Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Keeping passwords safe
Old 03-20-2008, 03:43 AM   #1
Recycles dryer sheets
 
Join Date: Jul 2007
Posts: 346
Keeping passwords safe

It seems I have so many passwords...one is required for everything.

I just have the passwords for online groups and things like that stored on my computer.

But my more important passwords for bank accounts and things like that I keep in a locked box.

I just wanted to see what others thought was the best way to keep important passwords safe?

Jim
__________________

__________________
summer2007 is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 03-20-2008, 06:27 AM   #2
Moderator
Walt34's Avatar
 
Join Date: Dec 2007
Location: Eastern WV Panhandle
Posts: 16,539
Committed to memory. They're made of a random combination of names & numbers from dates & places. Somehow I remember which one goes where.
__________________

__________________
I heard the call to do nothing. So I answered it.
Walt34 is offline   Reply With Quote
Old 03-20-2008, 06:56 AM   #3
Thinks s/he gets paid by the post
 
Join Date: Jul 2005
Location: Los Angeles area
Posts: 1,432
My password list is the only hand-maintained (non-computer) list I have - a sheet
of paper with about 30 logins/passwords. This is the only info I will not store on
my computer.
__________________
learn, work, save, invest, fire
CyclingInvestor is offline   Reply With Quote
Old 03-20-2008, 07:31 AM   #4
Full time employment: Posting here.
 
Join Date: Sep 2007
Posts: 717
A bundle of 3x5 cards that I keep in a plastic card holder on my desk. All important info about each account is written on a card---institution, URL, login name, password, security questions, account number(s), phone number, etc.
__________________
rayvt is offline   Reply With Quote
Old 03-20-2008, 07:44 AM   #5
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
donheff's Avatar
 
Join Date: Feb 2006
Location: Washington, DC
Posts: 8,644
Bruce Schnier (sp) a well known security guru keeps his on a paper list in his wallet. He said he hasn't lost his wallet in decades and would change them all if he lost it. I assume he must keep another copy somewhere else. I keep mine in password safe a free, open source application for storing and retrieving encrypted passwords. You can copy the app and data file onto a USB key and carry it with you. If you trust your online mail system like Gmail or whatever you could keep a copy in your email drafts folder or as a Google Doc. Just don't send it to someone else over email where it will traverse the Internet in clear text.

Edit: speaking of the drafts folder I read that criminals and terrorists use that method to pass information. I.e., two or more parties have access to the account and write to each other through the drafts folder - nothing passes across the Net in clear text for NSA to spot.
__________________
Every man is, or hopes to be, an Idler. -- Samuel Johnson
donheff is online now   Reply With Quote
Old 03-20-2008, 08:29 AM   #6
Thinks s/he gets paid by the post
Bikerdude's Avatar
 
Join Date: Jul 2006
Posts: 1,901
I keep mine on paper in a code that only I know. An example would be oldpet123 means my first pets name followed by 123.
__________________
“I guess I should warn you, if I turn out to be particularly clear, you've probably misunderstood what I've said” Alan Greenspan
Bikerdude is offline   Reply With Quote
Old 03-20-2008, 08:29 AM   #7
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
RunningBum's Avatar
 
Join Date: Jun 2007
Posts: 5,184
I keep a file on my computer with just enough of a hint of each account/username/password that I can figure it out. I have ways to indicate variations of common passwords/PIN numbers that I use.

The encrypted program on a USB thumb drive is probably safer, but I think my system is good enough. I worry more about the system that I have my information on being hacked than I do my own password being found and used. I do check my accounts where I've got money pretty often, to make sure nothing looks changed or missing.

I suppose once one password was compromised, it might not be too hard for someone to figure out my method and get to the others that one is based on. If I were an international spy and worrying about the NSA trying to crack it, I'd be more worried.
__________________
RunningBum is offline   Reply With Quote
Old 03-20-2008, 08:45 AM   #8
Recycles dryer sheets
 
Join Date: Apr 2005
Posts: 306
I use roboform ( roboform.com). I like it because it automatically fills and submits them on the webpage when I tell it to.
__________________
-----------------------------------------------------
Whatever you do will be insignificant, but it is very important that you do it.
mickj is offline   Reply With Quote
Old 03-20-2008, 08:58 AM   #9
Recycles dryer sheets
 
Join Date: Dec 2006
Posts: 191
Quote:
Originally Posted by donheff View Post
... I keep mine in password safe a free, open source application for storing and retrieving encrypted passwords. You can copy the app and data file onto a USB key and carry it with you. ...
I use something similar as well... I connect to it via USB as needed (when I can't remember the password or need to update it). The file contains basic info on all of our accounts/assets.

