Social Question

bookish1's avatar

How in blazes do you keep track of your passwords?

Asked by bookish1 (13159points) July 2nd, 2012

Can I rant briefly about how much I hate having to have a password for every single friggin website now? And they all have different requirements; some don’t allow punctuation, some require special characters, etc. One website just told me I couldn’t use “profane or prohibited words”!

Would anyone care to share some tips for coming up with passwords (business websites versus personal websites, etc.), and most importantly, organizing them and keeping them safe yet accessible in some kind of storage? And if even vaguely answering such a question opens everyone up to the possibility of ID theft, then I am avowedly a clueless tool and I apologize in advance.

I am abstract random-minded, it’s why I’m in the humanities, and my brain doesn’t work well with this kind of thinking, haha.

Observing members: 0 Composing members: 0

26 Answers

flutherother's avatar

I feel your pain. I write mine down in a little book I keep at my desk, which is not ideal.

Mr_Paradox's avatar

Create a template password than only change it slightly so that you know the basic form and you can expirament to find your password if you can’t remember it.

bookish1's avatar

Good idear, @Mr_Paradox, thanks. I never thought of leaving myself room to experiment if I forgot a particular password. I’m just SOL haha.

@flutherother : Yeah, I do something similar and I know I shouldn’t :-/

YARNLADY's avatar

My husband has installed a program on my computer that remembers all my passwords. I only have to remember the one that opens the program.

Pied_Pfeffer's avatar

Another person who feels your pain here. The SO and I keep ours in an address book. It may not be safe, but with multiple computers and the fear of one crashing, it just seems like a better method.

tom_g's avatar


(It really is amazing. And secure)

bookish1's avatar

@tom_g: Thanks, SWEET, I will check that out!

CWOTUS's avatar

I do something a little like the little black book: I maintain an Access database of passwords, and password protect the database with a single complex password that I won’t forget. Since that database isn’t foolproof (my computer can be stolen, for example, and the password protection for Office products is relatively easy and cheap to crack in any case), I don’t usually store “the passwords themselves” in that system, but I save hints to the passwords that I use, or the numeric suffix that I will attach to any of several rotating “base” passwords.

We have the same problem at work. Not only do we have numerous systems that all require different passwords, they change on different schedules and they have different requirements – even though the same employer owns all of them. It’s terribly frustrating.

I’ve also taken to storing some of my less “vital” passwords (those that don’t get me into high-value systems, but are required for just getting work done) in an AutoHotKeys file, so that I type in, say, a series of consecutive letters (which would never be allowed as a “real” password), and AutoHotKeys does the key substitution for the complex password that I choose not to attempt to remember. Since it’s not a high-security system that I’m storing those passwords for anyway, and since there’s a two-step process (to be signed into AutoHotKeys in the first place and know the particular series of letters per password), it’s as secure as I need it to be.

As an example, one of my passwords is “F00K1NGpassw0rd”, but AutoHotKey substitutes that value when I type a particular 5-letter combo that’s much easier to type (even if that password is really easy to remember, I just hate having to type it all the time).

For most websites, however, when I’m logging in from my work or home computer (a machine that I use exclusively, that is), I simply allow Chrome to store them and “remember me”.

JLeslie's avatar

It’s a nightmare. I also do all my aunt’s bill paying and need to know hers in addition to mine.

janbb's avatar

Word document

marinelife's avatar

I violate the guidelines and use only a few.

wallabies's avatar

I also resonate w your sentiment. Such a cat and mouse game.

tups's avatar

I have invented an amazing system for my passwords, that really is the same password only with a bit of variation. But if I told you the system, I’d had to kill you.
Well my advice would be to try an invent some kind of system that you can remember.

jonsblond's avatar

I often click on forgot password. I’m then directed to my email where I get to create a new one that I eventually forget. :/

gorillapaws's avatar

I use 1password. It’s great.

Aethelflaed's avatar

Seconding LastPass. Without it… god, who knows.

filmfann's avatar

Due to the security issues at my job, I had to have different passwords on like 30 different sites. I would have to change the passwords every 90 days. They have since found a workable solution, and I don’t have to do this anymore, but it was quite maddening.
One trick I would use is create a password based on a movie series.
For example, I would use the Star Wars movies, and use passwords “Phantom1”, “Attack2”, “Revenge3” and so on. I would keep track of which password I used for what site by noting “sw1”, meaning star wars 1, and I knew which one to use.

poisonedantidote's avatar

You could always just write them down. Yes people will say it is bad security protocol, but I call bullshit. Simple fact is crack heads don’t break in to your house looking for passwords, and hackers don’t have access to bits of paper on your desk.

