|
|
How do you keep track of passwords?
12-29-2014, 06:09 PM
|
#1
|
Thinks s/he gets paid by the post
Join Date: Jul 2007
Posts: 1,085
|
How do you keep track of passwords?
How do you all keep track of the different usernames and passwords on the numerous web sites you are registered on? "Experts" say to never write a password down, but there is no way I can keep track of all this in my head. And when you register on a site, do you try to use the same username and password that you use on other sites to make it simpler?
For some sites, I'm not that concerned if someone gets into my account, but financial accounts are a different story.
A funny story, but when I worked, the computer security experts wanted us never to write our passwords down. One time, I was in his office and he tried to log onto a site and could not remember his password. He got a piece of paper out from his briefcase, looked at it, logged on and said "You didn't see this"
|
|
|
|
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!
Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!
You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!
|
12-29-2014, 06:11 PM
|
#2
|
Thinks s/he gets paid by the post
Join Date: Oct 2002
Location: Chattanooga
Posts: 3,893
|
I keep a hard copy of all my passwords, probably have over thirty. Plus I don't like to keep them anywhere on my computer.
__________________
Earning money is an action, saving money is a behavior, growing money takes a well diversified portfolio and the discipline to ignore market swings.
|
|
|
12-29-2014, 06:13 PM
|
#3
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jul 2009
Posts: 5,308
|
I use Roboform a password manager. I have some variation of a password that I use (it is customized for each site) that I use for non-critical sites. For financial passwords and my email passwords I use a unique password for each one. I do have a hard copy (not on the computer of a few critical passwords).
|
|
|
12-29-2014, 06:27 PM
|
#4
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2008
Posts: 13,146
|
My passwords are randomly generated and stored in a good password manager.
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
|
|
|
12-29-2014, 06:29 PM
|
#5
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2008
Location: On a hill in the Pine Barrens
Posts: 9,720
|
I use an old rolodex-type program - PalmPilot. The file is stored in an encrypted volume.
A secure password manager is much better, though. Something like lastpass works fine.
|
|
|
12-29-2014, 06:35 PM
|
#6
|
Thinks s/he gets paid by the post
Join Date: Jul 2007
Posts: 3,229
|
LastPass is a good tool for managing your online passwords. It will auto generate and save very complex passwords for you so you don't have the problem of trying to remember them which usually results in people using the same and/or simple to guess passwords.
|
|
|
12-29-2014, 06:37 PM
|
#7
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jan 2008
Location: NC
Posts: 21,303
|
Our sensitive passwords (about 8) are hard copy and backed up to a flash drive. All my other passwords (another 30) are on a spreadsheet on my PC. I used to go to some length to protect them all until I realized the consequences of losing most of them weren't worth the effort. What's the downside if someone gets my ER.org password really? There are several ways to deal with it.
__________________
No one agrees with other people's opinions; they merely agree with their own opinions -- expressed by somebody else. Sydney Tremayne
Retired Jun 2011 at age 57
Target AA: 50% equity funds / 45% bonds / 5% cash
Target WR: Approx 1.5% Approx 20% SI (secure income, SS only)
|
|
|
12-29-2014, 07:33 PM
|
#8
|
Moderator
Join Date: Oct 2010
Posts: 10,723
|
Quote:
Originally Posted by zinger1457
LastPass is a good tool for managing your online passwords. It will auto generate and save very complex passwords for you so you don't have the problem of trying to remember them which usually results in people using the same and/or simple to guess passwords.
|
I also use LastPass. I like that it is not an advertising business model; you get the web version for free and pay 10 bucks a year if you want to use it on mobile devices. The encryption is all done locally in JavaScript, so what is saved on the LastPass servers is an encrypted blob that is pretty close to impossible for anyone to decrypt, including LastPass. I honestly only have memorized one password... Actually a pass phrase because longer is better...and that's my LastPass pass phrase. If you run with the browser plug-in, you authenticate with LastPass one time, and it populates user name and password when it "sees" a login page. It also recognize s when you do a password change and chunks the new password into it's memory. You can download the blob so that you can have access to your passwords offline. It is not open source, but some smart folks have looked at the JavaScript code and also sniffed the traffic without finding anything suspect, so I trust it to keep my stuff safe.
|
|
|
12-29-2014, 08:02 PM
|
#9
|
Thinks s/he gets paid by the post
Join Date: Feb 2012
Posts: 1,477
|
Quote:
Originally Posted by Midpack
Our sensitive passwords (about 8) are hard copy and backed up to a flash drive. All my other passwords (another 30) are on a spreadsheet on my PC. I used to go to some length to protect them all until I realized the consequences of losing most of them weren't worth the effort. What's the downside if someone gets my ER.org password really? There are several ways to deal with it.
|
+1
|
|
|
12-29-2014, 09:55 PM
|
#10
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2007
Location: Denver, Colorado
Posts: 6,258
|
Don't I remember this conversation taking place only a couple of months ago?
__________________
"It's tough to make predictions, especially when it involves the future." ~Attributed to many
"In theory, there is no difference between theory and practice. But, in practice, there is." ~(perhaps by) Yogi Berra
"Those who have knowledge, don't predict. Those who predict, don't have knowledge."~ Lau tzu
|
|
|
12-29-2014, 09:59 PM
|
#11
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Nov 2010
Location: Sarasota, FL & Vermont
Posts: 36,370
|
I have one or two passwords that I use for non-critical sites (sites where if my password was compromised the implications are not very dire). For financial sites, I have a particular scheme but the password for each site ends up being different.
