|
|
02-02-2007, 09:17 AM
|
#1
|
Moderator Emeritus
Join Date: Feb 2004
Location: minnesota
Posts: 13,228
|
Password Management
Greg and I have too many user names and passwords. It used to be we had a trick for creating passwords noone else could figure out. But now many places are requiring long passwords with numbers and letters and even sometimes variations in case.
To me this does not make things more secure it makes them less secure because you end up having to write them down.
Any way to store your passwords securely?
__________________
.
No more lawyer stuff, no more political stuff, so no more CYA
|
|
|
|
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!
Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!
You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!
|
02-02-2007, 09:31 AM
|
#2
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,708
|
Re: Password Management
This is the bane of my existence. Service providers that put some requirements on your user names and pins or forces regular password changes, which pretty much results in most people writing them down on a piece of paper and sticking them to their monitor or under the keyboard.
There are software 'vaults' you can get for free or small fee that store and will fill in your information. I went for a decidedly low tech solution.
You know those minuscule 8/16MB flash chips you get for free with every new digital camera purchase, immediately dropped in a drawer in favor of something that'll actually store more than 1 picture?
Got a flash card reader in your laptop or desktop? If not, go get an $8 flash reader or usb->flash adapter.
Put a zip file on the flash chip and password protect it. Put a file on there with all your user names and passwords on it. While you're at it, put your tax documents, will, any other pertinent emergency type files.
I leave it sitting in the reader but not all the way in. If I need to see a password, add a user/password, update a document...push it in, type in the zip file password and away I go...then eject it when i'm done.
My passwords and critical docs arent online but briefly, then still protected by password. I can grab that chip anytime and have everything important. And I can stick it in any computer and get my info, so my wife can snag it for her laptop if she wants to log into something.
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
|
|
|
02-02-2007, 09:45 AM
|
#3
|
Moderator Emeritus
Join Date: Feb 2006
Location: San Francisco
Posts: 8,827
|
Re: Password Management
I have two passwords, one which is longer, contains numbers, characters, etc and which will meet the requirments of almost any site. I also have a short easy one for trivial sites. That's it. Even I can remember 2 of them.
A few rules: if it isn't long enough I just type it twice til I hit the needed number of characters (3pass3pa if 8 characters are required). If new passwords are required every 3 months, I just add sequential numbers to the beginning (1pass gets changed to 2pass, etc.).
Finally, I store these in my usual contact DB/Palm but with only the first letter of the password (enough to remind me which one it is).
Seems to work so far.
__________________
Rich
San Francisco Area
ESR'd March 2010. FIRE'd January 2011.
As if you didn't know..If the above message contains medical content, it's NOT intended as advice, and may not be accurate, applicable or sufficient. Don't rely on it for any purpose. Consult your own doctor for all medical advice.
|
|
|
02-02-2007, 09:53 AM
|
#4
|
Recycles dryer sheets
Join Date: Jan 2006
Posts: 362
|
Re: Password Management
http://www.roboform.com
I use roboform, free version. stores up to 10 username/passwords.
__________________
Fat, drunk, and stupid is no way to go through life, son.
|
|
|
02-02-2007, 10:06 AM
|
#5
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,708
|
Re: Password Management
Rich - thats the same thing I used to do...and that worked great until I hit a couple of 'service providers' who had specific demands that neither of my existing two passwords met and were incompatible with each other.
I quit on Digital Credit Union when they went to strong passwords that you have to change several times per year. That practically guarantees needing to write it down, although I got around that requirement in the working world by using the same password but rotating one digit in it from 0-9.
What kills me is the user names...some calling for email, some having to be under 8 characters, some more than 6, and somebody always having my name or other easily remembered thing. I suppose I could have adopted some implausible mnemonic and used that, but we also have some of my wifes accounts that she used her maiden name on and of course...cant change the user name without destroying and recreating the account. Two of which are her retirement plans.
:P
I'll be glad once some universal "key" is adopted and everything uses that...in 2039...
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
|
|
|
02-02-2007, 12:34 PM
|
#6
|
Full time employment: Posting here.
Join Date: Apr 2006
Posts: 897
|
Re: Password Management
From Mar '06...
Quote:
Kingston Technology Company Inc. this week introduced a USB flash drive that secures data using password protection and 128-bit hardware-based AES encryption.
Offering up to 4GB of secure storage, Kingston’s DTE Privacy Edition device is designed to meet enterprise-level security and compliance requirements. The drive has a mechanism that locks out potential users after 25 consecutive failed password attempts.
|
... or most any $20 flash drive has the password capability.
