For years, security professionals said "Never write down your password." In many situations, that's still good advice. Anything you write down can be lost or stolen. But when you have dozens of passwords, PINs and other security codes - some work-related, many personal, some static, some changing regularly, some simple, some complex, some used daily, others that go weeks between uses - it's hard not to. If you cannot memorize your passwords and must write them down, here are the ways for doing it at reduced risk.
- Don't store your passwords on your computer. It doesn't matter how well you hide the file, hackers know how to search the contents of your computer to find likely password files.
- Don't record the complete password. Write down just enough to remind yourself of the rest of it.
- Keep the password hints with you at all times. Your wallet is a good place. Don't leave the list in your desk or under your keyboard. Hackers and thieves know where to look.
- If you have a PDA or Blackberry, use a secure, approved password vault on the device. These applications use strong encryption to protect your password list.
- If the list is out of your control even briefly, quickly change your passwords to maintain their security.