My Gmail account was recently compromised. Yes, mine. Someone was able to figure out my password and log in using, as far as I can, a mobile device in France. It was an old version of my password and it had been the same since I started my gmail account forever ago. I guess I was due.
Create a better password
Anymore, your life is filled with passwords. Passwords for email, for Facebook, for Twitter, for your bank and even for your car. Hell, even Windows 7 now practically forces you to have a password (about time) and Mac OSX has since forever.
If you work for a medium to large sized company that is doing it right, you are already familiar with the pain-in-the-ass that is known as password management. Every 30 – 90 days you are prompted to create a password that might have to meet some of the following criteria.
- Be at least 7 characters long
- Contain alpha and numeric characters
- Contain a symbol or a capitol letter
- Not be the same as any of your previous passwords
There are even some websites that have gotten to the point where you need to do that. It’s crazy making!
I’m not really the right one to ask when it comes to password management. I don’t use an app. I don’t have a system. I do have 2 or 3 or 4 different passwords that I cycle through, depending on what it is for and how secure I need it to be.
- 4 digit PIN for voicemail and the like
- 6 digit password that I have used forever. Low security, all numeric
- A modification of the above password that contains 1 alpha and 2 extra numbers.
- An 11 character monster that contains alpha, numeric and symbol(s) that can be modified to fit the most demanding of password constraints
- 2 others that I barely use, but they are always on deck, just in case.
I do it this way because it’s easy. Easy to remember, easy to use, easy to implement. Is it the right way? I’ve read not, but it’s a way that works for me. I know that you among us that are part of the tin-foil hat wearing crowd are probably developing a bit of twitch right now since you only use randomly generated passwords that are never less than 14 characters long (and usually closer to 64) and carry them around in a text file on a USB thumb-drive every where you go. Personally, I think that’s overkill.
Nobody knows my 4th password. 1 person besides me knows #3 and #2. 2 people know my 4 digit pin. Google all you want and you will never figure out any of them based on anything you find about me. They aren’t written down anywhere either. So, I think I’m in pretty good shape.
The only thing that I could do better is change the passwords on a regular basis, which I’m about to change. I have set a reminder to change all passwords where they are the most important (bank, Gmail, FB and Twitter) every 30 days. The last thing I want is anyone hacking into any of my accounts so they can send spam to my address book or to any of my followers.
If you haven’t changed your passwords in more than 6 months, now would be a good time to do just that. Make them easy to remember, don’t write them down, don’t tell anyone. If you need help, a quick google search will sort you out.