The news that Russian hackers had stolen a billion sets of login credentials is just one more reason to consider the use of a password manager. There are plenty of these software programs, some of which are even free, out there. If you’re not familiar with what these programs do, check out my The Password Manager Age is Upon Us post.
We use a password manager to keep track of every password in every online account. In my case, that list now has more than 100 entries. Only a few of those entries would be considered critical. Most of the accounts, if hacked, would cause nothing more than some annoyance. But, what about those few critical accounts? How do I make sure to update that short list each time there’s a data breach? Here’s one way to systematize that process.
Create a document in which you list your critical accounts. Use a Word doc, spreadsheet, text file, whatever type of file you prefer. Save the file with an easy-to-remember name. By saving the file now, it provides a blank master that only includes account names for use after the next data breach.
By the way, I’ve been burned one too many times because I needed an old password when a security procedure let me think the password had been updated when it really hadn’t been. The following process gives me a temporary copy of the old password in this file until I know the password has been changed. To get started, make sure your password manager is open.
1) Copy the password for the first account, then paste into your document on a separate line from the name.
2) Have your password manager create a new, unique password that is at least 16 characters for the account and paste it into the document on the next line down from the old password. If you’re using a spreadsheet, you can use separate columns.
3) Repeat for each account.
4) Use the password manager to log in to the first account.
5) Find the link to change your password on the account website.
6) Change the password on the website by copying and pasting the old and new passwords as necessary. Hint: Each account will be different. Some will take that 16 character password, others will require a shorter version, which you can create simply by shortening the password in the master file.
7) When you think you’re done, log out and try to log in with the new password. If it works, you’re done. If not, there was a step on the website you missed and you’ll need to log in with the old password to make the change.
8) Once you’ve changed all of the passwords, either undo all of the changes to the document or close it without saving it. In either case, do not keep a copy of the new passwords and reopen that file to make sure no password got left behind.
Check and double-check that master file to make sure it contains nothing more than critical account names when you’re done!
Recent Comments