Slashdot Mirror

← Back to Stories (view on slashdot.org)

Best Tool For Remembering Passwords?

Posted by kdawson on from the encrypted-plain-text-file-on-a-stick dept.

StonyCreekBare writes "Lately I've been rethinking my personal security practices. Should my laptop be stolen, having Firefox 'fill in' passwords automatically for me when I go to my bank's site seems sub-optimal. Keeping passwords for all the varied sites on the computer in a plain-text file seems unwise as well. Keeping them in my brain is a prescription for disaster, as my brain is increasingly leaky. A paper notepad likewise has its disadvantages. I have looked at a number of password managers, password 'vaults' and so on. The number of tools out there is a bit overwhelming. Magic Password Generator add-in for Firefox seems competent, but it's tied to Firefox, and I have other places and applications where I want passwords. And I might be accessing my sites from other computers that don't have it installed. The ideal tool in my mind should be something that is independent of any application, browser, or computer; something that is easily carried, but which if lost poses no risk of compromise. What does the Slashdot crowd like in password tools?"

10 of 1,007 comments (clear)

  1. paper in your wallet by Gothmolly · · Score: 5, Interesting

    Keep them on a slip of paper, in your wallet.

    but DONT list what each is for - you can remember that part easily enough

    --
    I want to delete my account but Slashdot doesn't allow it.
    1. Re:paper in your wallet by sopssa · · Score: 5, Funny

      Websites could do more to protect their users too. For example if you accidentally write your password here on Slashdot comments, it comes up as masked. Like for example my password is ********.

    2. Re:paper in your wallet by Benaiah · · Score: 5, Funny

      Really? That works? My password is hunter32.
      Seems like i can see it still though. :P

    3. Re:paper in your wallet by NevarMore · · Score: 5, Informative

      I do something similar, but its the default output of pwgen. All I have to do is recall the first few syllables, the general grid location of the password, or just a part of the password.

      I carry this around in my wallet, sure my password is on there, but with no real frame of reference its hard to decipher and make a guess.

      Also, suggest printing with a fixed width font.

      $ pwgen
      gah5eiP2 Ga4cie3c ya6gaiTi eic1EeCo Shaisae5 ChaeXah2 Jaet0ooz ahThai3j
      Yie7UH9f Iefie1ja ooghu8Oh uot7aeL0 gughes2M fahGh9ah Ohz7ohto wae2Seh1
      avah3Oog Iechie2f eiPhoZi9 Mavohli9 Kohshis7 Meilo8ce Queis5hu Eiz9aij8
      Pae9ahPu Equ0zoo9 Oothahk3 pich2Xao IeZai3ae aiLa7Ath Eol2aes7 aeZ5raht
      AVai9nee Aam7ahzo Ioch2oqu faiGh0th eYae2ohl si7Te0we einai3Wa oash6Ahj
      Eik5uul2 opai8zoY ohw5Ihaf Mi7keix9 aevi1Wa3 mo9ohJ5I Piek2yoR Si1phieZ
      Ahc9luch ohNg6Oon daghieP9 reCh7jas joo4ooVi yooR6yeu eeph5Aip shie3Ahp
      quoVeg8U Nee3phah CahXee0r aoD8Thai Ai5Aigha eePh0zee Cheip5Ch xeebe0Oy
      laeFeez4 Ag9sheeR Ga4gooph Oijae9da aePao2ta ahz8ieNg bu9EhieS quooWoo3
      ahghea7N Bot9hieC He3eeGhi ouli8Oof ik3Ohsoh Rahz9Che aeXaNg1e soh3Thee
      Ahkith6u Ahs2Zuid eth6Ej0o Go0iho1d xaPhah9z aiNg1yoh Aer8Eet3 juZ3aThu
      gee4KooK Hee9iqu3 Duh4aipu AiP6ahph Shaec5ne neeXa6Re Roh6fief Baef9ieM
      eeGoo4ie eva1aeQu lu4hiJoh sae2DuYu fahGae7b Doh5Ifi6 jeish9Ae Rierieb5
      Eedae7Iu moo6aiG3 ohNei0ie ew9ieHeu xoh5caeL NeiD0ohs iipe4aeP Lich0xak
      Oozei5ao gaNgieV2 Dei0ae9l us3Loh8k phal5aeN aip0KeeV Aeg1rais oth1Ahdi
      was3ow8Y Oquud1bu emee7Ohr iewa6baJ ao8Airie beegooL9 heiveF7u ongooD9w
      iic4uGh0 Ohn9zeiC Neen4noh kei1Seng chieV3oh QuuQu2ju Eex1gaf3 aot8Dah1
      EDoh1aej eaBae1ri Eih0woh6 Eiw3Johp Yi3aizuu Og9shohl ho6mi6Xu AeT8eihu
      Iev5ohph lies0Iev eeV4jiek Tha1xoo8 gua9biiT aa4Maiga ohXoh3ai eisi8Jee
      Ieloh3mo Quoch6sh Eecha0Ra zahnguM8 ieP5Jeye Mao5maec Ephae8af quihei8A

    4. Re:paper in your wallet by Barefoot+Monkey · · Score: 5, Funny

      Hey, wait...how did you know my password?

      He didn't know your password. He just typed "********" but you saw it as "hunter32" because that's your password.

    5. Re:paper in your wallet by RobDollar · · Score: 5, Funny

      I have a similar setup, I have this on a piece of paper in my wallet

      ABCDEFGHIJKLMNOPQRSTUVWXYZ

      and I simply remember which letter my password starts with, and then what letter comes second etc.

      For example, if my password was SLASHDOT, I would start by remembering the first letter, which is S, then remember the second letter, which is L, and I continue remembering until I have completed the password.

  2. Truecrypt by Wingman+5 · · Score: 5, Insightful

    Do what I set up for my father, Truecrypt installed to a USB key, passwords in a plaintext file inside the arcive.

    1. Re:Truecrypt by Yvan256 · · Score: 5, Funny

      Inside the plain text file, of course!

  3. PasswordSafe by Avenger546 · · Score: 5, Interesting

    I first saw the link to PasswordSafe from Bruce Schneier's site. If I have to take advice from someone on keeping something secure, it's Bruce.

  4. Hashing Works by Aaron_Pike · · Score: 5, Interesting

    I use a mental hash for my less important passwords. That way all I have to do is look at the web site's name and run it through my hash function to come up with the password for that site. That way, I only have to remember the function and not the plethora of passwords.