How to Store and Remember Your Passwords
Many websites ask you to enter a username and password. If you’re buying an item from an online store such as Amazon.com, you create an account with a username and password that you enter every time you want to buy something. Amazon.com remembers your name, address, and credit card information as part of your account, so you don’t need to enter it every time.
If you want to read The New York Times online, you create an account with a password, too. The account remembers what kinds of news you’re interested in reading. After you use the web for a while, you pile up a heap of usernames and passwords.
And widespread use of smartphones and tablets means that passwords are even more ubiquitous. Many apps require login, either for security or for data syncing. Even your device itself may require a PIN, password, or some kind of identifying action to gain access.
When a web page asks for a username and password, your browser may pop up a little window that offers to remember the username and password you enter, or the question may appear just above the top edge of the web page. If you click Yes, the next time you arrive at the same page, your browser may fill in your username and password for you.
Depending on who else has access to your computer, you might let your browser remember passwords to only those accounts that don’t involve spending money or revealing personal information.
Unless your computer is in a physically secure place, don’t let your browser remember passwords that have any real power.
As mentioned earlier, the standard advice is to construct passwords from a mixture of letters, numbers, and symbols; to assign a different password to every account; to never write down passwords; and to change them every few months. Most people have dozens of accounts and ignore this advice because only a truly unusual person can remember dozens of different random passwords and which account goes with each one.
Here’s a suggested compromise. Make up one good password to use on all your low-risk accounts — accounts in which letting someone else gain access has little consequence, such as online newspaper subscriptions. Use different passwords for the accounts that truly matter, such as online banking.
Writing down these passwords and keeping them in a safe place is better than picking a password that’s easy for someone to guess. Don’t list your passwords in your desktop Rolodex or on a sticky note stuck to your computer’s monitor.
If you do write down any passwords, remember that you and only you should have access to that record.
You can also use password management programs like 1Password or LastPass to manage all of your browser-based passwords securely. These programs encrypt your passwords and restore them when needed, locking them away when not in use.
Do your research and stick with the big names on this one. If you can’t find any reviews or respected authorities talking about and endorsing the app, it isn’t good enough for you. Word spreads quickly about bad software, so go with only the well-known quantities.