My 1 GB Verbatim flash drive, was $13 and has a "secure area" and a "public" area. You specify the size - whether you want 20 MB or 999 MB secure. I got my Verbatim from Office Max or one of those type stores.
Put a .txt file (text file) in the secure area with all your passwords.
Or, if you really think someone will ever steal your USB drive, and be out to crack into it, buy the Kingston. It's a couple more bucks ($40-ish).
Kingston "only" gives them 25 tries to get the password, supposedly. So, they can't try a brute force crack where every possible combination is tried. This would take hours, if not days, I imagine. I'm not sure how to even go about it, but someone with a little time could potentially crack into my Verbatim.
-CC
Edit: I guess nothing is 100%, I mean, if your friendly electrical engineer wants to take the guts out of the Kingston and put it in another USB drive, maybe that'd work...
Same thing as if you wrap your car in steel plates.... Before long someone could have a torch, or a saw, workin' at gettin' in.
Damn, I'm paranoid.
__________________
"There's those thinkin' more or less, less is more, but if less is more, how you keepin' score?
It means for every point you make, your level drops. Kinda like you're startin' from the top..." "Society" - Eddie Vedder
|
|
|
02-02-2007, 01:04 PM
|
#7
|
Moderator Emeritus
Join Date: Feb 2005
Location: San Diego
Posts: 5,267
|
Re: Password Management
Because I'm a freak, I have all dozen or so passwords stored in my head, my work alone has 4 for different systems/networks. The reason it's easy for me is I use passphrases using just the first letters of the words in the phrase. Let's say I love Britney Spears' Music, so I set one machine's password to "Oops I did it again! I played with your heart, got lost in the game, oh baby, baby." and my password would be "OIdia!Ipwyhglitgobb". I use better examples than this, usually with an obvious word that can be substituted with a number "Crazy for you" C4y etc. Then I try to use something obscure to link these passwords together some common relationship (trashy teeny pop singers - is this the Christina Agulara network?). It creates tough passwords that are easy to remember, I just have to be sure not to hum while entering it...
|
|
|
02-02-2007, 01:17 PM
|
#8
|
Thinks s/he gets paid by the post
Join Date: Jul 2005
Posts: 1,466
|
Re: Password Management
Quote:
Originally Posted by Laurence
Because I'm a freak, I have all dozen or so passwords stored in my head, my work alone has 4 for different systems/networks. The reason it's easy for me is I use passphrases using just the first letters of the words in the phrase. Let's say I love Britney Spears' Music, so I set one machine's password to "Oops I did it again! I played with your heart, got lost in the game, oh baby, baby." and my password would be "OIdia!Ipwyhglitgobb". I use better examples than this, usually with an obvious word that can be substituted with a number "Crazy for you" C4y etc. Then I try to use something obscure to link these passwords together some common relationship (trashy teeny pop singers - is this the Christina Agulara network?). It creates tough passwords that are easy to remember, I just have to be sure not to hum while entering it...
|
Whatever works. I guess as long as your passwords aren't related to Paris Hilton or Britney Spear's hoo-ha, I guess you'll be okay
I've used base counting using calcuations with primes for my personal password and creation storage. It's my own weird methodology which has served me well for quite a few years.
__________________
fuzzy? cute?
|
|
|
02-02-2007, 01:22 PM
|
#9
|
Moderator Emeritus
Join Date: Feb 2005
Location: San Diego
Posts: 5,267
|
Re: Password Management
Quote:
Originally Posted by cube_rat
Whatever works. I guess as long as your passwords aren't related to Paris Hilton or Britney Spear's hoo-ha, I guess you'll be okay
I've used base counting using calcuations with primes for my personal password and creation storage. It's my own weird methodology which has served me well for quite a few years.
|
Must you always point out the difference between us bottom feeder IT guys and you elite computer scientists? Base counting using primes....pass the grey poupon!
|
|
|
02-02-2007, 01:27 PM
|
#10
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Feb 2006
Location: Washington, DC
Posts: 11,331
|
Re: Password Management
I use PasswordSafe. It stores all of your passwords in an encrypted file accessible with one password. I keep a copy of the application and the DB of passwords on a USB key.
For generating passwords I use a couple passphrases that I can use to come up with a simple or complex password. Passphrases use the first letter of each word in a phrase to come up with the password. For example: I wish I could remember my password would be Iwicrmp. Add in some dates and a hyphen and you are done.
