TDLR: Learn how to use a password manager.
Our online life is complicated. For every online service out there, we need an account and a password.
If you're working in the building sector like me, you would at least have a login for your laptop, Microsoft Exchange account, Aconex or Procore, Dropbox, Google Account, Apple Account... etc.
Despite this, things are sort of looking up. Logins are becoming simplified through social logins (connect to your Google Account or Microsoft Exchange Account). But not everything can or should be connected this way.
A costly security risk
Let me guess. This is how you create a password: you have the same or similar variation of a password for all the accounts you use at work. You might even use the same password for both personal accounts and for work. This poses a serious security risk.
How often do we hear about online scams? We usually comfort ourselves by saying "oh that will never happen to me". The bad news is that we're actually not that special. Ever wonder why websites are asking you to create ever more complex passwords? Because hacking is so common nowadays and passwords are the first line of defence.
I personally know of a business owner who's lost $100,000s because their email got hacked. The hackers logged into their email, copied how they sent their invoices and then sent similar invoices with their bank accounts to their clients. They then deleted the sent emails and left no trace. The business owners didn't realise until a month later.
The least you can do is to have unique and complex passwords for all your accounts. And you should never mix work and personal passwords.
On average, you will have approximately 100 accounts (I have more than 136 at the moment). Imagine, if I figured out the password to one of your accounts, how many accounts do you think I will be able to hack into? 20%? 50%? 90%? Can you imagine if I pretended to be you and asked your clients to pay to my bank account? And an invoice in the Building Industry ain't cheap. We don't like to imagine these hypothetical situations but this is the reality we live in.
Password Managers to the Rescue
What you need to do is to have a password manager so that you can easily use unique passwords for logins. I strongly believe that training and the use of password managers should enforced by all companies.
For me, I needed one which was simple, low cost and was able to work on Android, Windows and Linux which is what I use at home. I have been successfully using Enpass.io for over 2 years now and I can say it is easy to use. It's a little buggy on Android (as of 2020) but I can live with that.
How it Works
You need to think of one complex password for the password manager. Here is a screenshot of my list of accounts.
Every time you need to create an account online, add the details on your password manager as well.
When coming up with the password, don't be the creative one to think of the password (because your creativity may be lacking). Let the password manager do the work for you.
Every time you need to login to the site, log into Enpass and copy the password over. That's it. It's faster than trying 5 different passwords, being locked out of your account and then having to reset your password. It's cheaper than being hacked online.
Go forth, and be safe!