I’m probably an extreme. I have hundreds of accounts, some related to my emails, shopping accounts (Amazon, etc.), to my social networks (Twitter, LinkedIn, etc.), my reward programs, insurance companies, etc. Add to that those related to my websites, and you easily reach several hundred logins and passwords.
How I Used To Manage Things
It used to be fairly easy. I would more or less have the same login everywhere (either my name with numbers at the end or my email) and the password would be a similar concept. So for example I would use:
And could add characters depending on how secure that login needed to be. Basically, I had 3 or 4 different passwords that were being used over and over. Then I heard about a few different hacks where databases were accessed and published that contained logins and passwords. It made me think. Then, a site that was a member of (Stratfor) was hacked and the group published all of my information including my login and password on the internet.
Imagine if someone was determined. He could basically try my email with that same password on dozens of sites and would eventually be able to access something like my Zappos account, maybe my email, etc. Then, the fun (for him) would start. From my email he could reset tons of my passwords, could end up ordering stuff, etc. It could get very ugly very fast.
No Obvious Solution
Most of us have many more passwords than we could possibly remember. I know that some people write them down on paper, keep an excel file (hopefully not named passwords!), or use an application that saves all of those passwords. That seems even scarier to me. Just imagine if someone was able to get access to a file that had all of your passwords. That would make it a piece of cake! They could access my email, my bank accounts, my dropbox, etc. I really struggle with this. Am I the only one?
What I Ended Up Doing
There are 2 different things that I now do in order to make life more difficult to someone who could stumble upon one of my password.
1-I’ve changed my “standard” password. For example I’ll add 2 characters at the start and end of the word such as:
Xx could be the 2 first characters of the site where I’m at for example. That would make it much more difficult. Now of course, someone who has enough time could probably figure it out but I just feel like there is no perfect solution.
A few websites, such as Gmail and Dropbox offer this where in order to login you need both the password and a temporary code sent to the registered mobile phone. That means a hacker would not only need my digital information but also my physical phone. It’s possible but becomes much more difficult.
How about you? What did you end up doing in order to protect your online accounts/passwords? Do you worry about it at all?