Table of Contents




Technology Today - April 2014 - Passwords - The Pain of Passwords
By Robert Sanborn

Passwords, the pain of passwords. Do you have any idea as to how many different passwords you should be using? For me, I quit counting when I got into three digits. And you know, they want it to be unique, strong, and easy to remember. Right. It is a royal pain. I live on the internet. All my travel is done through it, nearly all of my shopping other than groceries and of course I know I can do it there as well. And speaking of shopping, went to my local Barnes & Noble to shop for some books and the clerk tells me that if I buy them online, it will cost me less for the books I wanted online than to buy them in the store and that including shipping; and that is what he did while I stood there. Made me wonder why I bothered to go to the store. But back to passwords, between Target allowing hackers to gain millions of credit cards and this latest with Heartbleed, it just brings home the need to better manage and update your passwords.

With Target, I recommend replacing the credit cards even if you haven’t been yet hit. With Heatbleed, if you have been doing any kind of financial transactions online, better first make sure they have fixed the holes that have been uncovered, and then change the passwords. So, what is a strong password? To make it as easy as possible, use both upper and lower case letters and throw in a number or two. And if you only deal with a few passwords, you can make it easy to remember by throwing a couple of common words together that make sense to you. How about something like “Friday2Home” you can see how strong your password is by using a number of sites. 

Steve Gibson’s Haystack checker gives you a neat perspective on how long it would take to crack your suggested password: https://www.grc.com/haystack.htm  and one point he makes is the longer the password, the better. Microsoft also has a password checker at: https://www.microsoft.com/en-gb/security/pc-security/password-checker.aspx  and even Intel has a site to check a possible password name at: https://www-ssl.intel.com/content/www/us/en/forms/passwordwin.html though they don’t want you to enter your own passwords so use it as a guide. 

Heartbleed Image

As to Heartbleed, you can use this site to see if your bank, financial institution, or travel site is secure: https://filippo.io/Heartbleed/

Now that you have thought about changing all those passwords, how do you keep track of them? The good news, there are a couple of utilities out there that do a pretty good job and I have heard of recommendations from lots of people.  Infoworld did a review on password managers a couple of years ago that is still worth taking a look at: http://www.infoworld.com/d/security/review-7-password-managers-windows-mac-os-x-ios-and-android-189597

Roboform Everywhere gets top marks from a lot of sites: http://www.roboform.com/ and one that I have been using for several years now is eWallet from Ilium Software: http://www.iliumsoft.com/   I like it because I can keep it on my computer as well as sync it to my iPhone.

While several anti-virus and internet security packages also have password managers, I would recommend not using them mostly because if you change your security package in the future, you may have to go through the process all over again.



Robert Sanborn

Copyright 1999 - 2014 PC Lifeline