99 passwords, but I can’t remember which one: managing applications access
The chief difficulty in having so many programs and applications
that we use in our work and personal lives is that we wish to
secure much of the data we put online -- or, if not the data,
certainly the accounts which we use to post the data (privately,
publicly or semi-publicly). That's a lot of passwords to memorize,
assuming they're all different, which they should be.
I've written, previously in this space, on the potential of password managers; but, to use those
applications, on top of applications, you must supply a master
password that, when entered, will 'turn on' the program. Once your
master password has been correctly entered, the program will
pre-load all of your passwords for the applications you've recorded
in your password manager. A good number of people use password
managers and I don't begrudge them that. I am just not counted in
their number. Despite the convenience of these programs, the plain
fact of the matter is that a hacker only needs to break your master
password to get to all of the others. If that happens, I wonder
what the point of creating so many unique passwords was?
Password managers are appealing because these serve to take
memory out of the equation, for the most part. You only need to
remember one password, rather than dozens. So, if you choose not to
use a password manager, you've then got to figure out what memory
prompts you will establish to help you remember which passwords
work for which applications. (You could keep a master password list
of your own, via an Excel spreadsheet, but, then you run
smack into the problem of the password managers.)
There are, however, some techniques you could use to create
memorable passwords, that are simultaneously difficult to
- Having a photographic memory helps. I know, I know ... I'm
sorry. Not fair.
- You can dramatically increase the difficulty of hacking your
passwords when you introduce symbols, in lieu of letters and
numbers. In order to help you remember those symbols, you can
choose ones that resemble letters and numbers (e.g.--@ for a, ! for
- You can utilize mnemonic devices (like back in grade school,
when you memorized ROY G. BIV in order to reproduce the rainbow's
color spectrum) to create passwords. If you can recall a sentence
or phrase that is memorable to you, you can use the mnemonic device
to create a password, which you could then use as a stand alone
password, or one of the bricks for building more fulsome
- You can build increasingly complex passwords off of root words
or phrases. In the last example, a sentence becomes a mnemonic
device, which then becomes a password. You could also take a common
word or short phrase, like '8 armadillos' and turn it into
'%@RM@d!))0S.' It's memorable, it looks sort of the same, but it is
far more difficult to crack than the original. The more root words
and phrases you can convert to password components, the more
combinations you can create. You'll end up providing yourself with
a wide array of potential passwords based on an established number
of initial inputs known only to you.
- The requirements for the security of individual applications
vary. You're probably less concerned about the password for your
Yahoo! Fantasy Football team than you are about the password for
your case management system. So, you can treat your passwords
accordingly. You could develop a hierarchy of passwords, from more
secure (harder to remember) to less secure (easier to remember),
based on the value of the information that is being protected. Your
fantasy football password could be something like: 'RevisIslander'
and your case management password would be far more complex.
- Many websites will ask you to establish answers to
predetermined security questions, in addition to creating a
password. When selecting security questions and answers, you should
avoid choosing answers reflecting data that may be publicly
available, including, potentially: your birthday, or relatives'
birthdays, family names and maiden names, your street address or
the date and/or place of your marriage. Far more secure questions
relate to things that are not easily found via the web, or better
yet that are not available on the web at all. This includes things
like: the name of your childhood pet, the street your best friend
from elementary school lived on or a private term of affection for
The good news is that, as soon as fingerprint access becomes
commonplace, alphanumeric passwords will be a thing of the
Tip courtesy of Jared Correia, Law Office
Management Assistance Program.
Published March 13, 2014
To learn more about the Law Practice Management
Section, which is complimentary for all MBA members,
contact LPM Section Chair Cynthia E.
MacCausland or Vice Chair Damian J.