advertisement


Remembering multiple passwords

G

Gerard124

pfm Member
With so many passwords for email accounts, web sites, banking etc how do folk keep record of them without compromising security? There are simply too many for me to remember. Suggestions?
 
I just use 'Sausages' for almost everything. Sometimes though, due to the demands of the site, I use 'Sausages73' 73 being hold old I am, I think.
 
Two options - I use a LastPass which for a few quid a year keeps all your passwords and can log in automatically for you on pretty much any device. You only need to remember one complex password to fire up LastPass.

Otherwise, use complex passwords that are easy to remember, one way being to use the first letter of each word in the first couple of lines of a favourite song. To make the password stronger use a couple of substitutions of symbols for letters...
 
Tigerjones said:
I just use 'Sausages' for almost everything. Sometimes though, due to the demands of the site, I use 'Sausages73' 73 being hold old I am, I think.
Click to expand...

Note that a password like Sausages is vulnerable to what hackers call dictionary attacks. For better security you should combine more than one breakfast concept -- suggest you change all your password to eggs&bacon.

PS sensible answer https://lastpass.com/ or similar.
 
emojis are the best line of defence far easier to remember and bitch nasty hard to match aganst a dictionary for brute force attacks
 
matthewr said:
Note that a password like Sausages is vulnerable to what hackers call dictionary attacks. For better security you should combine more than one breakfast concept -- suggest you change all your password to eggs&bacon.
Click to expand...

Maybe I should go for something healthier like 'Granolawithskimmedmilk'
 
Gerard124 said:
With so many passwords for email accounts, web sites, banking etc how do folk keep record of them without compromising security? There are simply too many for me to remember. Suggestions?
Click to expand...

I have three different "groups" of accounts. Forums and internet access, banking and on-line purchasing accounts. The passwords are seriously long, and do contain upper and lower case letters, figures and symbols, but I only have to remember three of them.
 
Ian Hughes said:
I have three different "groups" of accounts. Forums and internet access, banking and on-line purchasing accounts. The passwords are seriously long, and do contain upper and lower case letters, figures and symbols, but I only have to remember three of them.
Click to expand...

Similar for me. Two easy to remember but highly complex ones for financial or purchase activity. A simple and easy one for noddy items and forums.

For complex ones I find it easier to remember first letters from a lengthy line of a favourite track with a couple of numbers/symbols thrown in the mix.
 
Ian Hughes said:
I have three different "groups" of accounts. Forums and internet access, banking and on-line purchasing accounts. The passwords are seriously long, and do contain upper and lower case letters, figures and symbols, but I only have to remember three of them.
Click to expand...

In all seriousness that's a very bad approach and re-using passwords is often worse than using weak passwords. If site A has a security breach your username and password there will end up on all sorts of lists used in security attacks. So if you use the same combination, or even just the same password on another website that account is now compromised.

E.g. many people who lose their, often quite valuable, online gaming accounts is by re-using the password on some fan site or forum and that then being leaked and used in attacks against that game.
 
Tigerjones said:
Maybe I should go for something healthier like 'Granolawithskimmedmilk'
Click to expand...

if you changed the skimmed milk for single malt petrol that would actually be a good password.

password_strength.png
 
I always carry with me a USB key containing a few useful applications and files, among them a password-protected Excel file renamed config.dll and hidden in a driver package for a HP printer. I keep a backup USB key in a drawer at my mother's home and she would probably struggle finding out what such a thing is for. To get to the information, killing me is not enough I suppose, and it's certainly safer than lastpass which will be hacked sooner or later.
 
I use keepass and open source application available on PC, Mac, Android etc, that secures all your passwords in a database protected by one master password. I keep it in my dropbox account, so I can get to it from anywhere, and it will generate passwords for you, so for certain accounts I can use a really complex password without having to remember it - just copy and paste. I have a handful of passwords that I use on the 'net for use where really I have no reason to worry about someone else accessing things.
 
There was a programme on TV recently basically saying what Matthew is saying is the best way, and that things like - Up23DFgrey5%%#88* are not that safe. That's why I always vote Matthew. It makes sense.
 
The passwords I usually get wrong are on sites demanding a capital in the password. I never remember which sites do or dont require one. It's an unnecessary faff.
 
They only do on the sites demanding them( the minority). I change the password every time I use them because I never remember the requirement for a capital!
What's the evidence for needing a capital?
 
You must log in or register to reply here.


advertisement


Back
Top