How do you remember all of your passwords?
April 15, 2010
I long for the good-ole-days when the only password I had to remember was "Open Sesame". Now I have passwords and user names that I have to remember for all kinds of things - bank accounts, the insurance and credit card companies, genealogy subscription sites, and even my blog accounts. The list does not seem to end. Is this true for anyone else, or do I fight this alone?
It would not be so bad if I could have just one password for everything, but of course, once this password is discovered, I've lost the security for everything.
I am not writing this article to announce that I have a great system for keeping track of all of my passwords. I do have a system, although I'd like more security and I'd like access to my passwords from any computer.
What do you use as your password management system?
- Your memory
- Post-its all over your desk
- Password management software (like RoboForm)
- a text file or word processing document on your computer
- Internet brower's auto-fill feature
- something else?
I'd love to hear from you in the comments below.
Posted by Geoff Rasmussen in Technology Tip | Permalink
|
Comments (50)
Here is my password system:
I have a "root" or "base" password of 8 characters. It is a mnemonic device.
For each site I add 3 characters in front - they represent the name of the website. For Amazon it would be "Ama" for Ebay it would be "Eba"
And then I have an ending character after the base password which is a special character (such as ! # or &). If a site doesn't allow non-alpha numeric characters then I leave this off.
This has been the only sane way I can track passwords. When all else fails I use the "forgot password" link and wait for the email!
Posted by: Thomas MacEntee | April 15, 2010 at 11:14 AM
I use lastpass https://lastpass.com/ and love it. I had struggled for years with this problem until a month or so ago when I discovered it.
I have it on my main Dell desktop and my ASUS T91MT netbook/tablet. I can also sign in from any computer and have all of my most needed web sites and passwords immediately accessible.
Great program and it's free.
Posted by: G.C. Oliver | April 15, 2010 at 01:52 PM
I use eWallet to remember my passwords. There is a Windows version which syncs with my Windows Mobile smartphone so I always have my passwords handy. eWallet has built-in templates for different types of information I want to remember like web site passwords, email passwords, credit card info, personal info (SSN, etc.) and bank accounts. I also setup Microsoft's Live Mesh which synchs files with other computers so I have my eWallet available on both my home PC and my work PC in addition to my smartphone. eWallet is one of my must have apps.
Posted by: Mike Gifford | April 15, 2010 at 02:02 PM
I use a password manager called LastPass. It uses a password for access, which can be selected from a random generated list. I modifed one slightly to get a password I can remember. The first time you log on to a site the manager will ask if you want the manager to remember the user name and password for that site. It has lots of other features too. I am very satisfied with it.
Posted by: Anthony Hood | April 15, 2010 at 02:11 PM
I use a theme. It used to be characters from the Beatrix Potters books (when I had young children). Now its surnames of my ancestors. However certain letters are replaced with numbers Eg. L=1, E=3, S=5, B=6 etc
Posted by: Peter Yorke | April 15, 2010 at 02:20 PM
I use KeePass Password Safe - it's a cross-system password storage software, that can also auto-type (get to a webpage, press Ctrl-V, it'll do the hard work of logging in for me).
It can generate passwords based on any chosen criteria, and this means all my passwords are unique, strong (130+bit) and don't use any pattern that may easily be guessed like others have mentioned.
Storing the encrypted password database file on Dropbox means I've always got access to my passwords when I need them, no matter which machine I'm on.
Oh, and it's completely free :-)
Posted by: Gary | April 15, 2010 at 04:19 PM
I, a former computer tech, use hardcopy. Believe it or not. I have a small addressbook that sits next to my computer. Easily portable. For those times when a computer may "die", as happened to me last year. It also is not hackable. I try to use a similar password on different sites but not all will accept it, so different pwds. But I like a couple of the ideas already posted and may incorporate them. Thanks for the tips.
Posted by: C. McKimm | April 15, 2010 at 04:27 PM
I use a similar system to the addressbook. I use an alphabetized index card file.
