The Account Passwords You Should Always Remember (and Why)
Memory capacity for everyone is limited. Remembering stuff seems to get harder and harder every day, doesn't it?
But you commit some things to memory right?
I recommend committing a couple passwords to memory too. Not many, really. Only a couple.
This means don't write them down (especially not anywhere digitally, like on your smartphone's notepad or in a Word document on your PC).
This also means don't solely rely on a password manager to remember it for you, just in case things get really bad.
Frequently used devices
These are devices like your smartphone and laptop/desktop.
In many cases, forgetting the passwords/PINs to your smartphone or computer means you have to jump through huge hoops to reset them.
If resetting isn't possible, your only option is usually a full wipe of the data on the device. Ouch.
Forgetting the password to your PC... sucks. It doesn't matter if it's Windows 10, Windows 8.1, or Windows 7.
Resetting it is a pain, even if you have everything configured correctly with the appropriate version of windows, because you often have to wipe everything to access your system again. What makes it even worse is if you don't have recent backups of your important files.
Now, thankfully with Windows 10 build 1803 (or later) Microsoft gives you a decent shot at resetting your password without losing all your data. Hopefully you didn't forget your security questions; you'll be forced to wipe everything if you did.
Don't put yourself through this type of pain. Remember your Windows password!
When it comes to forgetting computer passwords, Apple seems to be a little more forgiving.
If you have an AppleID: If you forgot the password to your Mac, and use your AppleID to sign in, in many instances you can use your iPhone or iPad to help you out with resetting it. Without wiping all your important stuff.
More than likely, you have an AppleID to use if you own an Apple device. In the case where you use a Mac without an AppleID and forget the Mac password, Apple has created a built-in function to help mitigate (and reset) that. Again, without wiping all your data.
Forgetting your iPhone PIN - especially when biometrics such as Face ID aren't working - is not something you want to do; it takes a good amount of effort to access the phone again if you do forget the PIN.
You'll need a Lightning Cable and a computer (either Windows or macOS) with iTunes installed to gain access to an iPhone where the PIN is forgotten or the phone itself is disabled.
The iPhone will need to be off before connecting it to a computer.
Ultimately, you'll have to remove the password and then "restore" the phone to gain access to it.
The process varies slightly between the different iPhone models because you have to hold down a given button on the phone. It gets a little more complicated if you can't complete the "restoring" step or if your iPhone has faulty buttons.
Overall, this can take forever and if it can't be completed you'll have to contact Apple. Contacting Apple means you might have to pay, especially if you don't have Applecare.
Apple provides a detailed breakdown of how to remove the password from an iPhone on its website.
Of course, remembering your iPhone PIN is the best way to avoid going through this.
Android phones are slightly different animals. Usually, the general consensus is that you'll need to do a hard reset if you forget the passcode to most Android phones.
This can be done straight from the phone in a lot of cases. One of the most common methods for performing a hard reset is holding the Volume Up, Volume Down, and Home Button while the phone is off.
Hard resets wipe all data and restore the phone to its factory condition. Thankfully, you can restore most of it if you have recent backups saved to your Google account.
Now there are ways to try gaining access without restoring the phone. The easier options solely depend on your Android phone's manufacturer.
For example, Samsung users are in for a little bit of luck. If you have a Samsung phone, you can use "Find My Mobile" to remotely change the passcode. However, this only works if you're signed into your Samsung account on the phone and have access to cellular data or Wi-Fi.
If you don't want to wipe all data, and you don't have a Samsung, your only real option is to "hack" your phone.
There are a number of ways to do this. These methods vary with the make and model of your Android phone. All methods involve deleting the passcode/settings for the lockscreen via USB tethering.
Just keep in mind there is quite a lot that can go wrong with doing something like this. You're manipulating system files directly on the device. You can corrupt files and make your phone unusable.
I'm sure you'd much rather not deal with any of this. The best way to avoid everything above is to remember your Android's passcode.
Your primary email account
When I write "primary" I'm talking about your main email address. This is the big kahuna, attached to a lot of different stuff and accounts you have.
Yes, I definitely mean the email account that you probably have connected to your bank(s), official type documents, etc.
So if you have multiple email accounts, I'm not talking about the one that you use solely for shopping or job hunting.
Again, I'm focused on the big kahuna. The mothership. The email account that you never, ever want hacked or maliciously accessed because it is connected to so many important accounts.
This applies whether you have 1 email account or 20. Ideally, you should have multiple email accounts to maximize security. But the point is all the same.
Remember the primary one.
Why remember it
Chances are, if you always remember the password to your primary email account you can still reset important accounts such as your online bank account, if needed.
Resetting it is annoying
Without dancing around the point, forgetting the password to your primary email account is a pain in the ass. Point blank.