__________________
Idleness is fatal only to the mediocre -- Albert Camus
|
|
|
02-02-2007, 01:53 PM
|
#11
|
Thinks s/he gets paid by the post
Join Date: Feb 2006
Posts: 3,895
|
Re: Password Management
i have a pretty low-tech method. i have a username & password for private money stuff that i don't write down anywhere ever.
then i have another password or two (depending on the host site's requirements) & numerous usernames for everything else. the everything else goes to a multitude of various forums, online billings, services, online consumer sites, etc. each one of those also has different emails depending on how much i use them, generally utilities & such go to a business box i set up with my internet provider while most of the rest default to a junk email box i set up on yahoo.
i keep record of all that on a word document which is password protected with, yup, the same password i have for everything else.
__________________
"off with their heads"~~dr. joseph-ignace guillotin
"life should begin with age and its privileges and accumulations, and end with youth and its capacity to splendidly enjoy such advantages."~~mark twain - letter to edward kimmitt 1901
|
|
|
02-02-2007, 02:03 PM
|
#12
|
Thinks s/he gets paid by the post
Join Date: Jan 2004
Posts: 2,049
|
Re: Password Management
Quote:
Originally Posted by donheff
I use PasswordSafe. It stores all of your passwords in an encrypted file accessible with one password. I keep a copy of the application and the DB of passwords on a USB key.
|
[fixed link] ==> http://passwordsafe.sourceforge.net
I use PasswordSafe as well. It can generate complex passwords and I just cut-n-paste them into the web field.
|
|
|
02-02-2007, 02:10 PM
|
#13
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Feb 2006
Location: Washington, DC
Posts: 11,331
|
Re: Password Management
Quote:
Originally Posted by eridanus
|
Thanks Eridanus -- I usually check the links since I almost always generate typos.
__________________
Idleness is fatal only to the mediocre -- Albert Camus
|
|
|
02-02-2007, 02:14 PM
|
#14
|
Full time employment: Posting here.
Join Date: Apr 2006
Posts: 897
|
Re: Password Management
There's also a pen- or USB-sized device that has an LCD screen on it. You enter passwords and it stores them.
Then you enter a password to access your stored passwords.
But, damn if I can find a link to one right now.
-CC
__________________
"There's those thinkin' more or less, less is more, but if less is more, how you keepin' score?
It means for every point you make, your level drops. Kinda like you're startin' from the top..." "Society" - Eddie Vedder
|
|
|
02-02-2007, 02:30 PM
|
#15
|
Moderator Emeritus
Join Date: Dec 2005
Posts: 10,125
|
Re: Password Management
Another Roboform user. At least at home.
__________________
Angels danced on the day that you were born.
|
|
|
02-02-2007, 02:53 PM
|
#16
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,708
|
Re: Password Management
Quote:
Originally Posted by cube_rat
I guess as long as your passwords aren't related to Paris Hilton or Britney Spear's hoo-ha, I guess you'll be okay
|
Oh oh.
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
|
|
|
02-02-2007, 03:29 PM
|
#17
|
Thinks s/he gets paid by the post
Join Date: Feb 2004
Location: Mid Hudson Valley
Posts: 1,781
|
Re: Password Management
__________________
In a panamax down by the river.
|
|
|
02-02-2007, 06:24 PM
|
#18
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2006
Posts: 12,880
|
Re: Password Management
I like Acerose: http://www.dexadine.com/acerose.html
And it's free.
I've got a good password system, and I'd tell you about it, but then I'd have to kill you.
__________________
Al
|
|
|
02-02-2007, 06:39 PM
|
#19
|
Full time employment: Posting here.
Join Date: Apr 2006
Posts: 897
|
Re: Password Management
C'mon Al, that SHA-1 encryption algorithm stuff is junk now.
-CC
__________________
"There's those thinkin' more or less, less is more, but if less is more, how you keepin' score?
It means for every point you make, your level drops. Kinda like you're startin' from the top..." "Society" - Eddie Vedder
|
|
|
02-03-2007, 05:39 AM
|
#20
|
Recycles dryer sheets
Join Date: Dec 2003
Posts: 55
|
Re: Password Management
USB thumb drive with password information and PGP encryption software. Have used this method for years. Seems to work well for me. Have lost the thumb drive several times the PGP encryption is to tough to break you only get three tries and you are out. I make a back up of the information files to a CD once a month or when I have changed a lot of the files on the thumb drive.
__________________
Money makes money and the money that makes money makes more money
-Benjamin Franklin-
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
» Recent Threads
|
|
|
|
|
|
|
|
|
|
|
|
|
» Quick Links
|
|
|