I donât have to worry about my password. Itâs the same one as my luggage!
It sure would be nice if the places that let me set passwords would just let me use words that I can remember instead of mAk1ng m# r3m3mB3r! th)s s*rT *F tH@ng?
Great advice if you only have one password to remember.
I have trouble remembering mine so I use a super secret management system
Why not just get a password manager? There are good ones available for free personal use. I have 12 character randomly-generated passwords, they are entered on my behalf, and I only need to keep track of the single password for access to the âVault.â
Why take the work onto myself?
Ï”Űčá¶ČáŸá”âąââing Wired.
Iâm not using an Ad-blocker!
Iâm at a workplace that restricts the browsers I can use and the content I can see!
Let me see the article!
Use a password manager.
Use Diceware to generate a memorable master password for your password manager.
Done.
I just recently cracked 100 in my spreadsheet.
Yeah, itâs horrifying that I have a spreadsheet (definitely bothers me), but itâs equally horrifying the idea that I have to remember 100 passwords to just run my online life.
Thereâs no satisfying solution to the problem that Iâve seen so far. I thought the pitbull wallet was very promising, but alas, it never got made.
I keep a notebook of acronyms. I do so because my memory is not what it used to be.
What teh hell am I talking about? Its how I generate unique passwords for sites while keeping them in written form so I can remember them.
I go to a site, say Ars Technica. I make up a sentence that is related to the site, something like âArs Technica is my go to for tech newsâ (thatâs not the actual one I use)
I create an acronym of the sentence - atimgtftn
I use a rule for generating upper case, do it for all duplicate consonants. aTimgTfTn
One more rule, leet speak the first vowel and any duplicates - 4TimgTfTn
and now I have a unique password for my Ars Technica login. Since I donât write down my ârulesâ all that anyone will see in my notebook is âArs Technica is my go to for tech newsâ
I suppose you could write down fake rules to deceive those who would peek in your notebook. Such a pity that those employing the fake ones would not then be caught by the revolving knives trap you set.
Shouldnât the first suggestion be: âUse a password manager that randomly generates and stores unique passwords for each site?â
So I donât run afoul of copyright issues hereâs my paraphrase of the steps. I hope thisâll do.
-
Keep it short.
-
Make it distinctive. Very distinctive. The more bizarre the better.
-
Special characters are like sugar: they should be sprinkled all over.
-
Donât use the same password in two different places.
-
Frequent changing of passwords is a bad idea, and so is making others change their passwords frequently.
-
Relax. The best thing to do is stick to the basics and remember they make you statistically less likely to be hacked.
-
Programs should be designed with more than one level of authenticationâlike putting multiple doors on a safe.
This is a timely post for me because Iâm currently creating my own password infrastructure from the ground up, and my one problem with this idea is that I frequently need to use computer labs and I donât know a way to carry a password manager with me. I love, love, LOVE the idea of having a physical password USB âkeyâ to carry though.
Also, I adapted Diceware to playing cards. Itâs a lot faster because you have enough cards to draw eight after one shuffle.
So âFuckyourpasswordrules1!â is a weak password? (Oh wait, thatâs not allowed by half of sites because they require your password to be between 8 and 16 characters)
I use KeePass on my computer, and save its encrypted database in a Dropbox folder, and I run Dropbox and MiniKeePass on my iPhone.
Itâs not ideal-- to get the latest version of the password database on my phone, I have to launch the Dropbox app, select the database file, and âOpen in MiniKeePassâ; and to save updates from my phone, I have to âOpen in Dropboxâ from MiniKeePass. But it works (and doesnât cost money).
Anyone got a smoother process?
What password manager do you use?
Link to Diceware?
A walled garden link to Diceware:
My âpassword managerâ are encrypted text files I store on multiple places (USB sticks, mail, etc) - I use openssl for en/decryption, a (for me) ubiquitous tool as I use only computers with an installed version.
Diceware is actually a concept not a piece of software (unless it is one, I donât know). You make a huge table of words and literally roll dice to determine which of those words to string together to make a password. Since each word is a word itâs fairly easy to remember the short phrase you rolled up but it has extremely high entropy.
Okay, I need something less techy to manage my passwords. I have literally gotten to the point where I give up on trying to remember what site has what password.