You know the drill. You have to click "Forgot password?" and then go through the hoops of resetting it. Whether this is by sending a code to an alternate email, or your phone number, or using a device to confirm your attempt to reset the password varies.
The process and options available depends on which email service you use. At the end of the day, even if the solution is "streamlined," it still annoys a lot of us, and with good reason.
But the whole situation can get worse, you see.
It's an even bigger pain in the ass if you have no way to recover it.
Now, do understand that many email providers, such as Gmail, allow you multiple ways to recover/reset a forgotten password.
Gmail, like other providers, often suggest linking a phone number to your email. In the event you forgot your password, you can then use your phone number to help reset your primary email account password.
But what happens if you either (1) never linked or confirmed a phone number or (2) changed phone numbers and haven't updated the linked number?
(Keep in mind, you can't link a phone number when logged out of an account.)
In comes the role of the "backup" email address; a lot of the times you can designate a "backup" email address for an email account.
Well, what happens if you only have this one email address (your primary one that you forgot the password to) or you also forgot the password to the "backup" email address with no way to reset it?
You'll find your self way up creek without a paddle.
In other words, there stands a solid chance that you might have to abandon that email account.
An email account is useless if you can't read the emails you're getting.
Having no viable recovery options is terrible
If simply resetting your primary email password is a pain in the ass, having no way to recover it is that times about 50.
In many instances, you'll have to make a new email address. If you ever forget the password to an account tied to your old email, you'll more than likely have to call the company you have the account with. Over the phone, you'll have to verify your identity.
Whenever (or if) they're satisfied with that, they usually allow to you to change information associated with the account; you can change the old email to your newly created one.
Naturally, some places don't have a phone number for you to call. Sometimes, they have an email address for you to contact. In a lot of cases, they can't do much for you via email so usually, over the phone is your best bet.
There's also the chance that some places won't allow you to change account information over the phone or email. It really depends on the establishment and what their policies are; you have some banks that make you show up in person to do it.
What about just using a password manager?
Now, a viable argument is just to use one of the many password managers on the market.
Using one is a good idea. In fact, in a lot of cases it's probably your best option. It makes having a unique, strong password for every one of your online accounts easy and convenient.
The only issue I have with this is that many password managers require a master password (those that don't can pose a liability) to access the "vault" where all your passwords are stored. What happens if you forget your master password?
In most cases you can't recover your master password like a normal password. Also, you'll have to wipe everything to create a new one.
That's a bad day.
There's also the chance that you might temporarily lose access to your password manager.
For example, let's say you're rushing somewhere and forgot your phone where you have access to a password manager. You need to print something you stored on your primary email from a different computer. You're kind of out of luck if you don't remember the password to your primary email.
At least if you remember the password to your primary email account you have some recourse.
Other passwords to consider remembering
I consider these the runner ups.
They might be a pain to remember, but they generally won't ruin your entire day - or week.
With everything on the planet, there are always exceptions. These exceptions tend to be a little less universal than the above.
Depending on where you work, this could easily launch its way up to the number 1 spot of this post.
In a lot of cases, once you forget the password to your work accounts you must call someone to reset it. That someone is usually one of the helpdesk people working in your organization's IT department.
Doing this often costs you productivity at work, and might cause you a little bit of embarrassment if it happens frequently enough. Loss of productivity can sometimes mean the difference between getting a project done on time, which can in turn affect your work goals.
There are also the risks of annoying the IT department, depending on how often you forget your password and how involved the process of resetting your account(s) is for them; depending on policy, they might have to let your boss know you're forgetting your password(s) frequently enough that they know your middle name.
If you handle sensitive information as part of your job function, it might carry other more severe and serious repercussions as well.
Using a password manager?
Some organizations use password managers, or approve of certain password managers to be used for work related accounts.
If not a password manager, some IT departments have it set up where you can use a single sign-on for your work machine. This typically logs you into most, if not all, applications you need in order to do your day-to-day job.
Other organizations don't have these conveniences, which is unfortunate.
If you use a password manager for your personal accounts, you might think "Well, I can just use my password manager to avoid all the trouble."
Here's my advice: don't do that.
It might seem like a good idea, but it isn't. Chances are you can't install your password manager on your work machine to sync your password.
Sure, you might have the manager on your phone. But what happens if you don't have your phone that one day? What happens if you work in an area where personal phone access is restricted or simply not allowed?
Again, you'll find yourself up creek without a paddle - and you might have to call IT to save you, anyway.
Besides, storing your work credentials with your personal ones isn't a good idea. You should aim to separate the two as much as possible; keeping them separate reduces the risk of a security breach that happens to both work and personal accounts.
Ultimately, your ability to use your own password manager will depend on your organization's policies and its risk tolerances.
With that said: Please follow your workplace policies at all times! If you're not sure about something in your workplace policy, I highly suggest reaching out to the appropriate people at your job.
