Go to the profile of Russell Selph
Russell Selph

If you don’t want the Russian mafia all up in your shit, you have to do more than choose one good password.

(For many of my friends, this is preaching to the choir. If you don’t have any nagging worries in the back of your head about your one password, you can move on without missing anything.)

Let’s face it: passwords suck. Having to think of something that no one else would guess, over and over again, for each and every login you use just isn’t realistic. Most people choose something that an attacker could guess in under 20 tries after looking at their Facebook page, then use that same password for everything, be it Facebook, gmail, the bank, or an account with a random etsy store in China. Such things make me shiver and toss and turn at night. If that random vendor in China doesn’t have excellent security practices (what are the chances?) then your one password can be stolen from there. Then it’s usually used to post a desperate plea on gmail or Facebook about how you’re stranded in London without cash, and could a friend just wire a few hundred dollars or so.

Passwords are the worst way to secure our lives, except for everything else. Even I have been guilty of reusing them, and I’m the second most security conscious person I know. It just takes too much energy.

I’ve been following the advice of my security hero, Bruce Schneier, and using a password vault app. (I use 1Password, but there are others that work.) I just checked, and there are 286 entries in it. That’s ridiculous. 286 different secrets to deal with 286 different sites or companies. It’s not a huge inconvenience using the app. It usually knows which password I want, and I can copy-and-paste it in a couple of steps. And it will make up passwords for me which, frankly, is the really hard part of the whole process. But those few steps to use the app are more than most people are willing to put up with.

So I guess this is a plea to my friends to put up with the inconvenience of being secure. If you’re someone who would be bothered if your checking account was cleaned out, or your credit cards maxed out, then spend a couple bucks and an hour or so of your time to get a password app and start using different passwords for all of your sites. The Russian mafia will eventually get around to testing the locks on your doors. It’s just a matter of time.