Slashdot Mirror

← Back to Stories (view on slashdot.org)

Best Tool For Remembering Passwords?

Posted by kdawson on from the encrypted-plain-text-file-on-a-stick dept.

StonyCreekBare writes "Lately I've been rethinking my personal security practices. Should my laptop be stolen, having Firefox 'fill in' passwords automatically for me when I go to my bank's site seems sub-optimal. Keeping passwords for all the varied sites on the computer in a plain-text file seems unwise as well. Keeping them in my brain is a prescription for disaster, as my brain is increasingly leaky. A paper notepad likewise has its disadvantages. I have looked at a number of password managers, password 'vaults' and so on. The number of tools out there is a bit overwhelming. Magic Password Generator add-in for Firefox seems competent, but it's tied to Firefox, and I have other places and applications where I want passwords. And I might be accessing my sites from other computers that don't have it installed. The ideal tool in my mind should be something that is independent of any application, browser, or computer; something that is easily carried, but which if lost poses no risk of compromise. What does the Slashdot crowd like in password tools?"

5 of 1,007 comments (clear)

  1. paper in your wallet by Gothmolly · · Score: 5, Interesting

    Keep them on a slip of paper, in your wallet.

    but DONT list what each is for - you can remember that part easily enough

    --
    I want to delete my account but Slashdot doesn't allow it.
  2. PasswordSafe by Avenger546 · · Score: 5, Interesting

    I first saw the link to PasswordSafe from Bruce Schneier's site. If I have to take advice from someone on keeping something secure, it's Bruce.

  3. Hashing Works by Aaron_Pike · · Score: 5, Interesting

    I use a mental hash for my less important passwords. That way all I have to do is look at the web site's name and run it through my hash function to come up with the password for that site. That way, I only have to remember the function and not the plethora of passwords.

  4. Re:Truecrypt by Korin43 · · Score: 4, Interesting

    Why make them mount a Truecrypt volume and search through text files? KeePass gives you an encrypted searchable password database that's much easier to use: While it's running, click the system tray icon, type in your password and your passwords are listed and searchable. When you're done, minimize it back to the tray and it's locked again.

  5. PassGorithm - One Algorithm, infinite passwords by abdielillo · · Score: 4, Interesting

    I invented this method and has worked for me perfectly since then. What I did was to develop an algorithm by which I can reconstruct my passwords based on the website or account. For example: 1) Take the first letter on the website name eg : slashdot = 's' 2) Count letters in the website name: eg : slashdot = '6' 3) Count the vowels eg : slashdot = '2' 4) Take the last letter eg : slashdot = 't' 5) Add and underscore and a keyword in common to the end of the 4 previous characters eg : 's62t_w00t' Here's another example with google.com 1) 'g' 2) '3' 3) '3' 4) 'e' 5) 'g33e_w00t' Be creative with the rules... like for example, if its a bank account, make all letters UPPERCASE. Hope this helps. Note: the above example is not my PassGorithm :D