Articles

From his column Church Tech

church-tech-05-13-1Passwords are a bane of my existence. But they are likely to be with us for some time to come, so we might as well figure out a way to manage these compounding, confounding, commandos of consent.

The easiest way to deal with passwords is to pick one and use it everywhere, Facebook, Twitter, Gmail, Citibank, your daughter’s soccer team site. To make it even simpler, you could choose something easy to remember like password, 123456, qwerty, or monkey. These four of the six most popular passwords are easy to remember (Haven’t you always wanted a monkey?) and easy to type. Unfortunately, ease of use and security are bitter enemies. If you left your key in your front door, it would be convenient, but not very secure.

The problem with this approach to passwords is that your bank account is only as safe as the least secure site on which you use your password. In other words, if you use a password in some online forum discussing odds on the next GS to be elected in Indy, and the password list of that site is hacked, it’s likely the perpetrator will try this same list at popular banking and email sites.

Passwords at work are even more of a pain to manage. They often require you to choose a capital letter, a number, and the phonetic spelling of a letter of the Hebrew alphabet. On top of that, you may be required to change it every hour on Thursdays. That’s no fun.

Another approach to keep track of passwords at work is to write them on a Post-it and stick it under your keyboard, or, for ultimate convenience, right on your monitor. When you combine this with method number one, you have just placed your diary, checkbook, and family photo album on your desk for your co-workers to have a gander. And since more than 70 percent would give up their own password for a chocolate bar, think how much more likely they would be to give up yours?

So what is a person to do?

I recommend you start by thinking of it as a “pass phrase” rather than a password. With this in mind, brainstorm a phrase that includes one or more numbers that can also represent a word, such as:

12 = want to

  2 = to

  4 = for

  8 = ate

  0 = oh.

For example, pray4peace, 0notithesunday, i8theleft0vers. Once you have your phrase, capitalize the first letter of each word, and add a punctuation mark to the end, e.g. Pray4Peace!. This is now your base passphrase. The last step, which will make sure you use a different password for most sites, is to append to the password the first two letters of the site for which you need a password. Here is how this plays out:

            Gmail               Pray4Peace!Gm

            Twitter             Pray4Peace!Tw

            Naznet             Pray4Peace!Na

By memorizing this pattern and your base passphrase, you have an easy-to-remember, unique password for every site you visit. For you overachievers out there, you can reduce your risk of identity theft even more by adding a one word variation which you only use on sites that have financial relevance (Amazon, PayPal, bank, online payments, etc.). Using the example above, you could use Pray4Joy! as your secondary base passphrase.

If you want to add a little convenience at the expense of security, you can also use the password keeper built into your browser. Just be aware that if someone gains access to your PC, they also have access to your email, bank account, etc. So if you use this type of tool, I highly recommend you use a password on your computer as well.

It doesn’t have to be difficult, but it does take a bit of time to think through your own password system, but it’s certainly worth it when it comes to protecting your privacy and to save yourself from the ignominy of having your dorm room karaoke video become the next Internet sensation.

Mark Evilsizor has worked in Information Technology for more than 20 years. He currently serves as head of IT for the Linda Hall Library in Kansas City, Mo. Views and opinions expressed are strictly his own.

Subscribe to eNews!