We all do it, it’s easy. You don’t want to remember a dozen passwords so you just makeup a simple one and use everywhere. It’s no big deal, until a service you use that was not important is hacked and the “one” password is now exposed and is fed to a bot that will try every possible bank and service to see what they can get.
Another common mistake is choosing names in your life, past or present for the password or reset questions. That was the mistake Sarah Palin made.
There is also the rule method. With this method you devise a formula and use it to make a self recoverable password. The simplest example is the all ways fun igpay atinlay. As with all things that can be made by a plan they can be undone. There is no simple way to make a robust password plan. It will require variety, random choices and lies.
One plan could be to create a tier of passwords:
- Highly secure with eight or more characters including numbers and capitals like fFer55$5$ERTGgH. Use these with banks and sites that can affect your life directly.
- Moderately secure with eight or more characters. A pass phrase is good here like, supercalifragilisticexpealidocious. Use this for sites that you pay to use and may have your credit cards attached.
- Moderately secure with just eight characters. for example MoonBeam. Use this with sites that you access for information but can’t purchase items or send email on your behalf.
The More passwords you have the better though. To that end I use a service called LastPass. There are other services and the browsers them selves can store passwords. LastPass has plugins and extensions for Chrome, Firefox and a tabbed browser for IOS that make it a better choice for me.. They have a free version and a paid version with more services. I current use the free version. It will save the password for any site and fill in the username and password fields when you go to each site. They also has a password generator that can create a random password of long length for your protection.