Creating Strong Passwords
remembering many different passwords is difficult, people often reuse a
small number of passwords across many different accounts, sites, and
services. Today, users are constantly being asked to come up with new
passwords—many people end up reusing the same password dozens or even
hundreds of times.
Reusing passwords is an exceptionally bad
security practice, because if an attacker gets hold of one password, she
will often try using that password on various accounts belonging to the
same person. If that person has reused the same password several times,
the attacker will be able to access multiple accounts. That means a
given password may be only as secure as the least secure service where it's been used.
Avoiding
password reuse is a valuable security precaution, but you won't be able
to remember all your passwords if each one is different. Fortunately,
there are software tools to help with this—a password manager
(also called a password safe) is a software application that helps
store a large number of passwords safely. This makes it practical to
avoid using the same password in multiple contexts. The password manager
protects all of your passwords with a single master password
(or, ideally a passphrase—see discussion below)so you only have to remember one thing. People who use a password
manager no longer actually know the passwords for their different
accounts; the password manager can handle the entire process of creating
and remembering the passwords for them.
For example, KeePassX is an open source, free password safe that you keep on your desktop.
It's important to note that if you're using KeePassX, it will not
automatically save changes and additions. This means that if it crashes
after you've added some passwords, you can lose them forever. You can change this in the settings.
