For many years, the conventional wisdom has been to never write down your passwords. You are suppose to make a strong password and remember it. This practice is very secure, however it is not practical in todays electronic society. Remembering 1 strong password is easy. Remembering 100 is a completely different thing.

In my opinion, forcing yourself to remember the strong password means you will use the same password in multiple places. This will leave you very vulnerable if your password is ever compromised. This also brings the “weakest link in the chain” effect into play. Your banks computers may be strong and your account information may be very secure on them. That internet message board or website you register with may not be as secure with the password to your electronic vault.

I carry a journal with me that has my passwords. I also guard the journal the same as I do my wallet. A journal may be overkill for most people so you could also write down your passwords and a single sheet of paper and store them in your wallet. Make sure you make a copy and stick it with your other valuable papers in a safe or safety deposit box. I create unique passwords for all of my sites and I write them down on a dedicated section of the journal as soon as I create a new account. I also don’t use words or dates in my passwords. Those are a lot easier to brute force than tougher passwords. For example, your name and birth date isn’t a good password. #eL9~ukl5f$ is a good password. EDqz~!)Oy$R:>jp;sd80_xCY}P=1^NVi41{.%GwPB”Dfqo4P,gentAG is an even better password. That last password is a 63 random printable ASCII character password generated by GRC’s Ultra High Security Password Generator. If someone can break that password, they were going to get your info anyway. I know some people have a tough time generating their own passwords so use that site. Steve Gibson of GRC is a legend in computer security.

It is ok to write down your passwords as long as you protect them and make sure you use different passwords for every logon you need. That way if one password is compromised somewhere you only have one password to change.