I belong to a Yahoo Group of Austin business owners, and someone in our group just posted a long message about what he learned from being the victim of identity theft. The main violation that occurred was the compromise of the person’s Yahoo e-mail address. From there, all hell broke loose, involving eBay, PayPal, and $32,000 of merchandise about to be shipped to Africa… no kidding.
When I speak to audiences about identity theft, I stress to them that your e-mail account is one of the most important passwords you must protect— it needs to be as strong as the password you would use for your bank account! Think about it– when you forget a password to some account, what do you do? You click "Forgot password" and they usually send it to your e-mail address. How many accounts would people be able to access if they could check your e-mail? It’s a little unsettling, isn’t it?
The other thing I am always telling people is not to use the same password for everything. It’s probably okay to use a few that you rotate among less important accounts, but for the really important ones like banking, anything else financial, and your e-mail address, NEVER use the same one for those. This person who just wrote to our group said this was his downfall– he had used the same password for PayPal as he used for his eBay account, so once they had that, they just tried it on everything.
So, if you are using so many different secure passwords, how do you organize and keep track of them all? My favorite password management software is SplashID, because that is what I use daily. It does require that you have a PDA, like a Palm, to install the software, and it syncs to the PDA as well. I love having this information with me securely. It uses very secure encryption and you basically need to remember just one master password to unlock the rest of them. I use this software not just for passwords, but as a mini-database of little factoids I need to remember. My husband’s drivers license number, my kids’ social security numbers, my clients’ gate codes, software purchase information and license codes, and a hundred other things. Obviously, you need to check it out and decide for yourself about its security before you use it (use at your own risk). I also like Password Agent. Here is an article from Lifehack where there is a list of others people use.
Whatever you do, DON’T just keep this kind of information in a handy little Word or Excel document. This is not secure for so many reasons!
How are you going to protect your information? Do it today!