The Gentle January series shares one practical privacy tip a day from a Markup staffer who actually uses the advice in their own life.
I created my first-ever internet password by physically visiting a room in the basement of a severely ugly building on the University of California, Berkeley campus. In that server room, I created the password for my first email account.
Months later, I created my second password while signing up for an account on HotWired, Wired magazine’s then-new website. This time I could register my password over the internet, so I created a new one, distinct from my Berkeley login. That way, if someone was spying on my online activities and intercepted my password, they couldn’t use it to log into my email account.
In those relatively early internet years, I felt paranoid—who would ever spy on someone’s internet activity?— and from there, as my logins multiplied, I became less and less careful. My HotWired password would also get you into my New York Times or Slashdot accounts, not to mention Expedia and the now-forgotten content hub Pathfinder.
Machine Learning
Plagiarism Detection Tools Offer a False Sense of Accuracy
The tools that likely brought down Harvard president Claudine Gay are improperly used on students all the time
But I should have stuck with my original instinct: passwords are not very secure on the internet, and you should avoid reusing them. A favorite tactic of hackers is to break into a website, crack the passwords, and then try using those same passwords to log in to the email accounts associated with them. Sometimes they’ll share the logins with other hackers interested in breaking into other sites. Because people tend to reuse their passwords, this technique is frequently successful.
The problem is, you need so many passwords these days (I have 597!) that there is no way to make them all unique and memorize them. That’s where a software tool called a password manager comes in. The idea is you memorize one strong password to unlock the manager, which is like a vault where you can look up all your other accounts, usernames, and the unique passwords assigned to them.
I’ve tried all sorts of password managers over the years but have always stuck with the first one I settled on, 1Password. 1Password stores not only passwords but also two-factor authentication codes, secure notes, and other sensitive information. 1Password has apps providing access to your passwords across all the major mobile and desktop platforms, even Linux, and over the web. It is transparent about its security architecture and has a strong track record of avoiding breaches. And if you have friends, family, or coworkers on 1Password, the company makes it easy to share passwords and other items with them.
But 1Password isn’t for everyone. It costs money and stores your data, in encrypted form, on its servers, which isn’t something everyone is comfortable with. Some people like free password managers like Bitwarden or those that store files locally, like KeePassXC. To find the right one for you, I suggest starting with reviews at a place like Consumer Reports, The New York Times’ Wirecutter, or my old standby, Wired. Which reminds me, I have a password I need to update.
