• We should now be fully online following an overnight outage. Apologies for any inconvenience, we do not expect there to be any further issues.

How do you manage your passwords?

Kelemvor

Lifer
May 23, 2002
16,928
8
81
So I'm looking for some sort of website or software or whatever that can manage and encrypt passwords since my current system isn't very secure.

I know someone at work that uses Password Gorilla. I've also heard people mention LastPass.com. I'd love something that is able to sync between multiple PCs but I guess I could do that manually by storing the file on dropbox or something like that (which would make it slightly less secure).

Anyway, just looking for recommendations other than Post-It notes, paper under the keyboard, using the same password for everything, etc. :)

Thanks.
 

HamburgerBoy

Lifer
Apr 12, 2004
27,111
318
126
I use one password for everything, and ensure that I remember it by using a short word from the dictionary with neither capitalization nor numbers.

Aside from important stuff. Then I use PINS.
 

MontyAC

Diamond Member
Feb 28, 2004
4,112
1
81
I use LastPass. You can log on at any PC and access your passwords.
 

DrPizza

Administrator Elite Member Goat Whisperer
Mar 5, 2001
49,601
167
111
www.slatebrookfarm.com
I use the brilliant strategy of memorizing all my passwords. I use a system whereby each is different. E.g., my generic password is something like 123boogeypizzaclowncarrots!*

For every site I go to, I insert a few characters between the 123 and boogey. For example, on AT, I could insert AT - but if one password was compromised, someone might figure that out. So, I refined that sytem. Say, instead of AT, I use ZS, since those are each of the letters preceding A and T. That also allows a mix of caps into the password. Thus, hotmail is either 123Gboogey.... (or it's 123GLboogie... depending on whether I add 1 or usually 2, but occasionally 3 or more letters.)

Of course, it's not really 123boogeypizzaclowncarrots - it's something long that my fingers can whip out in about 1 second.
 

Red Squirrel

No Lifer
May 24, 2003
70,608
13,816
126
www.anyf.ca
I used to use a program called "PINs" but it only works in Windows. When I switched to Linux I decided I wanted something web based because I may still want to access my passwords from Windows when I do boot into it. Also makes it easier to access them from work when I VPN into my house.

Could not find any premade software for it so I ended up coding my own. It's rather basic, but it gets the job done. The password is in a text field in plain text but the formatting is set so it cannot be seen. So if someone is looking over my shoulder or something it's not in plain view. I can just then copy and paste it directly into whatever it's going into. Obviously there's the security issue that the password is in clear text in memory in multiple locations by doing this, but it was the simplest approach and for 99% of situations it's fine. It's not like someone is going to sneak on my computer and do a memory dump.




It's encrypted with AES256 into a MySQL Database. The key is actually the password to login to it. Downside with that method is I can't change my password without decrypting and re encrypting with the new password but the upside is if someone was to manage to steal the database it would take a long time to reverse it giving me enough time to go through and change all the passwords.
 

Imp

Lifer
Feb 8, 2000
18,828
184
106
I use 3 passwords in variations with a standardized system easy to memorize.

Then I have my important passwords for bank accounts that are just insane and all written down on paper. No way you can even begin to guess those.
 

Crono

Lifer
Aug 8, 2001
23,720
1,502
136
All in my head. All my passwords are hard to guess, but based on stuff in my imagination, plus numbers I can remember mixed in. I get confused sometimes as to which password goes for which site, but I usually get it after 1 or 2 attempts. Sometimes I do end up using password recovery, though.

I do remember the passwords for the sites I frequently visit.
 

bononos

Diamond Member
Aug 21, 2011
3,938
190
106
locknote and lastpass.
locknote is a small app which you can run off a thumb/hard drive without installation which just opens up a built in text file, lastpass for web accessibility.
 

MrColin

Platinum Member
May 21, 2003
2,403
3
81
I memorize mine and they are synthesized from a stock mix of alphanumerics, spaces, and the type/name of the service. Occaisionally, I encounter a service which objects to the length or certain characters (usually spaces). I sometimes find myself writing to service providers about how stupid their guidelines are, and how they make the service less secure, it never helps as far as I can tell.
 

lxskllr

No Lifer
Nov 30, 2004
60,100
10,567
126
I keep them in my head. I'm leery of of using automated, and centralized tech solutions. It promotes laziness, and puts EVERYTHING in a single failure point. Every so often I look at a password manager, but so far I haven't bitten.
 

Oyeve

Lifer
Oct 18, 1999
22,066
883
126
At work I use password safe for all of my it needs. My personal password are one of three that I have been using for over 25 years.