Posted by: Linda | April 15, 2010 at 05:50 PM
I have used RoboForm for a year or so and love it.
Posted by: George | April 15, 2010 at 07:19 PM
I keep all passwords in an easily searchable excel spreadsheet file which is located in larger encrypted file which acts like a drive to the Windows OS. The encrypted 'drive' also contains all my other sensitive financial files as well. If my laptop were stolen, it would nearly impossible to be unencrypted. The encryption is supplied by a powerful freeware program called FreeOTFE (free on the fly encryption). One password is all I have to remember to access over 200 logons/userids/passwords.
Posted by: Ron K. | April 15, 2010 at 08:49 PM
"I use a theme. It used to be characters from the Beatrix Potters books (when I had young children). Now its surnames of my ancestors. However certain letters are replaced with numbers Eg. L=1, E=3, S=5, B=6 etc"
Gary, I believe this system to be relativily safe because 1. You would need to know my theme (oops looks like you do now) 2. You need to know the name (this changes) 3. I use a sequence of Caps, lower case and particular numbers. So you would still be there all day trying the permutations. 4. My bank account only giving you 3 tries to guess it.
Posted by: Peter | April 16, 2010 at 02:34 PM
I use Robo Form passwoed manager and I love it, there is a free one with limited passwords and a pay version with additional features and additional passwords.
Posted by: G Rogers | April 16, 2010 at 07:45 PM
PassKeeper (http://passkeeper.com/) has served me well for many years. And, I keep it backed up offline with MozyHome. Both are free.
Posted by: Sid Salinger | April 17, 2010 at 11:59 AM
I use Password Safe http://passwordsafe.sourceforge.net/ and I've had it for years so it is full of passes I dare not delete - but it does not matter. So I mainly have one password I really have to remember. That one comes from some letters in a book title. At home I have a network so I can open the Password Safe encrypted database from every computer here. I sometimes transport af copy of the file to my job - just to have an extra copy somewhere outside the house.
For unimportant stuff, all the places you just have to sign up, I have more or less a common pass.
For my blogs I have a sentense which is a good one as it includes some of the Danish special characters - so good I have problems logging in myself when abroad :-)
The passes I use the most even for important things I've learned by heart. So I'll say I use a mixture of many methods and in some strange way it works :-)
Thanks for a good, inspiring and relevant blog!
Posted by: Hanne B. Stegemüller | April 17, 2010 at 12:15 PM
I use a very simple program called Any Password from www.anypassword.com
There is a free version and a paid version
The program can create harder to break passwords if you so choose, and you only have to remember one password to get into the program
Posted by: Charlie Brook | April 18, 2010 at 08:52 AM
I like your system. It is certainly safer than my 'one password fits all' system. How do you deal with required password changes?
Regards, JB
Posted by: JB Peterson | April 19, 2010 at 02:14 PM
I use KeePass. I only have to remember one master password to open the 'vault' where all the others are kept. As of this writing I have over 400 entries including software serial numbers. This software also comes in a portable version which I always have with me on a flash-drive.
Passwords can be auto-generated to replace weak ones and it shows you by way of a red-to-green bar how secure your passwords are. Each password entry has a place for additional notes.
Posted by: JL Beeken | April 19, 2010 at 10:16 PM
I have used RoboForm for years and can't be without it.
On my iPhone, I use SplashID -- works great.
Chap
Posted by: Leon Chapman | April 20, 2010 at 08:34 AM
I recently retired from my career as an x-ray technologist and I used 9 different password/PIN combinations in performing my daily work. I too used a small address book that I slid in my uniform pocket to keep up with the everchanging passwords. Some of the patient identification systems changed every passwords every 3 months and you could not use a previous password or PIN again...ever. Thanks to all of you for different ideas!
Posted by: Lora Rose | April 20, 2010 at 08:27 PM
I also use Password safe but keep the password file in a dropbox folder so it is backed up and also readily available from multiple computers.
