Memory Tools for Password Management? 125
New Media Blogger asks: "A co-worker of mine recently got burned hard because they used the same password for all of their online accounts. This experience led me to compile a list of easy-to-use password management memory tools (all free, of course), which make it infinitely easier for me to keep track of my dozens of passwords. I am sure many of the Slashdot crowd have memory tools of their own — what are you favourite password memorization tools?"
Abbreviated Quotes (Score:5, Interesting)
For example, one of my beloved authors is James Joyce so a great way to make a password from him is to take a memorable quote of his that I know: "Well and what's cheese? Corpse of milk." This password would transform into Wawc?Com. which has two caps, a period and a question mark. You can do the same with Futurama or whatever you find easy to remember. Then I just attach that quote with the website/machine/network or whatever it is. You can also append the name of the quoted character or author or actor in order to make it longer so the password might be Wawc?Com.JJ which just makes it even more difficult for a code cracking program to get at.
Plus, since I naturally love the quote, it's very easy to memorize.
Put it all in context (Score:2, Interesting)
password/.
passwordgm
passwordeb
You don't want to use that for your important sites, just ones which need a password.
This is good, but there are other ways (Score:3, Interesting)
1 google 18
2 yahoo 21
3 delicious 8
Not decipherable as important parts are missing from the list and is only in my head, such as what to do with each of the numbers and what the base password(s) might be. It's still enough to jog my memory when required. In this example, the 1 or the 8 in the third column might indicate the base password while the first column might indicate what algorithm would be used in generating the additional password parts. The ones that you use the most are easiest remembered. The list is for those that you don't always use or have trouble remembering
Part numbers. (Score:4, Interesting)
Not the most secure method in the world, but far better than the practices in any other academic research group I've seen. (Most do something really complicated and uncrackable. . . like taking two three or four letter English words and putting one after the other. Or, taking a short English word and misspelling it by changing one letter.)
Re:Universal solution: (Score:3, Interesting)
Re:I just use KeePass (Score:3, Interesting)
sitename
That flat file is stored in a truecrypt hidden volume of about 10 megs, with the main volume containing source code (a reasonable thing to keep locked up in a secure volume if you're paranoid) making the plausible deniability plausable. The hidden volume password is cryptographically strong, and yet I only have to remember one strong password.
-nB
Re:Abbreviated Quotes (Score:3, Interesting)
I try to do the exact opposite. Whenever I need a new password, I have one randomly generated, and then come up with a phraze for it. I'll adjust capitalisation and add/drop characters to make it easier, but I'll use the randomly generated password basically in entireity.
I'll just randomly bang on my keyboard to generate an example or two, rather than bother to generate proper random ones...
owgijh
iuyfesa
My method, as seen before on Slashdot (Score:3, Interesting)
a-E9 b-?p c-&m
d-6K e-aY f-eP
g-!S h-gn i-D=
j-Hd k-vw l-Cb
m-W5 n-4$ o-R3
p-x% q-7M r-NF
s-+2 t-s* u-Ay
v-fL w-zG x-Zu
y-cX z-Qr
I then print this, laminate it, and put it in my wallet (a backup copy somewhere isn't a bad idea either). Then, for every password I just remember a word (maybe "bank" for my bank for example) which gives me a password of: ?pE94$vw
Hard to guess, easy for me to "remember". If someone gets my paper (say I lose my wallet), it is still not simple to figure out what my passwords are, or even what the heck that little paper is. Shoulder surfing doesn't work too well either, unless you can memorize the whole card and then figure out which word I am using (it would be easier to try to watch me type the password on the keyboard then get it off the paper. Luckily I type fast and get annoyed when people stand over me while I type a password