The file itself on the USB drive is password protected (no way I can forget that one) as well, so every year I also print out this information and store it in the fire box - this is where my DH would look for it.
__________________
lucija is offline   Reply With Quote
Old 03-20-2008, 09:27 AM   #10
Administrator
W2R's Avatar
 
Join Date: Jan 2007
Location: New Orleans
Posts: 38,890
Quote:
Originally Posted by Bikerdude View Post
I keep mine on paper in a code that only I know. An example would be oldpet123 means my first pets name followed by 123.
I do a similar thing, and sometimes I would list it as Ro123 if the dog's name was Rover (in other words, just use the first 2-3 letters instead of the whole thing, or sometimes just one of the numbers would be enough, like Ro3). All it takes is enough to jog my memory. I don't list anywhere what the passwords are for. I usually know that for this application, it's on the upper left of the sheet and for that one, the lower middle, and so on. Once I see the code I can usually remember which one goes to the application in question, though once in a while there are two similar ones on the same part of the paper, so I have to try two.

I remember back in the old days, before one was forced to change passwords at irregular intervals and make them so-called "strong passwords" and such. Back then, I had the same password for everything and simply did not allow anyone to look over my shoulder and did not tell anyone what it was. I never had my password stolen, and if someone walked behind me while I was typing it then I would change all of my passwords that day. That was pretty easy, and I never had any problems with it. It was easy to remember one password, so I didn't have to write anything down. Ah, the simple days of yore!
__________________
Already we are boldly launched upon the deep; but soon we shall be lost in its unshored, harbourless immensities.

- - H. Melville, 1851
W2R is offline   Reply With Quote
Old 03-20-2008, 09:32 AM   #11
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
TromboneAl's Avatar
 
Join Date: Jun 2006
Posts: 11,198
I like Password Vault.
__________________
Al
TromboneAl is offline   Reply With Quote
Old 03-20-2008, 11:35 AM   #12
Moderator Emeritus
CuppaJoe's Avatar
 
Join Date: Jun 2007
Location: At The Cafe
Posts: 6,866
I keep scraps of paper with account numbers and a cryptic list of phone numbers that I knew from my past. There will be one fake phone number it there that contains the password or a hint to it if the password requires letters as well as numbers. I also keep the numbers in a draft e-mail. I'm looking into other methods as I'm setting up a home office.
__________________
CuppaJoe is offline   Reply With Quote
Old 03-20-2008, 11:42 AM   #13
Recycles dryer sheets
figner's Avatar
 
Join Date: Jan 2007
Location: Los Angeles area
Posts: 329
I keep em in a GPG-encrypted file, so I only have to remember the one passwd for that file.
The GNU Privacy Guard - GnuPG.org
__________________
figner is offline   Reply With Quote
Old 03-20-2008, 01:06 PM   #14
Thinks s/he gets paid by the post
SecondCor521's Avatar
 
Join Date: Jun 2006
Location: Boise
Posts: 2,402
I could tell you what I do, but then I'd have to kill you... ;-)

Seriously, my approach to security is two-fold:

First, I keep my passwords and critical data in a relatively secure but handy spot, and my passwords are relatively strong but not cryptographically ideal. Generally speaking, I have a password-generation algorithm that I have committed to memory, so most of the time I can generate the correct password on the fly.

Second, I monitor everything. If my data is compromised I believe I will find out rather rapidly -- I check my credit report daily, I check my banking and investing accounts nearly daily, I have a credit alerting service, and most all companies I work with would send me emails or mail if a thief changed my account somehow.

Between those two things I feel safe enough.

2Cor521
__________________
"At times the world can seem an unfriendly and sinister place, but believe us when we say there is much more good in it than bad. All you have to do is look hard enough, and what might seem to be a series of unfortunate events, may in fact be the first steps of a journey." Violet Baudelaire.
SecondCor521 is offline   Reply With Quote
Old 03-20-2008, 01:18 PM   #15
Recycles dryer sheets
 
Join Date: Jan 2008
Posts: 265
Quote:
Originally Posted by TromboneAl View Post
Since this is at least the second time I've seen TromboneAl recommend this, I decided to give this a try.

It is much better than what I had been doing and since it is an encrypted file, you can leave it on your desktop. The tool makes it easy to find your info and will actually launch the associated url and copy the password to the clipboard ready for pasting (with a setable clear clipboard timeout). It has a tool that will help generate strong passwords, so you can have different strong passwords for each site (and don't even have to type them in).
__________________
rgarling is offline   Reply With Quote
Old 03-20-2008, 01:37 PM   #16
Thinks s/he gets paid by the post
Goonie's Avatar
 
Join Date: Oct 2006
Location: North-Central Illinois
Posts: 3,198
Quote:
Originally Posted by Walt34 View Post
Committed to memory. They're made of a random combination of names & numbers from dates & places. Somehow I remember which one goes where.
Mostly the same thing here....but once in a blue moon I forget one, so.....

