Writing.Com General Discussion

I've been a programmer and IT specialist for nearly 40 years, so heed my words. DO NOT use the same passwords multiple times. What do you do if you get an email from a hacker who tells you what your password is? How would you know which account was breached?

1. Use a new password for each site
2. Do NOT use actual words, misspelt or otherwise, in your password
3. Use a random password generator
4. If the site allows for 64-character passwords, use all 64 characters

Use the following if you do NOT have an online password storage service or a keysafe program:
5. Store your passwords in plain-text files ON A THUMBDRIVE
6. Only set and update your passwords on a single computer you know is protected against malware
7. To read a password (even on a public computer) without leaving log data, do the following:
         a) open a command prompt and navigate to your thumb drive password folder
         b) type "type " plus the name of the file e.g. "type wdc.txt"
         c) you can now read and copy/paste the password
8. Only store one password per file (you can also put your login name in that file)
9. Only put the thumbdrive in the machine when you need to add/edit/read the passwords, and remove it as soon as you can

Only storing one password/login-name per file stops the operating system writing buffer data to disk when you read it

The average internet user has logins for dozens of sites. A breach on one could easily result on a breach in many if you share passwords between sites.

You might think it is a waste of a thumbdrive to have so little data on it, but it is worth it. The main thing you should protect is your email address, which should have two-factor protection enabled. Without that, you cannot reset passwords on all the other sites.