RSA Security’s newest password management survey found that one of the greatest threats to corporate security is the weak password. Employees that change their too often, or have to juggle too many passwords for login to various services, are likely to choose weak passwords or even write them on a scrap of paper near their station. I am a little suspicious a survey that highlights RSA security as the solution to this problem, but it is valuable to stop and ask yourself “Do I have too many passwords to keep track of?”.
Sure, too many passwords lead to “irresponsible password behavior”. A single login and password for every service is usually a bad idea, too. Once an intruder has access, they could wreak tremendous havoc.
A sensible alternative is to choose Four passwords that you can actually remember. Make each password incrementally more random, if possible. Choose the weakest password, and use it to sign up for services that only need a password for the most rudimentary of tasks. Use the “second level” password for sites that may have some personal information – your name, address, etc. Save the “third level” password for sites that have your credit card on file. The final password is to be used only in online banking and/or paypal.
Gee, so simple. But who can keep track of Four passwords, anyway?! Good luck out there – no one ever said good security was easy!