__________________
If something cannot endure laughter.... it cannot endure.
Patience is the art of concealing your impatience.
Slow and steady wins the race.
Retired Jan 2012 at age 56
|
|
|
12-29-2014, 10:01 PM
|
#12
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jul 2014
Location: Spending the Kids Inheritance and living in Chicago
Posts: 17,094
|
I use keepass, its like lastpass but not on the web.
So I don't worry that a web server will be hacked (it must be a big target).
The encrypted file is stored locally on my machine and I can copy it to a flash drive or other machine (laptop) to travel.
I only need to remember 1 password to open it and then have access to 100's of different usernames and passwords for the sites I visit.
I also own some domains, so I have unlimited email accounts for the sites that need you to use email for the username.
I forward all these disposable emails to a real email account so I can get reminders/spam
|
|
|
12-30-2014, 04:30 AM
|
#13
|
Thinks s/he gets paid by the post
Join Date: Dec 2012
Location: Georgia
Posts: 2,240
|
Quote:
Originally Posted by sengsational
I also use LastPass. I like that it is not an advertising business model; you get the web version for free and pay 10 bucks a year if you want to use it on mobile devices. The encryption is all done locally in JavaScript, so what is saved on the LastPass servers is an encrypted blob that is pretty close to impossible for anyone to decrypt, including LastPass. I honestly only have memorized one password... Actually a pass phrase because longer is better...and that's my LastPass pass phrase. If you run with the browser plug-in, you authenticate with LastPass one time, and it populates user name and password when it "sees" a login page. It also recognize s when you do a password change and chunks the new password into it's memory. You can download the blob so that you can have access to your passwords offline. It is not open source, but some smart folks have looked at the JavaScript code and also sniffed the traffic without finding anything suspect, so I trust it to keep my stuff safe.
|
LastPass is our solution as well. I especially like the new enhancements that make it more useful on Android devices: https://blog.lastpass.com/2014/03/lo...just-got.html/
|
|
|
12-30-2014, 05:22 AM
|
#14
|
Full time employment: Posting here.
Join Date: May 2011
Location: Twin Cities
Posts: 523
|
I use KeePass for all of my financial sites and an Excel spreadsheet for the 200+ usernames/passwords for sites that won't impact me financially.
|
|
|
12-30-2014, 05:36 AM
|
#15
|
Moderator
Join Date: Feb 2010
Location: Flyover country
Posts: 25,356
|
I've been using 1Password for nearly eight years, and I still like it very much.
|
|
|
12-30-2014, 06:35 AM
|
#16
|
Full time employment: Posting here.
Join Date: May 2007
Posts: 549
|
Most of my passwords for my general sites are from of the same 8 to 12 character password and so I can usually guess but just in case, I keep a list that is coded for quick reference...my family was in the furniture business and we use to "code" our cost on items that we were intent on moving out the door....so you can use any 10 letter word or phrase where the letters do not repeat ( money talks was one of them that I thought most appropriate at the time).
I also use old phone numbers as I learned them as a child ~ back when they included the 1st 2 numbers as a letter designation....heck, I have one account where my PW is my ex-in-laws telephone number from almost 40 years ago...why not? They are long gone and it's burned into my memory so why not use it for something??
|
|
|
12-30-2014, 07:42 AM
|
#17
|
Thinks s/he gets paid by the post
Join Date: Jun 2010
Posts: 2,301
|
Are people worried that last pass will be subject to the same issues as lavabit?
Sent from my Nexus 5 using Early Retirement Forum mobile app
|
|
|
12-30-2014, 07:48 AM
|
#18
|
Gone but not forgotten
Join Date: Jul 2012
Location: Peru
Posts: 6,335
|
Just counted my website links... 134...
Pretty easy to store all those passwords in memory, but maybe I should write them down, just in case.
|
|
|
12-30-2014, 07:52 AM
|
#19
|
Thinks s/he gets paid by the post
Join Date: Jul 2011
Location: Bernalillo, NM
Posts: 2,717
|
I use Norton Identity Safe. It's in the cloud, so I can also access it from places other than home.
__________________
"We live the lives we lead because of the thoughts we think" ...Michael O’Neill
"We can cannot compel others to do our will" ....Norman Goldman
"There never is shortage of the gullible to accept the illogical"...Anonymous
|
|
|
12-30-2014, 08:26 AM
|
#20
|
Thinks s/he gets paid by the post
Join Date: Jul 2007
Posts: 3,229
|
Quote:
Originally Posted by photoguy
Are people worried that last pass will be subject to the same issues as lavabit?
|
Not sure how the lavabit email encryption worked but with lastpass your encryption key is unique to you and stored locally on your computer, any data stored on the lastpass server is first encrypted locally on your computer then sent to the server. Lastpass does not have the ability to unencrypt your data that's on their server which means if you forget your lastpass password you're screwed. Is there some secret key that the NSA has to get around it? Who knows, I figure if the NSA is coming after me they can/will get anything they want, I use it for typical hacker protection.
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
» Recent Threads
|
|
|
|
|
|
|
|
|
|
|
|
|
» Quick Links
|
|
|