I want to share a couple tips about passwords and how to make them secure and implement some policies as a business owner. Here at Graphem we are growing and we have a lot more people. Therefore, we want to make sure we have a policy in place for everyone to follow and some guidelines regarding how to create safe passwords and where to store them.
//Password Keeper
First things first – use a “Password Keeper”. Meaning keep your passwords in a safe location. There are a lot of tools these days that work really well to store passwords. What you can do is create random passwords for all your accounts and store them in one location so you don’t have to remember them. And that location is secure with one master password that you have to remember. One of these tools that I use is a free tool and it’s called “Keypass”. That tool is free, check it out online. I think you can use is on a mac and pc. It stores a database of your passwords locally on your computer. Now the only thing I would say with that is if you lose your computer, you might lose that file as well. One thing I do is I store that file on the cloud as well – meaning Dropbox or Google drive in a secure location. I store it online, yes that could be dangerous, but it’s encrypted with a master password so it’s a pretty strong encryption and they can’t really decrypt it without having the master password. The great thing with that is you only have to remember one password, one very strong password.
The second tool we use is called “Lastpass”. It’s an online tool so you have to pay for this one. It’s probably about $3 or $4 a month per person. I think it’s worth it because you can connect it with your browser and then when you have it connected you can go on a website and it will recognize the website and it will fill in the password for you. So it’s very easy to get into your account without having to type your password that you don’t remember. Again this is stored with a master password. So it is totally encrypted with a master key so you only have to remember one huge password to make it very strong. Lastpass is also useful for sharing access with other team members and it even has an option to share access without permitting the other person to actually see the password.
//The Bottom Line
If you don’t want to use these tools, I still recommend that you use different passwords for all the different websites you log onto. If you don’t want to use any of these tools, one tip I usually do to create a secure password I will remember is use a common word or key, and then mix it up with other numbers and symbols for the different websites.
I will give you an example you could do – let’s say you have a favorite pet called “boo-boo”. You use that and then you put some numbers like: “boo-boo156!!” So you use that password but you combine it with something else on each of the different sites. Let’s say you go to Dropbox, you could use the first 2 letters of the company name and the last 2 letters. So Dropbox would be “dr” and “ox”. (“boo-boo156!!drox”) So that becomes your password for Dropbox.
I think it is really cool because a machine cannot make sense of that. If your password was ever stolen or leaked they won’t be able to make sense of it as it is too much data to analyze. They probably won’t go through that much trouble. There’s a chance, but they probably won’t do it. So that’s what I usually do to remember my passwords – I use a common thing for the site and then a special key. So that’s a good tip when using different passwords everywhere if you’re not using a password keeper.
It is also good to change your password once in a while as well, especially for your accounts like Facebook and emails. These things are major because if they get into these types of accounts it can become a problem, you can really, really be in trouble. So the bottom line is, if you’ve been hacked, change that password.
Guillaume Bourdages
Vice President at Graphem Solutions
