Disclaimer: This is not an article on how to create a secure password. We’ve all read those…we all know it’s something we’ll ‘eventually get around to doing’, right? Don’t worry, I won’t tell. No, the aim here is to let you in on a simple solution to help you manage all of those pesky passwords.
The Tiered Password System
If you’re like most people, you probably use the same password for every site you log into. When you do this, you’re making that password only as secure as the weakest site on which you use it. That’s why I suggest using a tiered system to organize your passwords. It’s simple: use a less secure password for sites you really don’t care about, and a very secure password for sites that hold a lot of your personal information.
Tier 1 – Throwaway Passwords
This password should only be used on sites or forums that you do not share any personal information with. In other words, if the site was breached, you probably wouldn’t care too much. Consider this your throwaway password. If someone figured it out, the only sites they could access would be non-important. No need to change these passwords very often. Examples include Reddit, Recipe sites, Games, radio stations, etc.
Tier 2 – Vault-Level Security
This password should be used on sites where you share some personal information, such as a social media or online shopping sites you’re your sharing photos, personal stories, your bio, or maybe a credit card. Examples include Facebook, Twitter, Amazon, LinkedIn. Remember to only use trusted networks. Change this password once a year (at a minimum) or when a breach is known.
Tier 3 – Nuclear-Level Security
This should be a 20 character password and should be used to manage critical things like bank accounts, password applications, or any site or application that may hold your social security number or bank account information. These are sites that you should not access on your phones. This password should be changed every 60 days. Examples include online banking sites, secure email, KeePass, and TurboTax.
If you’re curious if your chosen password is secure or not, run it through an online password checker like this one. This checker will show you how long it would take to crack it, as well as provide suggestions for improvement.
Hey, I’m as guilty as every other Security Consultant out there – I will tell you that every one of your passwords should be 35 characters and so complex that not even a North Korean leader can hack it. But maybe that’s a bit overkill for some sites…maybe.