The following is a guest post from our partner Sticky Password.
When I was in high school, my sister had a cool combination lock for her bike that let you set and reset the combination whenever you wanted. It worked great. Until the day she finally let me use it.
I was showing off to my friends that I had an awesome lock, until one day they said, ‘prove it!’ So, there we were, in between innings of the baseball game we were playing in, and they wanted me to show them that I could change the combination – now! As everyone huddled around me, I fumbled with the lock: open with old combo, press little knob, enter new combo so no one could see it, release knob, you’re all set. The next time you lock it, it’ll open with the new combo.
I passed the lock around to let everyone try the old combination. Success – it wouldn’t open. And then we had to go back out on the field. You can guess what happened when we came back into the dugout after the inning was over. I couldn’t open the lock.
With all the commotion of the game and the pressure from my friends to change the combination immediately, I forgot the new combo as soon as I entered it. I was never able to open the lock again. That’s right, I broke it. (Years later, my sister still reminds me that I owe her a new lock!)
When you think about it, that’s pretty much what happens whenever you need to create a password (except for parts where you’re showing off, and your sister getting mad at you later).
Creating a password is an administrative hurdle that is suddenly blocking you from doing what you came there for. Just a moment earlier, you were thinking about checking your email, or whether payment for the electric bill had gone through, or what grade your daughter got on her last math test. A new password was the furthest thing from your mind.
And now your thoughts are redirected and you are forced to address a security issue. Most of the time, you have to enter and re-enter the new password, and then select a security question or two plus the answers. And you need to remember everything.
And whether you were prompted by a website that you’re trying to login to, or under the impatient gaze of the office IT support guy, you’re under pressure. At least, you feel that you’re under pressure, and so you try to do it quickly.
In your mind, you don’t have the time to create a strong password (long and strong), so you quickly enter something to make the process easy – anything to get it over with. It may even be that you have the best intentions to change that password to something that is worthy of Edward Snowden, but most of the time you don’t get around to it.
And, so you end up with the same password on your yahoo account and your bank account. Or, you end up with qwertY1! as the password for your retirement account (which, even though it does have upper and lower case letters, a number and a special character, isn’t long or strong).
We all need a systematic approach to passwords. That’s where a password manager comes in. Instead of an impromptu approach to passwords that is stressful and that doesn’t protect you, a password manager like Sticky Password removes the pressure of having to create and remember strong passwords on the spot. You’ll have strong passwords for all your logins, and Sticky Password will even log you in to your sites.
With a password manager in your security arsenal, you’ll be in a position to succeed the next time you need to create a new password.
June is National Internet Safety Month. The U.S. Senate passed a resolution in 2005 to raise awareness of the dangers of the Internet and educate people, particularly children and teens, on the importance of being safe and responsible online.
Be sure to check out their Giveaway Event: Real Adventures in Internet Security for National Internet Safety Month!
Editor’s Note: This blog article was written by an outside contributor – a guest blogger – for the purpose of offering a wider variety of content for our readers. However, the opinions and recommendations expressed in this guest blog are solely those of the contributor, and do not necessarily reflect those of The Security Awareness Company, LLC. If you are interested in writing something for us, please do not hesitate to contact us: firstname.lastname@example.org.