Every site another password at least that is what you are advised to do.  All of us struggle with passwords and the false promises made with biometrics doesn’t seem to be much of a shortcut.  When it comes to creating one, I find just beating on the keys on my keyboard in random works best.  I make sure that it is at least 13 characters long and contains numbers, upper and lower case letters and symbols ( those shift characters above the number keys and all around the keyboard).

You might wonder how that works for me, and it really does. I start with a simple notepad file I keep on my computer.  To be truthful about it I have several of these files, some are alone for a single purpose and some have multiple passwords in them.  Some of them I keep in Dropbox, because I use multiple computers and I need access to them frequently.

I have a few that are on flash drives that I only use when I need access to particular sites like banks.  I never visit those sites with the computer I use daily, I have a separate one just for them.   You should never go to a bank website on the same computer or device you use for social networking. Email me if you have questions about this.

To keep the files safe I use AxCrypt

https://www.axcrypt.net/

Here is a video explaining how to install it

I use a secondary encryption program for a very good reason. The one that is distributed with Windows and Mac is rather simple to break. I bypassed Windows encryption shortly after a Microsoft tech support person, told me it was impossible. When you install AxCrypt it will ask to store the decrypt key somewhere. I recommend using a removable or flash drive. When you are done with creating the key file, also put a copy of the downloaded program on the flash drive as well. You want to keep the key and the installer together. You should stick it in your jewelry box or some other place that is secure. You will only need the key file if you forget the password or you need to reinstall the program. You will need the same version of the program if your computer completely crashes.  Mine has, and I needed the older program to open older encrypted note files. That is the constant hazard of program updates and one way to get around them.

AxCrypt will ask for a password to use with it. This password you will need and the rest you can forget. You also may have to come up with a good password to remember for some other purpose.  Short passwords and ones with whole words in them are generally a bad idea. I encourage the use of substitution in creating a password. I like two or three words shoved together as well. So a substitution for ‘birthday card’ would look like ‘B1rt4D@y(ard’ if you count you will find that it is only 12 characters long. You then can pad a number at the end to make it at least 13 characters long.  I use 1234 but you can use any sequence number. The password would then be ‘B1rt4D@y(ard1234’  it is much easier if you write the password out on a scrap piece of paper before you commit it to a computer. Just be sure to rip the note up and throw the pieces away in separate places.

I use many sites on the internet for a wide variety of reasons. Every one of them has a different password, a few have a different email address. When I need access I simply look at my notes. I usually just copy and paste the login information.

Some people ask me about saving the password in web browsers like Edge, Explorer, Safari, Firefox or Chrome, and I do that for some websites. Pandora is one example I store the password in the Chrome browser and Google automatically syncs the login information to any computer I log into for Gmail. There are several sites that I don’t care about security, so I store the password but never store the password for social media in any web browser. Hackers can easily download the password file from the browser just by getting you to visit a compromised site. Read my novel I talk about how it is done there.

Occasionally password managers come up in conversation. Those are the programs that store your password in some unknown data server somewhere that is supposed to be secure.  Some of them have already been hacked and one got sued for not telling its customers. I think doing it yourself is much safer.  Now that you have an encryption program you can encrypt files that are sensitive like, old tax returns and anything that has dates of birth or social security numbers.

If you are wondering how long it would take to crack that password you know is weak here is a chart

https://www.reddit.com/r/dataisbeautiful/comments/322lbk/time_required_to_bruteforce_crack_a_password/