What is the number one issue I run into when doing work for a client? Hint: it’s not technical.
Most of the things I do for folks requires at least one password, whether it is hooking up to your WiFi, logging in to your PC/Mac, accessing your Gmail/Hotmail/Msn/Outlook/Quicken account, etc. And the number one obstacle I run into, by far, is that people don’t know their passwords. On occasion, this has turned something that should have taken less than an hour into a 4-hour job. More than once, it has prevented me from doing anything whatsoever.
I know, I know…so many passwords, so many accounts. While having the same password for everything simplifies matters, it is extremely risky, but today I’m not even going to go there. For now, suffice to say that being on top of your passwords will make both of our lives easier.
The typical root of the forgotten password problem is that when logging in to any account, Chrome or Edge or Firefox will ask you “can I save your password to this account for you?”, and of course most people say “yes”. But if you go to another computer (or, as many of you have done, buy a new one) that saved password info will be gone. Because that password was saved for you, you might not have had to type it for months, or even years. Now we get into the “Forgot Password” process, which is frustrating at best. It may ask you for a code that gets sent to one of your “devices” or another email account, and that doesn’t always make it across the wire.
Because people sometimes ask me “can’t you just look up my password somewhere?” it’s important to know that there is no way to find or recover a current password. Take my word for it, this is a good thing, and standard security practice – if there were an easy way to find your password for your Hotmail account, for example, then someone else could, too. Passwords are processed with what we nerds refer to as a “one-way encryption”. What this means is that the password you type is encoded in such a way that you can’t get back to the original (can’t be decoded), but it always yields the same encoded result, and the encoded result is what is stored. When you type the original each time you log in, it gets encoded and compared to what is stored: if it matches, you’re “authenticated”, which means you have satisfactorily proven that you are the person who can be granted access.
So, you ask, “what should I do?”. First of all, always keep track of your password yourself, even if you let your browser (Chrome/Edge/Firefox) keep track of your password. The best solution is to use a password management app, such as “1Password”, which keeps your passwords for all accounts, protecting it via encryption and a single master password (this is what I use, and if you’re interested, check it out here). But some of you may want a more straightforward, less technical solution. Writing it down isn’t the best option, because 1) it can be read by anyone else, and 2) you need to update it religiously when it’s changed (or if you create a new one). That aside, if it works for you, far be it from me to discourage it. And force yourself to use it occasionally: that will help verify if the one you have written down is current – maybe you forgot to update it in your password book last time.
I am investigating having password booklets printed for my clients. Though I recommend using a Password Management application like “1Password”, a password booklet is better than paging through a stack of papers or rummaging your desktop.