvo. [Associated Press, 2004]
  4. Zbigniew Brzezinski, President Carter's national security adviser, dies

    News

    Zbigniew Brzezinski, the hawkish strategic theorist who was national security adviser to President Jimmy Carter in the tumultuous years of the Iran hostage crisis and the Soviet invasion of Afghanistan in the late 1970s, died on Friday at a hospital in Virginia. He was 89.

    Zbigniew Brzezinski, former national security adviser to President Jimmy Carter, participates in Senate Foreign Relations Committee hearing on Capitol Hill on March 5, 2009, in Washington, D.C. [Photo by Mark Wilson/Getty Images]
  5. USF eliminated by UCF in AAC baseball; Florida, FSU, Miami win

    Colleges

    CLEARWATER — Roughly 16 hours after a ninth-inning collapse against East Carolina in the American Athletic Conference's double-elimination baseball tournament, USF returned to Spectrum Field presumably set for a reboot.

    It simply got booted instead.

    ’NOLES win: Tyler Holton gets a hug from Drew Carlton after his strong eight innings help Florida State beat Louisville.