This week Simon has asked me to write about passwords. We have clients again and again asking for help accessing a vital or already paid for service which they cannot get to because the password has been lost.
You will have noticed that security has become a big deal over recent years and that companies are now insisting that you have passwords for everything. This is especially true for services you can access online. No doubt you have a password to turn on your computer, for your email, your banking app, your Apple account, your Microsoft account, your Google Account, your Trade Me account, and about fifteen other accounts as well. I even have a password now for ordering pizza. Some of them will require two factor authentication, sending a pin number to your phone before giving you access. Some will allow you the option to stay signed in and in our experience these are the most dangerous, not just because you’re not actually using the security the password provides, but because over time you will forget that you even need this password, and then you will forget what it is and when you need it you’ll be out of luck.
You will also have noticed that every provider has different requirements for what your password should look like, and I know that you’ve tried to reuse your password and keep it the same (against the security advice you’ve heard), but varying requirements mean you can’t do that either. So now you have 3 or 4 variations on your standard password and you’re telling yourself that you’ll remember which variation you need for each application. But I’m going to tell you what you know to be true – you cannot remember all of these, there are just too many. You’re going to have to bite the bullet and organise your passwords.
There is only one password that you should commit to memory and never record, and that’s your online banking password. You’ll find this one easy however because you use it all the time. Never reuse this password elsewhere, and always use something that no one could ever guess if they had your basic personal details. Scammers and thieves are very good at guessing.
So, what to do with the rest of your passwords. There are apps which will keep all your passwords in one place for you but bear in mind that every password (except your banking password, see above) will then be accessible to anyone who can get into that one place. The best bet is an actual physical notebook (gasp), which I’ll admit will require the rediscovery of the ancient art of using a pen. Of course should anyone get hold of your notebook you’ll have the same problem but in this day and age you’re far less likely to have your security compromised in the real world than you are online.
1 – Whenever you record a password, take note of the username as well, it is frequently but not always your email address, and some people have more than one email address anyway.
2 – Take note of capitals and lower case letters, passwords are almost always case sensitive.
3 – Record your password and username immediately on creating one. You will not remember to do this later.
4 – Never record your online banking password anywhere. Make it something totally random and un-guessable. You want spouse or BFF level un-guessable here.
5 – Passwords you rarely use are the most important ones to take note of because you’ll never remember them, and these are frequently the ones you’ve paid for, like your Microsoft account for example.
6 – If your service provides a password retrieval service, make use of it. You might have the option to use your mobile phone or another email account in the event that you lose your password.
7 – Don’t rely on others to remember your passwords, even if they have set up your account for you. Companies don’t keep passwords as a matter of confidentiality, and your friends and family are having enough trouble remembering their own passwords.