Tips to choose and remember passwords

One of the things that tests our memory most in life is to remember all the passwords of the various programs and sites to which we are registered.

 


According to some surveys that are done periodically, users all over the world do not strain their minds to look for original passwords, perhaps for fear of not remembering them when needed.

The most used passwords in the world are:

123456
PASSWORD
superman
696969

However, technology and imagination come to us even in this case, there are various methods that can help us.
The trouble is not only to keep in mind the password, often we must also remember the username.

The user name is slightly easier to manage, it does not necessarily have to be secret, although when the password is too simple, it can be considered as an extra element of security.
Often the username can be your email, this is an advantage, but other times you are forced to choose a name and if your favourite has already been used you are forced to invent a new one.

 


For this reason you need to memorize the username as well as the password.
The simplest way to remember the usernames of all accounts is to create a list on the paper, or on a spreadsheet.

As for the password, the thing becomes more important, a lost or stolen password could be embarrassing, dangerous or cost a lot of money.

Before suggesting how to memorize passwords, it is better to remember how to choose a correct password.
Of course, your passwords can be more or less complex based on the importance of the data that must be protected.

Features of an excellent password

  • Length = generally minimum 8 characters are required, but 15 could be a good choice
  • Character type = use at least 1 special character (for example $%;&?! etc.), 1 number, 1 capital letter, 1 lowercase letter

  • Do not = for important access, never use the same password for different accounts, if one is discovered or stolen, allother sites immediately become at risk.
  • Do not = do not use personal references of your family (names, dates of birth, etc.) without modifications, they are too intuitive and therefore easy to discover
  • Do not = do not use existing words or acronyms in dictionaries of any language, without appropriate changes, dictionary words are the first ones that are used by software algorithms designed to steal passwords.
  • Do not = do not use keyboard sequences or numbers, but if you do it, create irregular jumps
  • Do not = do not trust password meters blindly, the algorithms they use are not always infallible, it could happen that they give a high score to a long, but easily understandable password.

  • Life password = important passwords should be changed every 90 days, moreover the new password must be at least partially different from the previous ones.
    This quality rule in 2017 has been disproved. It seems in fact that users forced to change the password usually choose a new generally weaker, perhaps making simple variations compared to the previous (america1 becomes america2).
    Another reason for this criticism is that generally stolen passwords are exploited as soon as possible.

  • Do not = with regard to security questions, be careful not to fall into the trap, creating too simple questions and answers to recover your forgotten password could be a serious mistake.
    A hacker who knows you or has read, for example, your Facebook profile could find the answer.
    But there could also be the opposite problem, you've created a security question that's too hard and you do not remember it anymore.

  • Stolen password = in case you lose documents or memos that contain your password, or you notice strange events in your archives, change your password immediately.

  • Two-step verification (double key) = do not forget to use this method when possible, allows you to use simpler passwords and offers more guarantees.

Useful tricks to remember

  • Solution 1 - Memorize all passwords with easy to remember methods. Replace the letters with some numbers or characters that resemble phonetically. For example: "you-are-first-for-me" = "uare14me".
  • Solution 2 - Write all passwords on a list, paper or spreadsheet, but reverse or change the sequence of characters with a precise method that only you know. For example: add fake characters, reverse the sequence of part or all of the password, change the phonetics of some characters, etc.
  • Solution 3 - Remember numbers and letters with particular associations that facilitate your memory, for example images or important events, words modified in a language different from yours.
  • Solution 4 - Create phrases with improbable grammatical errors, blend different languages ​​and / or dialects into the sentence, add unpredictable punctuation marks.
  • Solution 5 - Think of a long enough whole sentence, then use only the initials of each word and the punctuation. For example "How are you Anna? I go to cinema, this evening! " becomes "HayA?Igtc,te!"

Programs to remember

free

  • Google Smart Lock
    Google service that saves your passwords on the cloud and allows you to use them every time you access from a PC with Chrome or smartphone with Android.
    You can activate Smart Lock from an Android phone, or from a PC with the Chrome browser.

    Smart Lock has two functions:
    Android smartphone protection (minimum Android 5)
    management and password protection

PRO
- you can protect your phone better
- you can configure your voice to allow the exclusive use of Google search
- you can set your face to activate auto-unlocking when you look at your phone.
- archive all passwords and synchronize them with other devices with Chrome browser
- you can choose if some particularly secret passwords should not be stored by Smart Lock

CONS
- minimum Android 5
- at the moment it does not work with Apple devices or with browsers other than Chrome

  • KeePass
    Free and Open Source. Very well evaluated by many commentators.
    Create an archive on your server that contains all the passwords
    Supported by Windows Vista and later operating systems. There are also versions for many other systems such as Android, MacOS, iPhone, etc.

PRO
- all passwords are on your server or personal computer or phone
- your devices can be synchronized via a cloud, for example Google Drive
- your passwords are not in a global system that could be attacked by hackers, with mass theft, as happened in the past to organizations like Facebook.

CONS
- you have to devote some time and attention to install and configure the program on all your devices

Partially free

  • LastPass
    you can use it directly by installing an add-on on your favorite browser.
    In its basic version it's free, you pay a small amount to get more advanced features.

PRO
- easy to use

CONS
- to synchronize PC, smartphone and Mac you have to subscribe to the premium version.
- your passwords are stored in a global system, very well protected, but with a potential risk that can not be eliminated.
- you must be online to use this program, you cannot use it to open files on your computer when you do not have internet available.
- main password recovery procedure limited to suggestions only. If you cannot remember the main password, all the memorized passwords are lost.

Paid

  • 1Password
    professional password archive, allows you to store not only passwords, but also credit card data, personal documents, etc.

PRO
- you can choose to store data only locally or synchronize the database with your other devices by means of various cloud available such as Dropbox and iCloud
- very high and configurable levels of protection.

CONS
- expensive compared to other reasonably equivalent solutions.

Precautions during use

  • Never save the password on your computer, if it is not your PC, used exclusively by you.
  • Remember that the passwords saved in your browser are easy to download with "steal password" tools from someone who can access your computer.
  • Do not write your password when there is someone behind you who could understand what you are typing.
  • Never communicate your password to anyone, not even partners, relatives, friends, colleagues, if you cannot avoid it, change it immediately afterwards.
  • Never write a password, without substantial changes, in easily accessible places.
  • Never use the same password already assigned to an important account.
  • Never send your password by email.
  • Do not write your password on programs you have opened by a link (Phishing possible).
  • Whenever you doubt that you have made an error about protection of your password, change it as soon as possible.

Memorize the passwords with the browser

One of the simplest things we have all learned to do with passwords is to save them on our PC or Smartphone.
This is a useful method for all unimportant sites, where you assigned a password just because you were forced to, but for security it is the worst thing you can do.

There are malware invented on purpose to download these passwords.
Also for those who have access to your PC it is very easy to see the list of passwords used.

Below you can find how to see all of them.

Firefox
-> Options Menu
-> Security
-> Saved password

Chrome
-> Settings
-> Advanced settings
-> Passwords and forms
-> Manage password

Booking.com