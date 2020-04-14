Share it:

Let's explain How do we, the editors of Xataka, create and manage our passwords? and other technological means of Webedia Spain. Sooner or later the day will come when you discover that your passwords have been leaked on the Internet, and you will have to take several steps to change them and make sure that no one has taken advantage of them. How much you have to do at the time will depend in part on how you manage passwords.

Each of us is going to tell you several things, like the methods or formulas we use to create passwords, if the service for which they are influences their composition, and if we use any password manager or if we use some other method to store and remember them. Each of us is different when it comes to organizing, meaning that the intention of the article is that you get as many ideas as possible.





Some of us organize ourselves worse than others, and the value of the article is precisely in the variety. Therefore, as we always do at Xataka Basics, we invite you to also share how you manage your passwords in the comments section, so that the rest of the readers of the article also benefit from the knowledge of our xatakeros.

Amparo Babiloni

Xataka Android and Xataka Móvil Coordinator

"With regard to passwords, I distinguish between two types: the important ones whose security concerns me and the ones that give me the most equal. Those that do not matter to me are typical of a service in which you have just registered and do not contain sensitive information, here I usually use variations of a word + number. I change the order, adding capital letters, symbols … as it suits me in each case. For important passwords I usually use a password generator to make them more complex (yes, of those illegible with many numbers and symbols). I use Lastpass to manage my passwords. It was the first one I tried, I liked it and I stayed with it. Here I keep all the important passwords and update them periodically. And well, here is the mother of all passwords which is the one I use to enter the manager (and that I also change). This has to be complex, but I have to be able to remember from memory, so it is the one where I "cuddle" the most. And up to here I can read. "

Anna marti

Xataka Editor

"The truth is that I have been very suspicious of this all my life (when they gave you a piece of paper with the pin of the card it burned it, I am like that and you have to love me), so when there are important and essential passwords I do the exercise mental to keep them there.It is complicated because they are always irrational sequences of characters and it is true that I do not always succeed on the first attempt, but as I use few essential services (and I am older, but not so much) it works for me at the moment. For those who are not "life or death" and above all it is useful to have SecurePass already digitized already, which also comes in handy to generate them because it gives you that mixture of numbers, letters and characters random enough to have some security. And those can also be memorized, hehe, although once generated, it is comfortable to use the app, especially considering that it is cross-platform. "

Antonio Sabán

Coordinator of Genbeta

"To create passwords, what I usually do is use the chorus trick of my favorite songs and add some numbers to it. These days, when we talk a lot about 'I will resist', whose chorus is' I will resist, standing up to everything, I will come back from iron to harden the skin ”, my password would be:“ Refatmvdhpelp. ”If I can, I play with upper and lower case letters and add symbols and numbers. I don't use password manager, though I have, and I'm just very careful not to repeat and use double factor authentication whenever possible. So that my personal data is not very exposed, I do not use my personal email to register for services, and if I share a family with a streaming service, I create an account specifically for it, with a payment account that is also unique. There are tips that will provide more security, but this works for me. "

Cristian Rus

Xataka editor

"Considering that much of my life is in the digital world, security is as important and essential here as it is in the physical world. That is why I have always tried to pay as much attention to passwords as possible. How to create and manage them. For this, my great ally is 1Password, the password manager that is much more than a place to keep passwords. It also stores important documents, licenses not to lose, secure notes or functions for authentication in two factors for example. There are a number of rules that I always try to comply with, such as never repeating a password, periodically renewing them, or activating alternative authentication methods if they are available for the web / app / service on duty. The good thing about using password managers like 1Password is that they help with these tasks and also allow you to not have to remember anything other than the main password. And as for this one? I have no concrete method to create or memorize it, I just generate a random password complex enough and memorize it for six months, which is when I renew it. "

David Bernal

Applesfera editor

"For passwords I use the keychain of the operating system that is synchronized on all my devices. In general Safari generates and stores passwords automatically, when not, I use a shortcut that I have created to generate a random password with the same pattern as those of Safari (18 random digits separated into three groups of six by hyphens). Only four passwords come out of this pattern, it is the password of my Apple ID, my iPhone, my iPad and my Mac. All four have 36 digits and are different, I have never saved them in any service, only the I memorize. For double factor authentication I use 1Password since it syncs the vault in iCloud. I only have the key generation, without any password. The recovery codes to deactivate the double factor in the different services if I needed to do it, I keep them manually on the keychain. "

