I’ll be taking advantage of some vacation time over the holidays to do a clean sweep of my secure credentials. I’m a 1Password user, so it’s pretty easy. However, it’s still time consuming. The first step for me is to make a list of the accounts to update. I keep a text list of the services I frequent but there are still a lot that gather dust. For example I have an Amazon S3 account that I almost never need to login to. There are also services that may contain sensitive information like Simplenote, Dropbox and Pinboard that need some attention too.
I try to update all of my primary accounts like bank and email login every 60 days, but I also want to clear out all of those old passwords for services I forgot about, like user forums or web app trials. It’s tedious, but tedium is better than panic.
Of course 1Password makes it all easy:
- Search for a password to find all sites that share that password.
- Browse my list of encrypted disk images to refresh my memory of all of the squirrel holes I store encrypted data.
- Use smart folders to find passwords that have not been updated in the past year.
- … Or that are just plain bad passwords