We want to have secure passwords but there are SO MANY to keep track of! Some services want a password with 8 letters or numbers, one special character, one capital, etc. Others, something different. To keep track of all of them, many of us write them down, immediately making your online life less secure should that list fall into the wrong hands, or get lost. How can this be made more manageable? The following steps do not take too much effort, but it is effort well spent.
First, there are a few key rules regarding best practice.
1. Your email password should be unique, and changed fairly regularly.
By unique, we mean do not use this password for anything else. This is because your email is how most of your password reset/lost password requests are handled. If any one of your services suffer a cyber attack, usernames, passwords, and email addresses are frequently revealed to the hackers. The first thing they will try is to log into your email with the same password, and viola, they are in! Do NOT allow your browser save this password.
2. Banking or any real money accounts (Paypal, iTunes, Trademe) passwords should also be unique, and changed regularly.
Do NOT allow your browser to save these passwords.
3. For websites that need not be secure, have a bank of about 3 easily remembered passwords to use, depending on complexity required.
These passwords can be safely remembered by your browser too, and if you log into your browser, these passwords will sync on all the devices you use. To make this password most adaptable to various password requirements, include a special character, a number, and a capital letter.
How will you remember all these passwords? Choose a theme, and then substitute certain letters for numbers and symbols, and keep it consistent so you can remember it.
Perhaps your email/banking passwords will be childhood friends or the schools you attended. Or your favourite national parks, or native birds, a stratigraphic section of rocks, or recipe titles+page numbers from your favourite recipe book. Do the same for your other passwords, but make sure none of your "themes" are available in online databases. Google yourself, make sure you see what others can easily see about you. Don't use any of that information in your passwords.
If you plan well, you can operate safely online with only three passwords to remember at any one time.
For the websites that require special characters, always use the same one and perhaps add it to the end of your usual password.
And remember, cybercrime is only going to get worse over time, and the better you manage your passwords, the safer your information will be.
Find more about saving your passwords in browsers here.