Go Back   AnandTech Forums > Hardware and Technology > Computer Help

· Hardware and Technology
· CPUs and Overclocking
· Motherboards
· Video Cards and Graphics
· AMD Video Cards
· Nvidia
· Displays
· Memory and Storage
· Power Supplies
· Cases & Cooling
· SFF, Notebooks, Pre-Built/Barebones PCs
· Networking
· Peripherals
· General Hardware
· Highly Technical
· Computer Help
· Home Theater PCs
· Consumer Electronics
· Digital and Video Cameras
· Mobile Devices & Gadgets
· Audio/Video & Home Theater
· Software
· Software for Windows
· All Things Apple
· *nix Software
· Operating Systems
· Programming
· PC Gaming
· Console Gaming
· Distributed Computing
· Security
· Social
· Off Topic
· Politics and News
· Discussion Club
· Love and Relationships
· The Garage
· Health and Fitness
· Home and Garden
· Merchandise and Shopping
· For Sale/Trade
· Hot Deals with Free Stuff/Contests
· Black Friday 2015
· Forum Issues
· Technical Forum Issues
· Personal Forum Issues
· Suggestion Box
· Moderator Resources
· Moderator Discussions

Thread Tools
Old 01-25-2013, 12:49 PM   #1
Senior Member
Join Date: Apr 2001
Location: Brilliant
Posts: 614
Default So here is how I manage all my passwords (Opinion Wanted)

After spending years chasing the next best app for Password Management .. I have returned to the stone age technique ...

I created an excel spreadsheet 47 rows X 7 columns and populated it with absolutely random 12-character passwords. Each password has uppercase and digits.

So cell A17 would, say, contain the word 5Re4sGawerTy

I print two copies of this file (or how many ever) and then delete the original electronic version of the file.

Now lets say I want to open an account on Amazon.com ... I decide that the username will be A17 and password would be G40

I create a draft email in gmail with the subject line "Amazon U/P" and in the message box type in A17 (username) and G40 (password). By the way I use 2-factor authentication for all my Gmail accounts ... and it uses a password system that does not depend on this technique. LOL!

When I want to remember my username and password I do a quick Gmail lookup and then use the hard copy for the actual password.

If I want to change passwords ... I recreate a new random password list but can continue to use my gmail draft folder for the reference cell number.

I used to use LASTPASS ... but became worried about putting too much faith and trust in a company/group that exists on the other side of the wire.

This is the most boring technique of password management but I think its quite secure.

I am looking for someone to punch holes in my technique!
Monsanto is not evil !
We people are evil and Monsanto is just working hard to get rid of us. We are like the pesky weeds that always wants to challenge them. Watch The World According To Monsanto - you will me for it.
vulcanman is offline   Reply With Quote
Old 01-26-2013, 04:22 AM   #2
Super Moderator
Elite Member
mechBgon's Avatar
Join Date: Oct 1999
Posts: 30,699

If you find this system workable, it's a lot better than most.


1. you need your hard copies on hand.

2. you have to type a random 12-character password correctly.

3. 12 characters may not hold up against hardware-accelerated brute-force cracking for very long if the website's encrypted hash database gets compromised and they don't notice for a while. It would depend on the encryption scheme; some are very fast for a GPU-accelerated crack rack to reverse. For my most critical sites, I use as long a password as the site permits (32 characters for my bank, for example).

4. some sites allow more variety of password characteristics than others. For example, if a site only allows alpha-numeric characters, then a password of a given length wouldn't be as strong as if you can also use common symbols. And if you can use high-ANSI characters like, say, ™ or š or Ž, that further complicates a brute-force attack by expanding the character set they have to try. So you could check which sites will allow an expanded character set, and tweak your passwords to include additional stuff as permitted.

The downside is that I'm suggesting even more complication than you're already putting up with In my case, I use a fingerprint reader and software to automate the process. One swipe, monster 32-character password entered, no errors. Unfortunately the company that makes the software got bought out, and the buyer (Apple) won't sell it anymore!
mechBgon is offline   Reply With Quote
Old 01-26-2013, 07:52 AM   #3
Elite Member
Super Moderator
corkyg's Avatar
Join Date: Mar 2000
Location: Tucson, Arizona
Posts: 25,775

Interesting. But, I agree with Mechbegon's last para. I let Roboform handle that on all my systems, all sync'd.
CorkyG - Tucson, AZ

"Ineptocracy- a system of government where the least capable to lead are elected by the least capable of producing, and where the members of society least likely to sustain themselves or succeed, are rewarded with goods and services paid for by the confiscated wealth of a diminishing number of producers." - Merritt Man, 2011
corkyg is offline   Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT -5. The time now is 01:29 PM.

Powered by vBulletin® Version 3.8.8 Alpha 1
Copyright ©2000 - 2016, vBulletin Solutions, Inc.