Picking a password like “12345” or “Password” is like asking to be hacked. But picking a password that is too complex can be equally dangerous, according to a new report from Microsoft researchers. The usual advice from security experts is to remember unique, complex passwords for every site. That is essentially “impossible” for most people, the study said, leading some to use password managers to store all of their log-in information. The problem? Those can also be hacked, leading to a bonanza of exposed passwords. The solution, according to the report, is to lessen your cognitive load by picking complex passwords for a few high-value sites — like e-commerce sites with saved credit card information — and then reusing simple passwords for sites that don’t really matter. It’s not a perfect solution, but then again, most people don’t have perfect memories.
- Hack-Proof Your Life: A Guide to Internet Privacy in 2014
- Highly Personal Data Is the Future of Tech, But Is It Secure?
- Kill the Password: Why a String of Characters Can’t Protect Us Anymore (Wired)