You need a Password Manager (instead of the pile of sticky notes you have!)
Generally, you should be using a password with at least 12 characters and a mix of upper/lower case letters, numbers and even symbols. Not all websites allow all symbols, but most will accept any symbols that are on the top row of your keyboard such as !@#$%^&*()_ characters.
Use a dedicated password manager, a software program that stores your login credentials for you in a single database file, that file being locked with a password of its own.
Today I only have to remember one password to access my entire digital life, I don’t even know what my passwords are for my hundreds of accounts. I rely on the password manager, in my case a program called KeePassXC, to do the work for me, and centralize all of my login credentials. Let’s go over some basics of passwords themselves, and some strategies for using a password manager in an effective way that should suit most of us for our digital lives.
1. As mentioned, use long passwords with all four types of characters: upper/lower case letters, numbers and symbols.
2. ALWAYS keep a backup of your password manager database file, and guard it.
3. NEVER use the same password for any two accounts, even for non-important things; if your Snapchat password is breached and made available, hackers will attempt that same email/username and password combo on bank websites, social media, crypto accounts and so on. Recycling passwords is a big no-no. (that we are/were ALL guilty of doing at some point, let’s fix it)
4. Do not reuse old passwords, for similar reason as above. Instead, use KeePassXC auto generate button next to the password field on an entry, it will generate a random strong password for you. You can change the types of characters used, as well as the length of the password. If a site will let you use a 20-30+ character password, then go for it, it’s simply a copy/paste, so length is irrelevant to convenience, but exponentially harder to break.
5. Change your passwords periodically, at least on important accounts, even if it’s only every 6 months. (although more often is even better) This is only to your advantage provided you exercise a good routine for keeping an up to date password database file at the ready. If the site you are using requires a password change say every 90 days, you can set KeePassXC to warn you that it’s time to reset.
6. Be careful when sharing your password information over messaging and email. If you choose to put all of your credentials in one .kdbx file, it must be protected carefully. If you need to compartmentalize your credentials, consider creating multiple databases with unique passwords. However know that the more that you create, the more work will be required to keep all of them up to date.
Download KeePassXC directly from their site: https://keepassxc.org/
Install KeePassXC onto your device
On Debian/Ubuntu based Linux, you can download and install by issuing the following command into your terminal:
sudo apt update && sudo apt install keepassxc
And hit enter to accept, this will download and install KeePassXC onto your system. Now search Applications menu for it and open to begin creating a database.
Create a database and name it something you will recognize, I also like to add today’s date onto the file name to help keep track of things. You will be prompted to enter a passphrase, this is the master password and should be something strong (12+ mixed characters) and something that you will remember. Best practice is to never write that down anywhere for maximum security. This will be the password you need in order to open/unlock the database file to access all of your others that you put into the database.
Save the database file (.kdbx is the default format) in the desired folder on your machine
Begin adding entries and credentials of all of your accounts. (Click the ‘+entry’ sign on top center left of database) Add as much information to each entry as you can such as recovery or seed phrases, URL link to the login page of the site, PIN numbers, method of 2FA (Two Factor Authentication) and anything else needed.
Keep the database file safe by closing it when not in use, and guarding the physical media it is on, and make backups to something like a USB drive.
It’s really that easy, now to access an account of yours, use your master password to unlock the database, and copy/paste the credentials onto the site you are accessing. KeePassXC allows you to integrate with browsers for autofill, but I do not trust these types of features and prefer the completely offline method and using Ctl + C / Ctl + V (copy/paste) method.
* Bonus trick: I store a copy of my password database on an encrypted USB stick that lives with me everywhere I go. In order to open a .kdbx file, you need KeePassXC software, I highly encourage you to download KeePassXC software onto the same USB stick, I have a version for Linux, macOS and Windows. The reason I do this is that I can go up to any computer and if KeePassXC is not already installed on the machine, I can install from the USB drive and then open my password database .kdbx file. (This allows you to access your information if internet is unavailable to download KeePassXC- KeePassXC can be used for more than just login information, you could store contacts and other important information)
Example KeePassXC database:
**(To use the database on a mobile phone, use KeePassDX app from F-Droid: https://www.keepassdx.com/)
Example KeePassDX entry on mobile:
**KeePassXC has one of the best How To guides I’ve ever seen, so I won’t recreate it too much, I encourage you to skim through it: https://keepassxc.org/docs/KeePassXC_GettingStarted.html
Here is an 18 minute beginner tutorial on KeePassXC installation and use by Switched to Linux: