I use the same password for all my e-mail and internet-portal accounts (online shopping, etc). Now I am worried about losing it to an identity thief. What should I do?
Hardford gives some good suggestions for password creation (acronyms, song lyrics), but warns against writing passwords down. I think you can write your passwords down, you just need to put them in a code you understand. So for example if your password is (jenny8675309) on a piece of paper you put in your wallet write
What the heck does this mean? It’s a password but jammed between a phone number that I know well (Papa John’s in the town I grew up in). Given the chances that someone finds this card in my wallet and can decipher it is really low, but now I can easily pull out the password.
Back to the economics of passwords. As passwords become more and more complicated, people are more likely to forget their password and need a reminder. They then have to call someone to reset their password, but that costs the company money. So instead they have invented security questions to recover passwords “What City did You Honey Moon in?” and “What is the name of your favorite pet”, with enough googleing these answers might be on the web. Josh Levin at Slate has an excellent article on the problems with these security questions.