We want to have secure passwords but there are SO MANY to keep track of! Some services want a password with 8 letters or numbers, one special character, one capital, etc. Others, something different. To keep track of all of them, many of us write them down, immediately making your online life less secure should that list fall into the wrong hands, or get lost. How can this be made more manageable? The following steps do not take too much effort, but it is effort well spent.
1. The login details you use to access your email account should NEVER be reused for any other website!
This is because your email address is how most of your password reset/lost password requests are handled. If any one of the websites you use suffer a cyber attack, usernames, passwords, and email addresses are frequently revealed to the hackers and sold on the dark web. The first thing they will try is to log into your email with the same password, and viola, they are in!
2. Online Banking passwords should never be reused on other websites, and changed regularly. If you do need to write it down, use only privately known hints or words with placeholder X's in place of some of the characters, and keep these hints in a safe place. Do NOT ever allow your browser save your banking password(s).
3. Use/enroll in 2-Factor or Multi-Factor Authentication EVERY TIME you are prompted to. Ideally, use an Authenticator App on your smartphone (Google Authenticator, Microsoft Authenticator) rather than your cell phone number. The latter can be stolen and used by hackers.
4. Use a reputable password manager to remember all other login details. This can be built into your Operating System (Apple's iCloud Keychain) or a third party password manager.
5. If you use your browser's password manager, be careful to not save ANY website logins that contain financial or personal information, as described above. This feature should be used only for convenience for logging into low-risk websites like Neighbourly, Instagram, Twitter, Stuff, other Newspapers or Blogs, etc.
Even here, let the browser suggest and save a unique password for each of these services.