Q

How to manage multiple unique passwords

Follow this advice to leanr how to manage multiple passwords.

I just read your article "Hardening user passwords," and I have a question about your comment that one should use unique passwords for each account. I have 16 different accounts at work and a lot of accounts at home. How should I manage multiple unique passwords without writing them down or storing them electronically?

The reason for using a unique password for every account is to limit the risk. If someone obtains a password or

cracks an account, you want to limit them from getting access to more data. For example, if you have two accounts, one with administrative privileges, and one without, I hope you have a different password for them. It is always a good rule to have different account passwords. Certainly, however, you must weigh this risk against the risk posed by writing down or otherwise storing passwords (I can't remember 16 either).

Writing down passwords or storing them electronically is not in itself bad -- it's where and how you store the recording. Having a PDA file of your passwords and no encryption on the PDA and no password on the PDA is not very secure. Locking the list up somewhere or having an encrypted file on a device that is not accessible from the network might be reasonably secure. You are going to have to weigh the risk of each possible solution to the problem. And one other caveat… if the 16 passwords at work exist because 16 different resources must be accessed, it may be that having the same password for some of the accounts may not be as large a risk. After all, a good single-sign-on implementation might provide you a single account that allows you to access all resources. Remember, no security rule is absolute. There are super "best practices" that must be tempered by the organizations and situations "best security."

This was first published in September 2004

Dig deeper on User passwords and network permissions

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close