If you’re anything like me, you probably have more passwords than you’d like. Passwords for your email account, maybe for logging onto your computer, for online shopping at all the different places you buy from, for Skype…
And you’re always told to choose a different one for each place. Not always easy!
But it makes sense – and here’s an example of why. Not long ago, the online radio station Lastfm were hacked into. And all their lists of people who used their services – including passwords – were stolen.
Now, they shouldn’t really have passwords stored in “clear text”. It’s possible to have them stored in such a way that you can check someone has entered the right password without actually storing the password. (Best not ask me how – I find this stuff fascinating and will go on for ages about trapdoor codes and the problem of factoring large numbers.) But for whatever reason, that wasn’t the case here… and that’s not too unusual.
The thing is, in itself it’s not so bad that the account at Lastfm was hacked. After all, it means someone can log in to your radio account and listen to you music, at least until you change your password. That’s not disastrous. And Lastfm will have blocked all these accounts until the passwords were changed as soon as they found out about it, anyway.
But the issue is if you used the same password for something else. Say your online bank or a shop. (Actually most banks don’t just use a password – partly for this very reason.)
Now the hackers have an email address and a password that you’ve used on lastfm, they can try it on the other popular sites like Amazon, eBay, PayPal and so on – and if it works on one, then that really is a problem.
That’s why it’s not a good idea to have passwords the same on different websites – at least not the same as any websites where it would be a problem if anyone else could get in.
But on the other hand, like I said at the start, I have umpteen passwords – if they were all different, how could I remember them? You could write them down, but if your house is ever burgled, you’ll have enough to deal with without the burglars also getting access to your online accounts.
So people tend to end up with similar passwords for different sites… and pick simple ones that would be relatively easy for a crook to hack.
It’s like the standard advice for choosing passwords: Choose a password that’s so complicated you can’t remember it and don’t write it down… Obviously that has it’s problems…
You can set your web browser to remember your passwords, but it’s not terribly secure. If anyone gets access to your PC (in person or over the net), they can read off your passwords.
That’s where Password Managers come in. It’s like a sort of “safe” that you keep a list of passwords in. It remembers all your passwords (or all the ones you want it too) and then when you need a password, you click on the Password Manager program and it puts it in for you. You still need to put in one password (the one for the Password Manager) but one is much easier to remember than lots… and that one can be long and complicated since it’s the only one you have to remember.
What’s more, because you don’t have to remember them all yourself, the passwords for everything else can be as long and complicated as you like.
I must admit when I first started using it, I felt slightly odd not knowing the passwords myself – but it has made things more secure for me. And if there’s one or two passwords you’re especially nervous about, you could always remember those ones yourself.
It’s not something I’m saying is for everyone, but it’s worth knowing about them and if you have a lot of passwords and struggle to remember them if they’re all different, it might be worth it.
Incidentally, those of you who’ve been reading my newsletter for a while might know I also run (along with Mike) something called my Inner Circle which gives more help with PCs, Internet and tablets. Unlike the newsletter, this isn’t just open to everyone and in fact the doors have been closed to new members for just over a year. I’m planning to open them shortly and let new members in, but only for a week or two, then they’ll slam shut again.
Keep your eyes peeled for more info about what it involves, why you might (or might not) want to join and how long the doors will be open for.
(And for members who are reading this: we’ll shortly be welcoming in some new members!)