passwords (where to save them)
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: passwords (where to save them)

  1. #1
    Junior Member
    Join Date
    Feb 2005
    Posts
    2

    passwords (where to save them)

    hello

    my question is very simple!
    everyone that uses the internet has to remember or save passwords, for websites, forums, etc... of course that you can have one password for every website but thats something you should really avoid!

    you can also have a simple password for each website like "antionline" to use in anti-online.com or mailhot to use in hotmail.com...

    but if you want a secure password you must have a "strange" password for each website, a random password. this makes you have to save passwords and remember the ones you use most.

    my question is... where to save the passwords? im using a pen and paper that i keep with me, but this is becoming boring and some times not useful because i leave them at home... is there a free and good password saving website online or something?

    what can you do?

    thanks!

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Writing them down or creating "sticky gardens" (monitors filled with yellow stickies) aren't necessarily the best way of password management on a personal/user level. I'd recommend using pass-phrases. The key here is to ensure the password is rememberable but strong enough. For example, if I create a password like this:

    gH78|?!6345REtxnFd
    It has no meaning to me and requires a fair amount for me to remember. Creating a mnemonic would also be difficult. Note that the password above has 18 characters (rather lengthy and difficult to break). Now, try this one:

    DaMnG0fLif42!?!
    Very well known phrase and likely rememberable, far more so than the one above it. While I've changed the original phrase someone ("The meaning of life is 42" to "Da meaning of life is 42!?!"), I'm likely to remember it. The trick then becomes as to what I used to create the sentence. Again, this can be a challenge for some of us older folks, dont'cha know (Memory is the 2nd thing to go as you get older)

    That said, why not actually use a phrase that you'd remember but is unique and not necessarily identifying as to who you are:

    The 3-way handshake is always represented by SYN, SYN/ACK and ACK!
    63 characters! And I'd bet I can remember this, without writing it down. It also uses all the available characters (lower-case, upper-case, numbers and special characters). Some machines might have issue with spaces so you can do the same thing without the spaces.

    So rather than looking for a potential way of recording your passwords that someone might find (online or offline) why not just use better password creation?

    HTH
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Hi mom!
    Join Date
    Aug 2001
    Posts
    1,103
    I'm using some sentenced-based passwords too, but I've wondered what whould happen if instead of bruteforcing using every combination of, say, the letters of the alfabet, someone whould write something that'd bruteforce every combination of most-likely used words. With the increase of processor power and available memory, this should become more of a thread over time.

    Oh, and I found that when you use a sentence for a password, you're more likely to type something wrong when entering your password. Generally, you type words faster than random concattinations of letters. Not being able to read back (most password-prompts don't have a local echo, or display *'s) can be a pain with 40 character+ passwords
    I wish to express my gratitude to the people of Italy. Thank you for inventing pizza.

  4. #4
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177

    Cool Password Safe

    I've mentioned this before and recommend this highly. Please see my original post on the subject here .

    As far as the online part...you could have the installer for password safe and your .dat file hosted on one of the online storage services...or you could simply email them to your hotmail/yahoo/gmail account.

    /* Edit */
    Also, see my article on "Creating Safe Passwords" for help in choosing strong but easy to remember passwords.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  5. #5
    Banned
    Join Date
    Aug 2004
    Posts
    534
    i use pwd's made up of combinations of words that are easy to remember ie. ---color----pet---number

    reddog11
    bluecat75
    pinkhorse00

    that way i can pretty much remmember all the pwd's to all the sites i visit

  6. #6
    Member
    Join Date
    Dec 2004
    Posts
    37

    Password Managers

    Doing a little Googling would show up many password managers utilities.

    I usually save my passwords {I have more than 20 Passwords}, in my PDA, with also a password-protected file. {This is the easiest}

    I also use my mobile phone {Symbian} to save some of my passwords, with a hidden-attribute file. So no one would know its place but me.

    I do belive that using mixed-wise password approach is the best {Like n6o6one6}, as well as none-dictionary words.

    Read Zonecoder's tutorial, yo will find so many things to consider.


    Cheers

  7. #7
    Junior Member
    Join Date
    Feb 2005
    Posts
    2
    thank you for your time

    my question was not really about "secure passwords" but more about how to save/remember all passwords you use in the internet, for example, i have already registered over 34 websites that ask me for a password.

    maybe i will just use my hotmail account to save the passwords as plain text, i know its not the best option...

  8. #8
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Originally posted here by username100
    my question was not really about "secure passwords" but more about how to save/remember all passwords you use in the internet

    We got that. Did you read the whole post that I linked to? Yes, the general topic is about creating safer passwords...but I also discuss a utility that can store user names/passwords in a safely encrypted format. I simply add the password strength comment/link for further information. Go read the part particularly about Password Safe
    maybe i will just use my hotmail account to save the passwords as plain text, i know its not the best option...
    That's up to you. We've given you the path to some information that should answer your question, but the choice is ultimately yours.

    Cheers.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  9. #9
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Have a look at Password Agent It's a little freeware (for 25 entries) that is quite functional. It safely stores your passwords and even allows you to place the URL in the entry for easy access.

    Cheers:
    DjM

  10. #10
    Junior Member
    Join Date
    Jan 2005
    Posts
    14

    My method

    I use a handful of strong passwords for everything. I currently have 10 passwords that are used for all non-vital information and accounts. To avoid someone discovering one and getting into everything I rotate them. Perhaps not the best solution but it works for me. All of the passwords in question were randomly generated in the first place.

    Falcis

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides