Slashdot Mirror

← Back to Stories (view on slashdot.org)

Coping with the Avalanche of IDs and Passwords?

Posted by Cliff on from the information-overload dept.

Bitwick asks: "The number of web sites and other systems I need IDs and passwords for is finally becoming overwhelming. Right now, I tend to use a small selection of IDs and passwords. I know this isn't an ideal situation, but so far it has been the most practical. However, it has become clear to me that this needs to change. I am planning to get a USB keyfob and a password manager to keep track of my IDs and passwords. What experience have you had with password managers? What's good, what's bad, what features are important? Are there other reasonable and secure alternatives?"

4 of 120 comments (clear)

  1. Password manager? by Tanmi-Daiow · · Score: 4, Funny

    How about BugMeNot.

    --
    "Of all tyrannies, a tyranny sincerely exercised for the good of its victims may be the most oppressive." - C.S. Lewis
  2. security at its best... by Anonymous Coward · · Score: 2, Funny

    i love the post-it note method under the keyboard, now thats secure

  3. Let the avalanche come. by TheCamper · · Score: 4, Funny

    I have a separate password for EVERYTHING I have, no matter how obscure the website or service is. Each password is at least 10 characters long, with random uppercase/lowercase letters, numbers, and symbols; none of this "can be broken by a dictionary attack" crap.

    The trick is, you don't actually have to memorize your passwords; after you type each one about 20 times, your fingers retain it in muscle memory. I actually couldn't tell you what any of my passwords are, I have to type them on a qwerty keyboard. (If I ever lose one of my hands, I'm screwed.)

    Anyway, as backup, I have them all written down on a sheet of paper in an undisclosed location, with the format of login on one line, password on the line after it, with no identifying information on which login/password combo goes to what website, computer, etc. The text in this list is also encrypted using a one time pad encryption program (that I wrote myself), the key to which is in a different undisclosed location.

    So if my fingers happen to forget one of the passwords, I can still retrieve it (with a lengthy process). You'd be surprised how many different login/password combos you can remember, even months after you've used them last, if you type them several dozen times over the course of a few days. But to each his own. That's just my system.

  4. Re:Password algorithm by znx · · Score: 3, Funny

    One cup of hostname (with a pinch of subdomain as per taste) into a bowl, crack one master password into the bowl add and stir using an MD5 size spoon.

    --
    BOO