Once again, hundreds of millions of passwords used in e-mail accounts were stolen this week. And, again, we're being told there's only one way to keep ourselves digitally safe: Change our passwords frequently, with hard-to-figure combinations of upper- and lower-case letters, numbers and symbols.
This week we asked the panelists on the #Talking Tech Roundtable podcast how they go about it. You'll be amazed at this simple tip from
a Google product manager. If it could work for him — he's never been hacked — perhaps we need to revise our password strategies and make them easier to recall.
The most commonly used
password continues to be "Password" "123456" your street address or name of kid or pet. But Rachid El Guerrab, a product manager for Google's 360-degree filmmaking Spotlight Stories initiative, has a simpler, more refreshing to go about it. He goes long. Very long, with super-lengthy sentences that happen to mention the websites name in there. Tricky combos such as PETAL$WORLD#%H "makes more problems than it solves," he says. "Passwords are hard to crack when they’re long."He says you should make up a sentence like "Iloveusatodayfordeliveringfreshnewsontheplanetofearth" and customize it for any website."It will be easy for you to remember and much safer than any of the weird symbols and capitals that you'll probably forget," he said.
Stephen Cobb, a senior security researcher at ESET, a San Diego-based security provider, agrees that length is good, but "I prefer not to use many real words in there," he said. He also notes that if the sentence was discovered by a hacker, the digital identify would then be "compromised." Cobb recommends the long sentence, but with the usual collection of upper- and lower-case letters, numbers and symbols.
John Tabis, co-founder the Bouqs Company, an online floral delivery firm, grew up in a family where everyone has a nickname. Thus, his passwords are a combo of a nickname, birth date with extra characters thrown in. "That way, I'm never using my sister's name Sarah," he says and the password is unique. Charley Melbye, co-founder of the Everalbum online photo sharing app, gave up on trying to come up with unique passwords some time ago. He uses the password manager 1Password, a $64.95 app that creates hard-to-crack passwords and stores them on the desktop and mobile. "That way, you just have to remember one password to unlock them for you," Melbye says.
Here at #TalkingTech, we're fans of the similar Dashlane app, which is free for a handful of websites, $39.99 annually for syncing to both mobile and desktop. The app remembers your passwords, and creates unique toughies like m3$GG0^7***HTC. When you go to a website, just type in your one, master Dashlane password, and you're in. When you've created an impossible to remember password and you're in the bedroom with your Roku, Apple TV or some other TV device, and you're asked to sign in to Amazon, Verizon or elsewhere — and there's no password manager to help — you're hosed. Somehow pulling up the manager on the phone and slowly typing in the keys on the poor responding remote control just never seems to cut it.