We all know how interested I am in personal privacy and our ability to keep our information where it belongs: In our possession and not the world’s. Yes, it is therefor ironic that I have a blog, but I digress..

Earlier this evening I came across a post called How I’d Hack Your Weak Passwords. I suggest that my visitors - old and new - read that post. It contains some useful information that I really should have posted here a long time ago.

I’ll expand a bit on that post rather than copy it, and I’ll repeat some of my thoughts here that I posted to the comments of that post. I think that good information should be shared, thought on, and credited and this is one of those situations.

Good password management is a lot easier than the other privacy practices that I have suggested. In fact, it’s one of those things that you can adopt with but a few simple clicks of the mouse. After that you’ll be done and you will have very little concern about someone’s ability to break into your accounts.

My suggestions are very simple:

• Get a free password manager. Here are Google’s results and here are Ask.com’s results. There are many options available to you.
Personally I use a program called Roboform (download). It has a Free and a Pro version, but I find the Free version to be sufficient for my daily web browsing.
• Once you have the software of your choice to manage your passwords you will need to begin using it. Take a little bit of time each day to change your password at each site that you visit. Roboform makes this easy because it can generate secure passwords for you and save them with a few simple clicks, but you can also use the free Perfect Password generator web page at the trusted GRC website.

There are pros and cons to the different password manager software. Roboform could probably use a slightly better interface, for example, but it makes everything wonderfully easy by not only automatically saving your passwords but it also automatically enters them for you. On the flip side, I don’t think that it’s possible to manually enter a password into Roboform.

Other password managers may allow you to manually enter your passwords and thus could be used to store passwords for stuff that you do away from the computer. So they could store your ATM PIN numbers for example. This won’t be as convenient as the automation provided by the software that I use, but it all depends on how robust you want the software to be.

Lastly, don’t forget to back up the data that is saved inside of the password manager. If something should happen and you lose your data then you may face the frustration of resetting passwords at each of your sites via their “lost password” page. That’s never fun. So export the information from your password manager to a second hard drive, a USB stick, or a similar location other than your main computer hard drive.

Then you’re done.

If someone gains access to your social profile, or your youtube profile, or your email because they were able to easily guess your password then that’s more than an inconvenience. That will give them enough information to impersonate you, and that could quickly lead to identity theft. It’s true that we’re all just “average people” that no one would want to target, but that’s not what matters to thieves and vandals.

What matters is that you’re an easy target, so make sure that you do something to change that.

Good day folks.

Technorati Tags: hacking, privacy, security, ID theft, identity theft