If you’re like me, you probably have dozens of accounts on various different websites. Hopefully that also means you have dozens of passwords, right? Using one password is one of the quickest ways to have your entire digital life go up in flames, because most sites will track your account by your email address (which is often used as your username, or can be used to find your username), and this can quickly become a series of cascading failures. Attackers will leapfrog from one system to another, and if they get access to your email account itself, then it’s usually game over with how most password reset forms work. For a very scary account of how bad things like this can be, check out this article here covering what happened to a Wired reporter.
But who can keep track of multiple passwords in their head in a truly secure fashion? I know I can’t. For a long time, I used a three-tier system: one quick and dirty password for sites I didn’t care about, another for sites that I used a lot, and then a few specific passwords for individual sites (like my email) that I wanted to keep ultra-secure. But as time wore on, I realized that some of the sites that I considered disposable became anything but, and human nature (read: laziness ) meant that I wasn’t “reclassifying” them with a newer tier of password security.
( Enter: KeePass )