3rd August 2001

Maintaining multiple passwords has to be the single largest pain- in-the-fingers, even though it's the most important element of a data transaction. Not all Web sites are secure in their structure, which means that passwords are often sent as plain text -- leaving them primed for capture and exploitation. How many accounts have you created that use the same username? How about the same password? If you're a frequent surfer, it doesn't take a lot of imagination for someone to trap this information, then take it to any number of similar sites on the Internet to see if an account can be compromised. Knowing how easy this truly is, you should be taking some precautions in order to protect yourself and your passwords. The most obvious step is to not use the same password more than once, though the list doesn't have to be very long to forget one or two (or twelve) along the way. You might record your passwords in a secure application, many of which are available for free on the Internet (beware of spyware though). This ensures that you only really need to remember one password, which gets you to the rest of them. If you can find an application that supports encryption, so much the better.

Also recommended is to use long passwords with mixed character cases and special characters if the system allows, as this decreases the likelihood of random guessing or brute-force discovery of the password. For important sites, such as banks, online brokerage accounts, or systems that you maintain, be sure to change the passwords often. Oh, and don't scribble your password on a sticky note and slap it on your monitor. Some people do indeed still do this in a corporate setting. Unbelievable! My suggestion? Start with a system and stick with it for a long period of time. You'll find that smarter sites will have a "Forgot Password?" feature ready and waiting for your click -- in case your memory isn't as... isn't as... good as... that thing I was gonna say. Darnit.