How to keep the different passwords in mind at the same time?

Personally, I have a single password with 3–4 variations, such as case sensitive letters or numbers, that I use for accounts on the web. It makes a bunch of passwords easier to remember, even if it takes a few minutes to figure out which one is correct. As to other passwords such as a bank number or some such, find numbers that you find unique or significant in order to make them more memorable.

P.S. Welcome to Fluther :D

My plan is simple. I went to WalMart and bought a 3 X 5 little black box with an alphabetical divider inside. On each 3 X 5 card, I wrote each websites User Name and Password. The only numbers I keep in my brain are PIN’s, used with my bank cards.

I could not keep up with all the passwords, just like you. my investment was about $4.00.

This little black box has saved my sanity and a world of forgotten passwords.

I’ve got a black book, too. I do not use a common password. There have been too many cases where some hacker gets hold of the passwords for a large group and then tries them on other accounts. If anyone has my fluther password they can only get into fluther not my bank.

There’s software, like 1Password, that can help you keep track of all your passwords.

I don’t use it, though.

I want to be able to access my various accounts from various places, not just the machine where I’ve got a password manager installed.

So I’ve developed a set of rules for creating passwords that makes sense to me.

Start with the basics. Many systems require the following minimums:
– at least 8 characters long
– at least 1 numeric
– at least 1 punctuation character, like !, -, $, #, etc. (try to avoid quotation marks as some program parsers aren’t very smart)
– don’t use your userid in the password
– don’t use characters lined up on the keyboard, like 12345 or qwerty

So… with those ground rules in place, try to go ahead and invent some easy to remember passwords. Invent 3 or 4 for now.

Next, you should consider having a few different passwords based on category:
– email account(s)
– banking/commerce (like you might share w/ spouse)
– private/personal
– work/job

The idea is that if someone hacks your email account password, they won’t know your bank password, or vice versa.

And then, I try to throw in a “pseudo-randomizer” per web site that only I know. For example, count the letters in the web site name, like “amazon” = 6. Then I’d throw a 6 on as the first letter of my password for amazon.com. Easy for you to remember to calculate if you don’t recall of the top of your head. This way, if someone hacks your Citibank credit card account password, they won’t be able to easily get into your Bank of America account or your GEICO account.

Finally, make sure you consistently practice these rules. Go ahead and change your password on every site you have an account to match your set of rules. It will help you remember in the short term and you’ll have something to fall back on if you end up not visiting for a long time.

try a word, or phrase, or random set of letters. use this for all logins BUT add the first few letters of the website etc. for example frog5964eba (for ebay) frog5964fac (for facebook). that way you only ever need to remember frog5964 but you are using a different password for ever website you will log into.

Oh yah, meant to point out that many password hacking problems use a dictionary of words. Most of the English language, for example. So you want your password to not really reflect a proper word. A lot of people resort to acronyms then.

—

Let’s run through an example:

So, let’s say you really love rainbows. Perhaps you’d find it easy to remember the colors of the rainbow: red, orange, yellow, green, blue, indigo, violet. Take the first letters to get the mnemonic: roygbiv.

Not really a word as it is. But you can complicate it further. Try capitalizing some letters. Since passwords are normally case sensitive, this increases the complexity of the password a bit.

So, your base password to start with is: RoyGBiv.

Now we need to customize it per use.

Let’s say you want to set your password here for Fluther. Remember my suggestion to count the letters in the site’s name to get a number? So, put a 6 on the front (or back, or middle, wherever). Also, it’s good to have a punctuation mark. Why not use the 6 again, but this time, hit the shift key to get the punctuation character ^ and tack it on the end. The result being: 6RoyGBiv^

—

Obviously, I’m just making an example. You should be creative in your approach, but also try to minimize the complexity of your rules as much as you can so as to strike a fine balance. Strength and security against your ability to memorize the rules.

There’s an online Password Strength Checker that can grade your password and give you good clues as how to improve it.

Our example password 6RoyGBiv^ scored as “Strong” at 72%. What it really needs are some numbers or symbols in the middle of the string.

How do they decide how good a password is? Is it about computers trying to crack it, or about a person trying to human engineer it?

@wundayatta, the automated tools are about computers trying to crack it.

Human engineering is about how a person can wheedle you into giving them your password. In that case, it doesn’t matter how “strong” it is. It’s just a matter of how competent you are in keeping your password safe.

For example, never ever click the link in an email that says it’s to your bank’s web site. It’s possibly a scam where you’re directed to a page that appears to be from your bank, but is really not. You enter your super-strong credentials there, then the bad guys have them and can use them to go into your real bank account. (Example: Experi-metal vs. Comerica)

I really need to look at changing my passwords!! eek lol

I have a ‘base’ password whose first letters I change to reflect the website and numbers I change at the end.