password management

Luke

Legend
Location
Milwaukee, WI USA
Name
Luke
Hey all. I've been pretty lax about password management. I recently got a new desktop and there's still a bunch of websites I only visit on my laptop because I can't recall the passwords to some of the websites. I was even locked out of one of my financial websites from wrong guesses (gotta iron that out today).

I've just started a search for a new mode of using passwords. What do folks here do? I like the look of LastPass and only needing to remember one password. I could make it ridiculously complicated if it were only one. Looking forward to hearing opinions from some experts and random forum n00bs like me.
 
One of the biggest problems for me in terms of passwords is the often-proprietary (and mandatory) formula used by some corporate sites - particularly financial sites. It often means a password that A) I can't remember and must write down,and B) a password that I can't use anywhere else. Of course, this probably means a higher level of security (except for the writing down part). But it doesn't make life any easier. So far, I have no solution.
 
I remember them and make sure if security questions are available I make use of them. I don't save anything in electronic wallets or passes nor do I save in email or write them down to store in my real wallet. You can though, if you are memorizing, make a reasonably sized collective of passwords and use them on a smattering of sites. Rotate them every so often and then perhaps after a while, swap them out for a new small grouping to memorize. Think of it as brain exercise :D It's unfortunate that we can't trust our fellow man however if they weren't busting into one of our homes online they would be picking the locks of our house, though sadly, both can happen. Insert sigh.
 
I'm with mrmachine; 1Password is my choice for my Mac and iPad. The iOS app is particularly impressive, although it is expensive to buy both for the computer and iDevice. Do you use a Mac, Luke? If you can wait, Apple is readying their own built-in password management that will sync across all of their Mac and iOS products:

[video=youtube;LScXlyPRba8]
 
After a career spent in IT, I would not in a million years rely upon a password vault or other form of application... :eek:

I use a list of otherwise random words that have some connection that I can remember; a good example would be the D-Day beaches - Omaha, Juno, Sword, etc. However, I tend to pick lists that are meaningless to anyone else, for example the models of car you have owned, or ex-wives you have divorced... To set up a new password I pick a word from this list and add a numeric code based again upon something seemingly random but meaningful and easily memorable to me.

Simples.

This discussion reminds me of when I set up the security for my telephone banking many years ago. They would not let me have my first choices, which would have been much more secure, for example:

"A memorable date"..........Medjool (not allowed)
"A memorable address"..........We the people of these United States... (not allowed)

Ah me...
 
I agree with Bill. I have memorised 3-4 strong UNIX passwords - none of which I would ever use for a site like this.

For a site like this I am more relaxed about sharing fairly non-obvious but simple to remember codes.

I really wish that Bill Gates would turn some of his philanthropy towards agreeing with Microsoft and Apple a joint open standard for biometric security and then giving it to the world for free so it is built into cheap keyboards - and/or banks give it away for free. Hell, I'd even settle for an Oyster reader.

LouisB
 
Luke, since you are a PC user, the best thing to do is to switch to Mac (makes life much easier for the years to come) and then purchase 1password. :dance4:
 
please please please let not this thread degenerate into a sodding Mac vs. PC tit-for-tat ...


as for passwords ... write 'em down if you can't remember 'em

My rationale?

No burglar is going to ransack your house looking for a scrap of paper with some meaningless words scrawled on it when they could be making off to CashConverters with your precious digital camera ...
 
I use Keychain (a password management application that ships with Mac OS X).

Password management applications are the best way to improve your security online. You can use long and complex passwords, you can use different passwords for different websites and not worry about not remembering them.
 
as for passwords ... write 'em down if you can't remember 'em

My rationale?

I think this is where my thinking is heading. If a burglar happens in when I'm not home, he'll probably end up with a dated TV, a video game console and some of my wife's jewelry she never wears (the cameras he'll never find). And if he happens to make it in while I am home, he'll soon have a front row seat to his very worst nightmares.
 
Roboform used to be recommended for PC but I never trusted it. I use a program on my Mac called Wallet, which stores its database on Dropbox, and syncs with my iDevices. It can be used to generate random passwords of any length. 1Password is similar but I have never taken to it, even though I have licences for the idevice and computer. I like Wallet for its simple execution, nothing fancy, just does the job.

Whichever way you go, Luke, I would not recommend anything which relies entirely on your browser. There are many sites which recommend that you *don't* use a manager which is fully manual... I would dispute that, and suggest that these are actually more secure. I don't use the browser plugins for Wallet (or 1Password when I had it) because I want to control my passwords, I don't want my browser organising it for me.

In the end you have to decide if you want to trust the password manager creator to have created something hackproof. Because the viruses and worms out there still on PC will have you for breakfast if they get in... (thats another reason I switched to Mac. not because its hackproof but because it is a LOT safer)

I know... I'm rambling.

[end ramble]
 
I think this is where my thinking is heading. If a burglar happens in when I'm not home, he'll probably end up with a dated TV, a video game console and some of my wife's jewelry she never wears (the cameras he'll never find). And if he happens to make it in while I am home, he'll soon have a front row seat to his very worst nightmares.

If you want a secure password its going to be long and include random characters. Do you really want to be writing down 16 (or longer) character passwords? An example which Wallet just generated for me is 4H+2=roU4p#0Fi9~
 
I use 1Password but I'm sure there are equivalents on the PC side. If my parents can wrap their heads around strong passwords and a pw management app, anyone can! Just think of the pw management app as replacing the notebook in the computer desk drawer.
 
Back
Top