A good way to do it, is to have 2 password that cover all requirements, e.g. “Basket#caSe2!” and “Basket0caSe2”, then to make them different for every site, you include the site name, either fully or partly. e.g. “Basket0caSe2Fluther” or “YTBasket0case2” or “Basket0caSe2FaceB” etc..

SuperMouse's avatar

I always use variations of the same password.

prasad's avatar

My tips on how to create a good and strong password, and yet easy to remember.

1. Include year (probably at end), e.g. password2012; you can update it yearly and easily remember it too. If you are comfortable changing it often, you may add a month to it somewhere.

2. Add date of birth, e.g. password01011984 (date of birth: January 1, 1984).

3. If you want to use special characters to make your password strong, replace “s” with ”$”.

4. Combine one or two words that you most often come across, e.g. FirstNameLastName2012. Capitalize and include numbers in your password to make it strong.

5. You can also use any other words that correspond with name of your favorite person, celebrity, animal, pet, movie, song, country, place, town, college, university, your favorite season, or any other thing that you may like.

Finally, I must say, after giving away these tips, don’t hack my password! I don’t write down password, especially personal, I just remember them.

prasad's avatar

Along with above tips, do remember there are only finite number of keys and characters available on your keyboard. Yet there are many many combinations of these characters. So, don’t build your passwords short; those may be cracked easily. So to make hackers job difficult, use alpha-numerals, capitalization, special characters if allowed, one or two words to make it longer, etc.

And if you use net banking, use virtual keyboard as much as possible. Keyloggers, which are computer programs that hack passwords and many more things, cannot register mouse clicks; these retain whatever you type in using your keyboards. The best way to know if you have a keylogger installed on your computer is to hover the cursor over short icons (on right side) of the taskbar (which is, be default, at bottom of the screen); and if you don’t get any screen tip, it is likely to a malicious program. But it can be hidden also; in that case type in “winconfig” into start->run, and see if you can spot something. But it’s hard to know.

I have known these things, cause I attended cyber security work shop in the past. The best way is prevention. To avoid letting in any keyloggers on your system, -
Do not open any unknown emails, and more over do not download images or attachments in them. Keyloggers are coupled with these and yet hidden. When we download it, it gets installed and starts working. It creates a log file, that may contain what times you did what on your computer, which sites you have visited, all passwords, etc. and it keeps on sending this log file to its owner without letting us know. Lastly, you can run antivirus and anti-spyware checks.

There are couple of more things, but I don’t want to scare you. It’s better we know it. Happy time on the internet!

ucme's avatar

I have a photographic memory, this keeps me in the picture as it were.

ccrow's avatar

“One website just told me I couldn’t use “profane or prohibited words”!”

I sometimes use ‘Poopsie’ as a name, for example, on sites that require registration to leave a comment; fairly often I’m told it isn’t acceptable.
As far as passwords go, I generally use variations of a couple different ones. I also use the ‘remember me’ or ‘keep me logged in’ option for sites I use frequently, if they have one. And of course, the ‘forgot password’ option!

augustlan's avatar

I use Firefox, and most often tell it to remember my passwords. I also use variations on only 2 different base passwords, which allows me to guess fairly often. When I used to use many different ones, I wrote them down in the second to last page of a small spiral notebook. I’d know where they were, but who else is going to look on the second to last page?

dabbler's avatar

I’m totally with the method described by @Mr_Paradox, but with a few variations for classes of sites/password.
For casual sites, that will never involve money transactions, I use a simple root based on the numbers on the phone spelling out a specific word. It’s just the numbers and would be considerred a weak password but I don’t care.
For sites involving financial transactions I use a very strong password base starting with a word that has some vowels replaced by numbers and tacking on from one to three numbers after that.
For social network sites I use another strong password base that is distinct from anything financial.
If it’s something I’ll be sharing with my wife there is one more strong password for those.
And there’s one more strong base I use for work passwords that isn’t much like the others.

So that’s really only five base passwords I need to remember, depending on the type of site/password.

anartist's avatar

one website that kept rejecting my passwords as not secure enough got me so mad I ended up using a very indecent expression with some numbers substituted for letters or words [as in s3nd or fu¢k and 2 angry !! at the end]

@bookish1—I’ll bet the website told you that because you had gotten as mad as I was.

I sometimes use little games for social sites like cdb?-icdb-ucdb2? from a famous children’s book CDB

Answer this question




to answer.
Your answer will be saved while you login or join.

Have a question? Ask Fluther!

What do you know more about?
Knowledge Networking @ Fluther