How do you manage your Passwords ? (in Off-topic)

How do you manage you passwords?

Like most of you I access numerous sites whereupon I'm asked to create User ID's and Passwords. I don't know how many times I've forgotten or lost info pertaining to one specific site because I can remember where I wrote it down...

How do you manage your passwords. Do you use software ? Do you use common passwords for numerous sites ? (tsk tsk if you do) Do you have a little black book that will cause your world to stop revolving if you lose it?

I'm looking for a smart way to manage all my passwords and user IDs. A way that will allow me to have the info at hand in a easy and convenient manner whilst keeping myself secure. I regularly use three different PCs between work and home so if it's a software application that's the best option I'd like to be able to access from any PC and keep it all synchronised.

I use the same 3 passwords for most things, adding numbers when need be. And no GB, I don't have a little black book. Saving your passwords in Word or Notepad probably couldn't hurt and I'm sure it wouldn't take too long either, you could just slap the file on a memory stick.

I have firefox save them all :p

I use the same password for everything anyways :o

My concern with that Fuzzy is that my Laptop gets stolen or I lose a memory stick.

Using the same passwords for multiple applications isn't a secure way to do things either. Most people do that and all it takes is for a "phisherman" to figure out one or two and then you can flush your finances down the toilet :/

How about Gator?!?!?!?!...jk

you can use a master password in firefox

haha, same boat as slayer for me :p

Yup, I know about FF and indeed that's what I use.

I just feel vulnerable with that though... Surely there's something better?

Also FF doesn't let me synch with my other PC when it comes to passwords. At least not as far as I know.

Your best bet is going to be using a encrypted password manager run from a mem stick, and backed up to cd in the case of a lost stick. I can't think of what else would fit your requirements without being a horrible idea for a whole host of other reasons.

I have a specific word that most of my passwords revolve around, with significant numbers placed at the beginning, middle, or end. Or all 3. Password ends up being fairly long, if you split 3-5 digits between the front/middle/end of the word it becomes incredibly difficult to guess, and these kind of passwords are usually easy to remember for me. =)

I have a tree set of passwords that I work with.
The root is a couple basic simple passwords which branches into different levels of complexity.

First branch has low-impact passwords that cover most web-sites without anything more important then a forum on them. (can be stored in password manager (with master password, and master password timeout add-on added in) within Firefox without worry)

The second branch has moderate level passwords where the password is somewhat different then the low-impact passwords, and may include the low impact passwords as parts of them.

And then the 3rd branch is a complex blend of composite complex passwords. Most of which I don't keep track of in my mind at all. Usually what I do keep track of is a list of 4 different complex passwords. Then I store the "too difficult to remember" passwords locked in a file that requires the 4-different passwords in order to look at.

The fourth branch is simply using the "Bug me not" add-on for Firefox which gives me a disposable login for most web sites that require one.

The fifth branch involves using the "Password Hasher" add-on for Firefox, which essentially gives me the "simple password to remember" plus the complex password and custom passwords for each site. I usually only use this on less sensitive websites.

What's wrong with using a Post-IT? ;)

I'm thinking of getting a card reader such as shown on http://www.kernelconcepts.de/products/security-en.shtml
With this card reader (and the card of course), you can use something you have (the card) and something you know (a master password /passphrase) to protect whatever you want, for example a list of other passwords.

BTW, the laptop I'm typing this message on is entirely protected by a passphrase I need to type when I start it up. Without the passphrase, the entire disk partition is just a random collection of zeroes and ones.

I have a series of passwords which i always remember. Mostly i use 3 of them. If a site doesn't accept the first, i try the second, if not that one i try third.

Then if it's not accepted I know that it's either the 4th or I need to get help :p

We use one of those card-reader things at my work in order to login.

Unfortunately, it's windows, so it doesn't really matter, and if I really wanted to I could take the HD out of the machine and get all the info off of it if I wanted to. The card-reader stuff only prevents you from logging in and using the machine on their network.

i just remember my email password, that way i can just have my password emailed to me, =P

I emailed them to myself and saved the email.

Black book.Its really black with pages and every thing. I've been thinking about tattoos though.

Or you could always get them tattooed on yourself some place discreet. I'm sure you wouldn't lose them then...

Not recommending it, just saying it's an option is all.

If for some crazy reason you don't take that advice, I manage my passwords quite easily, I don't think I've ever forgotten one. I visit a grand total of four websites I have to log into. For the less serious ones I have one hard to guess password which I add significant numbers to the end of so it's still a little secure. And for the more serious ones, I came up with proper passwords that I only had to write down for a week each time, type it in a few times and you pretty much remember it.

If I were trying to remember 20 different passwords, I'd cheat. Copy a barcode, throw it in a drawer (with the rest of the label attached so it just looks like I'm messy), and if I ever forget it'd just be a matter of rumaging through a pile of barcodes.

Forgive me if that's too high tech for people to follow. ;)

I agree with Chuckles.

Just like that dude in Memento who could not remember anything. Just tattoo them on your body.

Just don't tattoo them on any body part that can be easily amputated. That could create a new, disturbing use of the term hacker.

Tattooing on amputatable body parts is exactly what you should do, as it makes changing passwords easier...

Hire a gnome to remember all your passwords, work great. :)