Writing down passwords (on paper)
A lot of organizations have policies that don't allow you to write down passwords anywhere. Not on paper, and sure enough not in an unsecure digital place like a Word or Excel document on your work station/personal device(s).
Realistically, if you write your work login details on a piece of paper, it's unlikely you'll be hacked by some unknown person.
The real risk that comes with doing this is someone at your work location (co-worker, boss, someone else in your building) using your work credentials.
More than likely, you'll be the one responsible for whatever someone does on your work account(s). Whether that's sending a lewd joke in mass email or visiting banned/illicit websites, you'll be the one to blame for all of it.
Yes, you'll be the one to blame for every single action taken under your account, even when it was someone else who logged on and did everything!
Often you can't come out and say that you were "hacked."
Why not? Because most, if not all, of the answers you give can land you into even more trouble.
Plus often times the IT department can deduce what happened to a work station/work account at the time the "violation" was committed via tools at their disposal. So if you lie, there's a good chance you'll be caught in that lie.
Also, depending on your work policy, if it's discovered that you're recording passwords on paper (or even a Word/Excel/other computer document), that alone can bring about repercussions for you.
The severity of these repercussions range from organization to organization, but the point is having that kind of heat on you typically spells out a really bad time.
This becomes especially true if the discipline policy is strict and comes with bad punishments, such as suspension or termination.
Don't write down your work password(s) anywhere, even if it's not specifically against your work place's policy. Overall, it's a bad practice (outside of limited circumstances).
You're better off making the inconvenient or potentially embarrassing call to IT to reset your password(s).
Ideally, you should just commit work credentials to memory to avoid all the hassle. It's hard for strange hackers and your co-workers to reach inside your brain and snatch your work password(s).
Master password for your password manager
I touched on this earlier, but now I want to go more in depth.
For the uninitiated, the master password is the password that is used to gain access to a password manager. You need to remember one typically long (and hopefully) complex password to be able to see and use the passwords for accounts it has stored.
It makes sense, right?
Now, what happens if you forget that bad boy?
Along with forgetting your work-related password(s), forgetting the main password to your password manager also has the potential to launch itself up to the top of this post. It's also placed here because not everyone uses a password manager.
This is for the sole reason that for a lot of password managers, forgetting your master password is game over.
In many cases, the master password simply cannot be recovered.
There is no "Forgot password?" link to click on; there is no largely inconvenient process to wade through. typically, contacting customer support is a dud - a lot of the time, they can't reset it for you.
Therefore, you typically only have 2 options:
- Try everything in your power to remember what the password is.
- Wipe all the data stored in the manager. This means all your passwords that were generated and saved will be gone.
If it's come to this point, you're more than likely stuck with option 2.
When you wipe all the data, you're starting from scratch. Since you were using your password manager, you probably didn't committ the passwords it stored to memory either.
But the passwords to those accounts it stored don't automatically delete from whatever business's servers they're stored on.
In other words, for the account passwords you don't remember, you'll have to go reset every single one.
That's right. You'll need to reset each of those accounts for which you no longer have the password for! Depending on how many accounts you had stored, this can be a ton of work.
Hopefully, you didn't forget the email account you used for those accounts, as this will no doubt be the most common method for resetting those lost passwords...
Primary bank account
The difficulty of resetting an online banking password truly depends on your bank and its policies.
There are some banks that don't let you reset a password without calling in and verifying your identity. I've heard of some banks or other financial institutions sending a PIN to the address on file in order to confirm identity as well.
However, the good news is that most will let you reset your password as long as you have access to the phone number or email associated with the account. (And this email is likely your primary email address, right?)
It might be good practice to always remember your primary bank account password no matter what, but I think there are enough fail safes in play if you do forget. Other passwords tend to be more critical to remember.
Due to the variety banks and their policies, this one is placed in the runner-up category.
Home Router (Wi-Fi) Password
The number one downside to forgetting your home Wi-Fi password is that there's no "Forgot my password?" function that only lets you reset the password.
If you forgot the Wi-Fi password and don't have it stored somewhere, you have to reset/restore the router. Doing this usually means the router goes back to its factory settings.
On top of having to go put the new password into all of your Wi-Fi devices, you'll have to sit through all the firmware updates for the router too.
Thankfully, in a lot of cases you have a computer or a smartphone that saves the Wi-Fi password to make future connections faster and more convenient.
These are frequently a saving grace because you can just see the password on the device and then be about your way.
Though, there are occasions where this isn't possible. That's what makes forgetting your Wi-Fi password such a pain.
However, it's safe to say that there are a lot of decent failsafes should you forget the password to your home router.
Again, I understand that you have a lot to remember.
But remembering just a couple of the passwords most relevant and critical to you can make your life easier when the world decides to hand you lemons.
As always, stay safe out there!