Posted by: Peter Bowers | April 21, 2010 at 08:28 AM
I try using my memory but since that is not so reliable, I use an autofill feature of my internet browser or maybe its belongs to Norton (see memory not trustworthy). But mostly its a hard copy right next to the computer. I checked out the RoboForm site, is it really safe to use, because I like the sounds of it.
Posted by: Ruby DeCaire | April 21, 2010 at 01:29 PM
I use a sheet with 16 randomly generated passwords to draw my Windows logins and U3 flash drive passwords from (updated quarterly/yearly). All other passwords are stored in eWallet (on my home pc, pocket pc, and U3 flash drive).
Posted by: Jennifer Reusser | April 22, 2010 at 07:33 PM
This is something I have struggled with over the years. The fact that there are so many different responses simply illustrates the problem.
After trying many different software programs, I have settled on KeePass, mainly because it offers different versions which run on the PC (desktop), a USB stick, and they are currently working on a version for the iPhone. All of this means my passwords (software keys, etc.) are available wherever I need them.
I have an observation which I liked to share: Please, please remember to backup your password file. These files can become corrupted, especially if you have set them to be encrypted, which you should. If you keep all of your passwords and software keys in one place this becomes even more important.
Posted by: Wyndham Clampett | April 23, 2010 at 03:47 AM
I use a little freeware program called Whisper 32 (http://www.ivory.org/oldwebsite/Default.htm). It simple, easy to use and easy to copy your data file to multiple computers to keep them all in sync.
Posted by: C Knight | April 23, 2010 at 11:57 AM
I'm using RoboForm. Couldn't live without it. The random password generator is a super feature.
Posted by: Jim Cobbs | April 30, 2010 at 07:02 AM
I've been using KeePass for many years. It saves all of the passwords in an encrypted, it is free, it is open source. I don't even know several of my passwords, since I have KeePass on multiple computers and my Palm and keep them synchronized. All I need is the MASTER password.
Posted by: Bruce Casner | May 03, 2010 at 12:16 PM
I use a password protected OneNote file which contains all my User IDs & Passwords + links to all their relative sites. All Password and personal info is hidden in case someone comes up while my file is open. I also keep all my info for my bank cards, internet banking, a list of all software apps and links of where to get the apps as well as product keys (if required) for the app. I have a fairly cmplex network with security cameras and NAS so I also keep all my network IP and router setting too.
Posted by: Bill Wilson | May 03, 2010 at 01:00 PM
Whichever product/idea you use, remember to entrust to someone the password for the computer. Our club computer guru was asked to "unlock" a nearly new laptop. The man's wife had suddenly died, he know nothing about computers but desperately wanted the photos his wife had saved on the hard drive. The wife had set both user and administrator passwords in Win7. Our Guru got no where, there is seemingly no 'crack' to allow him entry. I use a combo of 'LastPass' and address book. And hubby and adult children know the computer password.
Posted by: Trudy Jean | May 03, 2010 at 01:00 PM
I've been using RoboForm on my PC and RoboForm2Go on a thumb drive, which I can use on any computer away from home. I've even used it on a public computer in a hotel lobby without any problems. All I have to remember is one password to logon to RoboForm.
Posted by: Jim's Pantry | May 03, 2010 at 01:07 PM
I change my passwords on a quarterly basis and use the last name of an ancestor, the year of their birth and then their initial(s). That way all I need to keep track of is the relationship which I can calculate in Legacy.
Posted by: K. Hill | May 03, 2010 at 01:11 PM
Most of the requirements for passwords are only ego builders for the software sellers. I keep the junk passwords on a printed list tacked up on a bulletin board beside the computer. I have a different system for the few that involve money, but that doesn't need to be complicated or require special software. Like who cares if someone accesses Yahoo, CBC, the Globe and Mail,Fotobucket, Stockhouse, Abebooks or even Legacy and says they are you? It doesn't cost anything.
