Most users today have to keep track of sometimes dozens of passwords: for Cornell resources, online banking, e-commerce sites such as eBay or Amazon, and other web sites.
University policy forbids using your NetID password for other sites, and it is a poor security practice to use the same password for all sites, so multiple passwords are a requirement.
The most secure way to store and manage passwords is to use one of many available password storage utilities. These utilities allow you to create one very strong password that is then used to encrypt and store all other passwords. See a list of recommended password storage utilities.
Obviously, the more passwords you have to use, the greater the temptation to write those passwords down to ensure they are remembered. If you need to write down a password, make sure the account with which it is associated is unclear. For example, do not write down the URL for your bank with your password written next to it. Instead, either write down the password, without listing what the password belongs to, or pick a word or phrase that will remind you of your bank, without being obvious.
For example: If you had a money bank shaped like a cat when you were a kid, you might write “cat” next to your bank password to help you remember that it is your bank password.
Make sure the password that unlocks your computer is not used for any other purpose, and that it is strong. Don’t use “remember password” utilities in your web browser or email client. They make it easy for someone to log into your accounts if they gain access to your computer.Encrypt any passwords stored on your computer. It does not matter how complex your passwords are, if someone can find them. Your passwords should always be kept private.