Quote:
Originally Posted by donheff View Post
Bruce Schnier (sp) a well known security guru keeps his on a paper list in his wallet.
.....yep......got a list of my cryptic pw hints in my wallet.....also a copy in my big-@ss safe. And just to cover all bases..........

Quote:
Originally Posted by lucija View Post
I use something similar as well... I connect to it via USB as needed (when I can't remember the password or need to update it). The file contains basic info on all of our accounts/assets.

The file itself on the USB drive is password protected......
......I keep a password protected file, on my password protected USB Flash Drive.....that I carry with me all of the time. It also contains copies of all of my important papers and files, as well as all of our vacation pix.....and a couple of old DOS games that I still like to play occasionally. Oh, and it also contains a copy of the combo to the big-@ss safe!

And if all that ain't enough......there's a copy of the list in the safety deposit box down at the bank!

However, when all is said and done......I almost always remember what password to use at which site. And if I use the wrong one and end up with a "wrong username or password" message, then I remember the correct one......9 times out of 10 anyway.
__________________
Goonie is offline   Reply With Quote
Old 03-20-2008, 01:52 PM   #17
Full time employment: Posting here.
jambo101's Avatar
 
Join Date: Oct 2007
Location: Montreal
Posts: 940
I only have the bank password committed to memory,all other passwords are the same so i only have to remember 1.What could some one do if they knew my password to this forum,? or any other forum i visit.
__________________
"Second star to the right and straight on till morning"
jambo101 is offline   Reply With Quote
Old 03-20-2008, 01:54 PM   #18
Thinks s/he gets paid by the post
Goonie's Avatar
 
Join Date: Oct 2006
Location: North-Central Illinois
Posts: 3,198
And now for something completely different semi-related.....

Back when I was still employed, I had a master username and password for all the important stuff! I had fellow employees try to figure it out....with absolutely no success.....never even close!

My standard username was.........ummmm......"username". Can ya guess what my standard password was? Yup! It was "password"! It was easy for me to remember.....but waaaaay to difficult for my co-workers to figure out!

Of course they never figured out that the icon labeled "Chemical List" was actually a solitaire game, and the one labeled "Lab Equipment" was actually 'Tux Racer'. Or that if I moved the mouse cursor to a 'hot corner', a fake spreadsheet would instantly appear on screen.....to cover up the fact that I was playing cards or sending a penguin careening down an icy slope!

(end of mini-hijack)
__________________
Goonie is offline   Reply With Quote
Old 03-20-2008, 02:56 PM   #19
Thinks s/he gets paid by the post
jIMOh's Avatar
 
Join Date: Apr 2007
Location: Milford, OH
Posts: 2,085
I use password themes.

for financial sites, all passwords follow a certain theme and that theme will never be forgotten unless my mind goes.
for work sites, they follow a similar pattern, but different theme
for social sites, I use similar format to work sites

I have a spreadsheet which reminds me of all account locations and the login id at that site. The theme is there, but unless you know the contents of the theme, it would be impossible to guess.
__________________
Light travels faster than sound. That is why some people appear bright until you hear them speak. One person's stupidity is another person's job security.
jIMOh is offline   Reply With Quote
Old 03-20-2008, 03:04 PM   #20
Full time employment: Posting here.
 
Join Date: Sep 2007
Posts: 717
Quote:
Originally Posted by Want2retire View Post
I do a similar thing, and sometimes I would list it as Ro123 if the dog's name was Rover (in other words, just use the first 2-3 letters instead of the whole thing, or sometimes just one of the numbers would be enough, like Ro3). All it takes is enough to jog my memory. I don't list anywhere what the passwords are for.
You gotta be careful with methods like this. You've got to be able to reliably remember the passwords. I well recall when I was in the hospital for 2 weeks last year....I felt so crappy that I could barely remember what month it was, let alone arcane things like remembering what corver of a sheet of paper tolook at. Also, you've got to make sure that your spouse (or whomever) can find the passwords when/if you are dead or incapacitated. Or lose your memory.
__________________

__________________
rayvt is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Default passwords cute fuzzy bunny Other topics 0 02-22-2006 11:13 AM
Website to Borrow Passwords? haha Other topics 9 06-23-2005 12:09 PM
Keeping what you can Bookm FIRE and Money 7 03-29-2005 09:18 AM
"Is the Safe Withdrawal Rate TOO Safe?" Nords FIRE and Money 13 10-20-2004 11:36 AM

 

 
All times are GMT -6. The time now is 10:29 AM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.