Enrique Pérez

Xataka editor

"I don't use a password manager. For less important services, I usually use a specific password where I have a couple of variations. Then, in the services I use the most, I usually remember the specific password that I apply. Here is a bit of the usual thing, I have a "core" of the password that is usually repeated, I have two or three queues that I vary and then I add the complexity with numbers, capitals or some final symbol. I also usually activate the two-step verification associated with the mobile to add a security layer . The truth is that I must admit that in some services that I open every so often, sometimes I do not remember exactly the combination I used and in the end I ended up restoring the password. I lose a few minutes but it is also a way to renew them. "

Eva Rodriguez

Xataka Editor

"My trick is rudimentary to the maximum, neither apps nor milks: I remember the two TOTALLY RANDOM passwords that they gave me in college and that include uppercase, lowercase, numbers and characters. What have I done with them? Use them and add one or two asterisks in front of them or behind. So, if I have to log in, I think about how important the site is and based on that I will know if it has one or two asterisks and where they are located. A rarity, but I already understand. And continuing with my rudimentary methods, I do not use any service to save them, simply because I do not trust to use them … it is not so much for lack of confidence, but because when you delegate a tool to store them, you end up forgetting. It's all in my head. "

Ivan Linares

Xataka Android and Xataka Móvil editor

"I admit that I don't usually vary my passwords too much: I have different patterns that I combine with capital letters and signs. Even so, I try to choose more secure passwords with the help of the suggestion of the team (when I use iOS and Mac I choose the suggested security combinations for those services that I will not use too much); and I usually trust the save of the Apple keychain and Google autocomplete. Apart from the services integrated in the operating systems, I have a LastPass account. There I keep all the passwords, at least whenever I remember (the habit often fails). LastPass has saved me more than once, for me it is highly recommended. "

Javier Lacort

Xataka editor

"As everything I use is part of the Apple ecosystem (Mac, iPad, iPhone, etc.), I use Apple's native solution, iCloud Keychain. My passwords are always those generated by this system, quite complex and combining letters, numbers and symbols When I register for a new site, the system proposes these passwords automatically, and if I agree to use them, it adds them to the list. I think it is a system that combines security and comfort very well. In this way, all my passwords are different in each site where I am registered and I have no problem not memorizing them, the system memorizes them for me and even takes care of entering them in the appropriate place. If someone fits this system but not all their devices are from Apple, a manager like 1Password is surely the best alternative, which I used for years until Apple perfected its native solution. "

Javier Pastor

Xataka editor

"I had in mind for quite some time trying a password manager, but instead of opting for well-known solutions such as LastPass or 1Password I went to a less known and somewhat more" friqui "alternative called KeePass. It is an Open Source development with some derived versions that allow access to very interesting password management or autocomplete features, for example in web browsers. The database that is created as we use it can be stored in different cloud services, but we also have a development that accepts plugins (for example, to import and export other databases of my passwords). When I register for a new service I generate very strong passwords (often more than 20 characters with all kinds of symbols) that I could hardly learn by heart but can always access with my master password, which is equally strong and I do remember. We must overcome the laziness of generating different passwords for each service we use and also try to change them from time to time, but I think that taking into account the amount of massive data thefts that are occurring in recent times, go to one of these solutions (and combining it with two-step authentication systems) is a great way to be reasonably calm about the security of our data. "

John Tones

Xataka editor

"I have wanted to hire some password management service for a long time, but I never find the moment. Perhaps these days of infinite screen will be able to cheer me up. I have two types of password: one to register services that I do not care about security being compromised or that perhaps I will not enter again. They are a couple of passwords very easy for me to remember (although not easy to guess; come on, they are not my birthday or "password"). And then I have a few alphanumerics that I use for services that I do want to protect such as mail, social networks and places where they have my credit card. "

José García

Xataka editor

"It has been using LastPass for years and I have discovered that it is a one way way. It is a password manager, one of the best on the market in my opinion, and I use it because it is cross-platform, unlimited in its free version and has auto-complete functions and automatic creation of passwords. I would dare to say that since I have used it, I only have four or five passwords memorized, and one of them is the LastPass master. The others let the app generate them, save them and fill them automatically, as it is. However, there are times when I like to create my own passwords, either because I have to memorize them or because they are from frequent access services and I prefer to be able to write them manually. In that case I use a simple rule: that they are strong, but readable, pronounceable and memorizable, and for this I have my tricks. I always use long words or short phrases, like "I have a ball." Then I substitute all possible letters for numbers and capitalize everything except one letter: "t3NG0oneC4B4110 ". Now I add a symbol, like%, $, &, * or # and a" ñ ": t3ÑG0oneC4B4110% ", and voila, password created. According to Dashlane, the first password would take 51 years to decipher using a common order, but the second would take 385 quadrillion years. Mine are a bit more complicated than this, but if you always follow the The same rule is easy to remember. I started to worry about the security of my credentials when I saw that one of my accounts had been leaked (you can see it in Have I Been Pwned). Back then I always used the same password and I got paranoid, so I spent an afternoon learning to use LastPass and changing all the passwords for the websites I was registered with. Since then I always, always, always use different passwords for each service. "

