Seems like we can't go a week anymore without hearing about some major security breach at LinkedIn or Yahoo! or some other website, where user accounts were compromised and data potentially stolen. While there's a lot the sites themselves need to do to make it harder to steal our info, there's also something we need to do -- use strong, unique passwords for each and every site.
Whether it's iCloud, iTunes, Gmail, Facebook, Twitter, Amazon, Dropbox, or any site that has access to our credit card information or personal data, it should be locked down for our protection. Even sites like iMore should be secure so no one can use our account but us.
Here's how to set up strong, unique passwords and keep your data safe.
Seriously. Once you start employing strong, unique passwords, it will be impossible to remember them all yourself, and if you write them down you destroy any strength they have. That means you'll need a password manager.
Good password managers typically aren't free or cheap but don't look at the cost -- look at the value. Spending a few bucks up front is way less expensive -- in terms of both time and money -- than having your data stolen and having to deal with the repercussions later. Just like you buy a lock or alarm for your house, car, even gym locker, buy a lock for your data.
The way a password manager works is that it can generate strong, unique passwords for you, save them securely, and auto-fill them when you need to login to a website..
Here are some of the ones we've reviewed and that have good cross-platform support. (It's important to pick one that runs on all the devices you use.)
Realistically, you'll still have to remember a few passwords and passcodes -- the one that unlocks your password manager, of course, and also the ones that unlock your iPhone, iPod touch, and iPad, or logs you into your desktop computer before the password manager can run. There may also be websites you may need to access from someone else's computer, like iCloud or Gmail, if you don't have any data access on your phone while traveling.
For the password to login to your Mac or Windows PC, or to unlock your password manager, you still want something strong but you need something you can remember. If it's not strong, someone can break in, and all your other passwords suddenly become worthless. If it's not easy to remember, you won't be able to use it, or you'll write it down, which either locks you out or, again, makes all your other passwords vulnerable.
Here are some dos and don'ts when it comes to making a strong-enough password that you can still remember.
Now that you have a password manager that can generate strong, unique passwords, and you know how to come up with you own fairly strong, fairly unique ones for the few sites you absolutely have to keep in your own memory, you need to go change your old broken for the new hotness.
Typically this involves typing in your old password to authorize the change, and typing in your new password twice to make sure it's accurate. Some sites might also use a CAPTCHA system and make you copy some words or characters that appear in a box. (That's to try and make sure you're not a "robot" program attempting to hack the account.)
A good place to practice changing your password is right here on iMore.
Note: Because iOS doesn't allow browser extensions, you'll have to use the embedded browser within your password manager if you want to generate and save your new passwords while mobile.
The process for changing and strengthening your passwords for other sites, like iTunes, iCloud, Gmail, Facebook, Twitter, etc. are very similar to the above. Here are links to the account or password change pages for them:
Security is in constant conflict with convenience. Using strong, unique passwords can be a hassle to remember and chore to input, especially on mobile devices. But having your password and data stolen is a far, far bigger hassle. A great password manager app can help bring harmony your security.
So pick a password manager, set aside some time, and make all your passwords strong and unique. Then, next time you read a headline about some website being compromised, you'll be glad you did.
And if anyone else has any ideas on how to make passwords strong, unique, and still keep life as user friendly as possible, add them to the comments.