[zounds]

I use KeePass Great app.

[15Million℃]

I would rather have to reset my password than trust it to some third party software/site.

[LykkieLi]

Quote:

Originally Posted by 15Million℃

I would rather have to reset my password than trust it to some third party software/site.

This surprises me too.

[degsyhufc]

I have a system I use for internet sites/shopping.
Not going to tell you what it is though It does use a key word with numbers though.

[stupidwheelie]

I use...

a piece of paper.

[gold2040]

Quote:

Originally Posted by stupidwheelie

I use...

a piece of paper.

What if you lose the piece of paper?

[LykkieLi]

Quote:

Originally Posted by degsyhufc

I have a system I use for internet sites/shopping.
Not going to tell you what it is though It does use a key word with numbers though.

Can you vaguely explain, without revealing your system?

[irishguy]

Quote:

Originally Posted by 15Million℃

I would rather have to reset my password than trust it to some third party software/site.

Well it gets a good write up from trusted sites.

They have regular 3rd party auditing checks to ensure their security procedures are followed. Access to the passwords is hashed by a 256bit encryption process meaning even the staff can't access your passwords or in the event of someone hacking the database, they still couldnt read the passwords... Seems pretty secure to me...

I'd rather rely on a large security based organisation with a reputation to lose than remembering the 50+ passwords I use....

[iannai]

If you think that all your passwords are stored on Last Pass servers then you are misunderstanding the way the system works. None of your actual passwords are stored on their servers, only a salted hash - which gets very technical but it's the sort of encrypting that the military might use.

At the end of the day there is certainly an element of trust - the same could be said of having a bank account. I can only trust that an employee of my bank won't do anything dodgy with my account...

[LykkieLi]

Quote:

Originally Posted by irishguy

Well it gets a good write up from trusted sites.

They have regular 3rd party auditing checks to ensure their security procedures are followed. Access to the passwords is hashed by a 256bit encryption process meaning even the staff can't access your passwords or in the event of someone hacking the database, they still couldnt read the passwords... Seems pretty secure to me...

I'd rather rely on a large security based organisation with a reputation to lose than remembering the 50+ passwords I use....

With that amount I can see why it would be useful to use software, I only have 10+ to remember and would rather do it without using software, which means thinking up my own system.

[Zero gravitas]

See if you can come up with a mnemonic.

[irishguy]

For those who are a bit wary of Lastpass and similar, xkcd explains what makes a good password.

http://imgs.xkcd.com/comics/password_strength.png

[stupidwheelie]

Quote:

Originally Posted by gold2040

What if you lose the piece of paper?

I've copied it on to another piece

[MsMarmalade]

20 years ago my then boss said use the first letter of every word in a line of your favourite song followed by a few numbers. You can cycle the lines of a chorus and have a number of secure passwords. Some security expert on the BBC said to use exactly the same method the other week

[Inspiration]

Just write them down on something. If someone breaks into your house the least you'll need to worry about is if they take the piece of paper. More likely your entire PC will be gone and you'll be changing all your passwords anyway.

[RobinOfLoxley]

I use LastPass and also a small notebook.

The notebook is of course vulnerable to burgliars and family snoopers.
On the upside, I find it useful, and my family will, if I am hit by a bus.

[iannai]

I used to keep an encrypted text file in a hidden folder on Dropbox which contained my passwords.

[lemoncurd]

Quote:

Originally Posted by iannai

I used to keep an encrypted text file in a hidden folder on Dropbox which contained my passwords.

How do you remember the PGP key to decrypt it?

[Caldari]

I store all my important info, things like passwords, bank account details, insurance info, emergency contacts and the like, in a file named 'important.rtf' which is then encrypted and password protected. That encrypted file is then placed on a MicroSD card which is then inserted, by way of an anaesthetic spray and scalpel, into my dermis.

Plays havoc at airports, but my information is secure.

[Kyle123]

I generally just come up with stupid words and phrases. For a long time, my password was "fresh fish"

[gold2040]

Quote:

Originally Posted by stupidwheelie

I've copied it on to another piece

and if you lose...

[Zero gravitas]

I suppose the OP could just post all the passwords and what they are for on here, that way they'd always know where they are.

simples.

[iannai]

Quote:

Originally Posted by lemoncurd

How do you remember the PGP key to decrypt it?

No need to remember a PGP key, just the TrueCrypt password.

http://www.domain.me/blog/dropbox-se...truecrypt-1816

[SomersetMills]

We have to change our system password every month (Mainframe support for a bank). The password has to be 12 - 18 chars, with at least 1 number and 1 symbol. Most people use a system based on mixing up the date you make the change and a key word. The word can be the same each month, some of the date numbers can be entered with shift key to get special characters. Once you've devised your own system, it makes creating strong passwords every month a lot easier. If you're worried about forgetting the date part, put a small mark on the date on desk calender or diary or use something like the date of the first Monday in the current month.

We wouldn't be allowed access to these cloud based password managers because of internet restrictions.

[Tidosho]

Quote:

Originally Posted by gold2040

and if you lose...

It's scanned and saved as "passwords.jpg"