José Miguel Cosmos

Xataka Android and Xataka Móvil editor

"When I have to create an easy to remember and write password, I usually use some made-up word to which I put some capital letters, numbers and symbols. Almost all my passwords have the same pattern, sharing the numbers and symbols, where the only thing that changes is the word, often related to the service itself. If I do not have to memorize the password, I usually pull the password manager. I use the Google password manager that is integrated in Chrome and Android. It reminds me of passwords for most websites and apps, and since last summer it also generates passwords for me. In the registration form, just click on the create password field, I just have to click on "Suggest strong password" to write it and remember after finishing the registration. "

Juan Carlos López

Xataka editor

"My technique for creating my passwords is very simple: I combine consonants and vowels at random to create non-existent pronounceable words that are eight characters long. Then I put two or three of those uppercase characters and concatenate eight additional digits. A nonexistent word Sixteen-character length combining uppercase, lowercase, and digits is pretty safe. Also, the fact that it's pronounceable helps me remember it, and I choose digits so that it's easy for me to remember them using some mnemonic rule, like the title of a movie or book that I like. From there I have two rules. The first is that I never use the same password in more than two different services. And the second is simple: I don't write them down anywhere. I memorize them. So far this system has given me good results, and I am confident that it will continue to be so in the future. "

Laura Sacristan

Xataka Android and Xataka Móvil Editor

"In my case, the iCloud keychain has become a must-have for me, but I recognize that I should use an additional password manager for the computer and for Android devices. As for the method I follow to create them, I have a word and a series of numbers that I combine according to the number of characters (6, 8, 10, 12 …) and the type of characters (uppercase, lowercase, only letters, only numbers, letters and numbers …) that each password requires. I don't give them any specific name, but maybe I would have to because I have had to "recover password" on many occasions. "

Miguel López

Applesfera editor

"For my passwords I usually use a pattern with which I share the same base for all, but applying some rules so that it changes in each service. A quick example to understand it better: 'pepito' as a base, and then the last four letters of the service with the last one in capital letters and then the number of vowels in those last four letters: Google's password would be 'pepitooglE2', Twitter's would be 'pepitotteR2', etc. What I achieve with this is to have different passwords in each service, without forgetting them. I can always remember her applying that rule. Of course, for more sensitive services such as the unlock codes of my devices or my bank accounts I use numerical sequences. To remember those passwords with which I cannot apply this pattern, I resort to saving them in a protected note on my Apple devices, and you can only access it through facial recognition. I use the iCloud keychain as a password manager, since all my devices are Apple and I have become very used to its operation with integration with Touch ID and Face ID. I tried using 1Password a while ago, but I didn't get used to it. "

Ricardo Aguilar

Xataka Android and Xataka Móvil editor

"My password management can be summed up in three words: I am a mess. My passwords are very, very complex and I change them regularly. There are not too many patterns, I just bet on certain combinations that make sense to me and I change them. Some I leave directly The iPhone creates them for me, so if I want to access this service on Android I have a serious problem, but that's how I live. My managers are Lastpass (when I remember to activate it to save everything), the Google password manager and the iCloud keychain. I don't really use that many services so I tend to remember passwords. But I neither affirm nor deny that it is not strange to have to give it to recover a password when I am going to enter a service that has not been used for a long time. "

Samuel Fernandez

Xataka Android and Xataka Móvil editor

"In my case, I don't use password managers because I don't have so many active simultaneously to need them. I usually keep about 4/5 active passwords and remember them by heart. I know what service each one is in, something much more Easy since almost everything can be managed through the Google account, so in the end it does not require so much memorization effort. As for the key creation system, they are usually short phrases or complex names, joined by hyphens or other alphanumeric symbols and changing some letters for numbers and others not. In construction, the latter is usually quite random, and depending on what occurs to me at the time, I do not follow an exact rule. I suppose that helps to be able to reuse keys with small changes if I want to resort to the ones that have worked best for me in the past. They are usually phrases from movies, songs, titles, expressions that my friends or family say, or simply names that I easily remember and converted according to what I have already commented before. And when I feel that a password is compromised by the leaking of some service, or because it has been in use for a long time, I change it for another and I renew the quintet. "

Yúbal Fernández

Xataka editor