200 – All About Passwords
Announcements
- WordCamp Ann Arbor is this weekend. Register Today!
Is there a plugin for that?
With more than 50,000 plugins in the WordPress repository, it’s hard to find the perfect one. Each week, I will highlight an interesting plugin form the repository.
For more great plugins, download my 50 Most Useful Plugins eBook.
Flyzoo Live Chat From communities to online shops, from web radios to blogs, Flyzoo is the perfect chat solution for your website. Engage your users in chat rooms and private (one-to-one) chat conversations. Meet your customers and close more sales with live support chat.
All About Passwords
A few weeks back, 5 Million Gmail Usernames and Passwords were leaked. In this 200th episode of Your Website Engineer Podcast, I felt it was time to talk about general good practices for password management.
Here are some tips about creating strong passwords:
- Create unique passwords for every online account that contain numbers, letters and symbols
- Don’t use passwords that have dictionary words
- Don’t use confidential information like birthdays or phone numbers
- Avoid making passwords have adjacent keyboard combinations, like qwerty or asdfqwer
- Never use your email password for any other online accounts
- If you need a long strong password that’s easy to remember, try using multiple words like song lyrics or poems and include the spaces
Our brains weren’t created to store all of these crazy passwords, so I’d recommend using a tool to remember / generate complex passwords.
The two that I recommend are:
Call To Action
Set up a plan for how frequently you change your passwords. I change / update 10 passwords each week. As I go thru this process, I also close accounts that I no longer use / need.
Hey Dustin, I’d like to add a recommendation for another great app I don’t see mentioned as often, Password Wallet by Selznick. I’ve been using it since my Palm days, and it’s available for nearly every platform and syncs between devices.
There are a few reasons I prefer it over 1Password or LastPass. First, I don’t like online storage and operation for passwords (like, I think LastPass). I store everything important in mine, including lock combination, credit card numbers and info, etc. In other words, things I might want when I’m offline. I also like to have the file locally so I’m in control over where it exists and I can easily backup and archive it at will.
And, I like it better than 1Password (which I tried and really wanted to like!) because 1) it’s WAY more screen-real-estate efficient on OSX and 2) because it has auto-type ability. The latter means that I can use it with just about anything that can be typed into, not just browsers (like 1Password). I can fill in serial numbers for software registration. I can type in passwords into terminal sessions. The list goes on.
My only critique of it is that, IMO and experience, the sync capability isn’t quite up to dealing with multi-user access. I’ve tried it and am just not confident enough to trust it. That said, it syncs just fine between my devices (I always sync my iOS devices over WiFi directly to the ‘master’ computer. I keep the files on Dropbox (with PackRat for version history), but just make sure I only open it on one device at a time. (The instructions say to not keep the file on Dropbox, but this is because the auto-sync capability can conflict with Dropbox storage… but I don’t use that feature.)
Anyway, whatever app you use, make sure you have good backup and versioned archival in place. I’d NEVER trust any app or on-line service that didn’t let me control this data file. If you corrupt or lose that file, it would be REALLY bad.
Oct 1, 2014