Posted by: Bruce Trainor | May 03, 2010 at 01:14 PM
I use a password protected Excel Spreadsheet, which I also print out periodically and stick in a file folder in a filing cabinet. This spreadsheet is also included on my backup harddrive.
Posted by: Sarah Christiansen | May 03, 2010 at 01:18 PM
I use my email account "contacts" that way no matter where I am or which computer I am on the only username and password I have to remember is my email account.
Posted by: Grace Forbes | May 03, 2010 at 01:27 PM
I use RoboForm2Go on a U3 USB key. This way the data, encrypted or not never resides on any computer. I carry it with me and can use it on any computer I have access to. I use Roboform to generate my passwords which are random 13 caracter or I use Steve Gibson's site at https://www.grc.com/passwords.htm to generate my password. I have tried LastPass, but am still not real comfotable with security of that.
Posted by: Steve Osterday | May 03, 2010 at 02:44 PM
I used to use:
PasswordSafe (http://passwordsafe.sourceforge.net/),
But then I found
KeePass (http://keepass.info/ - also available via sourceforge)
KeePass is much better (in my opinion). I use version 1 so I don't have to worry about if the "other" computer has NET installed. Both version 1 and version 2 are supported & updated. Both are easy to copy to a USB key. Both have a lot of "bells and whistles" that you can use to make your life easier, or you can just use them as a simple "secured spreadsheet" type of tool.
A FEW WORDS OF ADVICE:
1) Once you use ANY password vault, you will probably not know your passwords by heart. So be sure you back up the vault (program and data) to another system (another computer or a USB key - something outside of your normal computer). Otherwise if it ever becomes currupt or if that computer ever crashes or gets stolen - you will have NO idea how to get into ANY of your places.
2) I use the notes area to record which e-mail address I use for the web site for every entry (some sites I use "throw-away" e-mail addresses).
3) Like another person above said - make sure SOMEONE else knows your vault password and show them how to get into it. If you ever die or get really sick, they may need it to get into sites on your behalf. (goes without saying - make sure it is someone you trust!).
Posted by: Bob Patton | May 03, 2010 at 02:51 PM
As mentioned above, freeware PassKeeper (http://passkeeper.com/) is excellent - simple, quick-loading, uncomplicated with no registry issues. Directly copy the small file to archive it or make it available on another computer. I've looked at many others, but keep coming back to Passkeeper - for over a decade. No complicated organization - just name, password and comment field, sorted in alpha order on name. A quick count shows I have well over 100 passwords, several repeated and many slight variations. I couldn't get by without a password database. Most remain durable for years after my last visit to some sites. I do wish it would dump to print, however.
Posted by: Arthur Dirks | May 03, 2010 at 03:44 PM
I leave no passwords on my computer but as one person in this feed said "I use a hard copy" and I do as well. In a coil bound book with all my computer information in one section and all my passwords (except the bank card and that is in my head) in the other section. I'm a senior and this is the only way my husband and I can keep track of them all. Mrs. D.
Posted by: Mrs. D. | May 03, 2010 at 08:29 PM
As also mentioned above I also use passkeeper.com - through updates and changes in internet providers over many years. The free-form area has been used for clues, tech phone numbers and e-mail addresses for sign in, etc. It works and is small. Its only problem is it is small. It will fill up over time. Now with all this collection of ideas and comments. I am looking for something new.
Posted by: Cal Matthews | May 03, 2010 at 09:11 PM
I use RoboForm2Go. It is installed on a pen drive and so can be used on any computer. When you exit the program no traces are left on the host computer. It is useful for generating and storing random passwords, the most secure kind. It can also insert personal information such as names and addresses into forms. Credit card details can be stored and added to online orders. Once set up all functions are achieved with one click, so keylogging is not a problem. All details can be synchronised online, so there is no danger of forgetting or permanently losing your details. Works for me.
Posted by: John Bent | May 04, 2010 at 04:44 AM
I have been using Billeo for several years. You enter one major password for all your sites.
Posted by: Antonio | May 04, 2010 at 06:55 AM