If you were to ask a web professional what their least favourite part of his or her job is, it might well be the part that begins with the question, “Do you have the usernames and passwords for your website/account/email etc?”
The joys of managing passwords?
It is an absolute joy when a customer shoots through an email containing a list of usernames and passwords that work. Frequently however usernames and passwords are lost or wrong. Worse still, the business owner sometimes has no idea where to start the process of recovering the details.
Don’t get me wrong here. I am pretty disorganised in many respects and my aim isn’t to ‘have a go’ at business owners who have lost track of their details.
The bottom line is that usernames and passwords are the keys to your web properties. If you don’t know where these keys are then chances are no one else does either. As the owner of these properties you must take ownership of your usernames and passwords
Password management is good for business continuity
Looking on the dark side for a moment, effective password management is a great help should the owner of the account becomes unable to provide these details. So long as a business partner has access to the details either electronically or in hardcopy there will be at least one less stress to deal with should the worst happen.
So password management is important. How do you make it happen? Here are three pieces of password management advice I can offer the website owner.
Make passwords secure
You’ve heard all of this before but it has to be repeated – use strong passwords and don’t use the same password repeatedly across different accounts. Avoid using default usernames like ‘admin’.
I manage well over 50 websites and receive security reports on all of them. At any given time there is almost always a hacker (i.e. robot) somewhere trying to unlock the front door to one of these sites. They do this by simply spinning through millions of password combinations. The only real protection against this (aside from locking out whole sections of the internet) is super strong passwords. You know the ones like this: Neji>xRgAlq28F
Now that is all good but how can you possibly remember strong passwords like this or key them in accurately? This brings us to password managers.
Keep details handy, organised and preferably automated
The answer to your password management woes is to use a password manager app. In my work as a web professional I have to keep track of more than 1000 usernames and passwords – not just mine but those of my clients. To do this I use a password manager and it is one of the best investments possible.
I use 1Password but there are many others – some free but the best are paid apps. It keeps track of those ungainly passwords and can autofill them for you.
On a desktop computer you can also make life easier by allowing your browser to store passwords using its built in password manager. This method has limitations and is not advisable on a laptop or portable device unless you have login security for the device.
Here are two articles that review some of the most common password managers:
Keep details up-to-date
Change passwords if there is a known security issue with an account. You will likely receive an email alert form the service asking you to update your password. Beware of phishing scams however that trick you into providing your username and password using this same method.
Make sure the recovery email is still current. Some services allow you to ring up to arrange resets but other services make it almost impossible to deal with a real person who can recover your account.
Once a web project is completed and the web professional or employee you are working with no longer requires access to your accounts be sure to change your password. This is particularly important if there is a risk of a web professional ‘going rogue’ on you.
If you deal with enough passwords to make your head hurt (and even if you don’t), I strongly encourage you to take charge of your passwords and use a trusted system for organising and accessing them. You will be glad you did.