In order to live in the 21st century you are required to remember a ton of usernames/passwords for all the different web sites you interact with, but instead of creating new usernames and passwords people often use the same username/password for all the web sites because it's easier to remember. This is a huge security problem, because if someone is able to look at your login credentials via an insecure connection, unencrypted database, shared computer, shady web master, key logging programs, etc ... they know they will often be able to use the same information to login to other web sites (banking, email, Paypal, Amazon, Facebook, Twitter, Netflix, etc) Password Managers/Apps are also vulnerable because you are essentially putting all you eggs in one basket. For example, here are Security Flaws Found in Five Password Managers.
So what can you do?
The best solution would be to have different login credentials (username / password ) for every site that is easy to remember.
Say you want to login to 3 different web sites:
use your email address + the name of the website.
No need to create new email addresses, all emails will end up going to your default email address example: firstname.lastname@example.org, but this will allow you to have different email addresses and also know if a site spams a specific email address you will know exactly which site is doing it. You can also set up filters in your email so that any email that comes from a specific email address can have a specific action
- email@example.com --> flag this email
- firstname.lastname@example.org --> delete this email
- email@example.com --> archive this email
note: some sites won't let you use "+" signs in the username, if that is the case just use your email address
For passwords think of an algorithm that can be easily applied to all domain names. You will have to remember your algorithm, but once you know it , it will be easy to apply to any site and a lot easier to remember.
Here are some algorithm examples
- first letter of site +"2m0nkey!5"+ number of vowels + third letter of web site + "215"
- position of the first vowel + "sHell02" + last letter + "06" + second letter
- number of letters + "t0mmy26"+ second to last letter + last vowel
So if I am using the algorithm below, here would be my login information for each site
the position of the first vowel + "sHell02" + last letter + "06" + second letter
web site: www.privatebanking.com username: firstname.lastname@example.org password: 3sHell02g06r
web site: www.mywebsite.com username: email@example.com password: 4sHell02e06y
web site: www.emailsite.com username: firstname.lastname@example.org password: 1sHell02e06m