Ask Slashdot: How To Protect Your Passwords From Amnesia?

Phopojijo writes "You can encrypt your password library using a client-side manager or encrypted file container. You could practice your password every day, keep no written record, and do everything else right. You then go in for a serious operation or get in a terrible accident and, when you wake up, suffer severe memory loss. Slashdot readers, what do you consider an acceptable trade-off between proper security and preventing a data-loss catastrophe? I will leave some details and assumptions up to interpretation (budget, whether you have friends or co-workers to rely on, whether your solution will defend against the Government, chance of success, and so forth). For instance, would you split your master password in pieces and pay an attorney to contact you with a piece of it in case of emergency? Would you get a safe deposit box? Some biometric device? Leave the password with your husband, wife, or significant other? What can Slashdot come up with?"

Secure safe.

[Anonymous Coward]

Tell all your passwords to me, they'll be safe. Just don't forget who I am.

Just post it on Slashdot

[michelcolman]

And then, whenever you need your password, just "ask Slashdot"! Of course there will then be some jokers who post incorrect passwords, but they will be modded down rapidly since anyone can check whether the password is correct or not. Just go with the "+5 informative" one.

Paranoid much?

[Anonymous Coward]

Amnesia is most often associated with major brain damage, which means you have a lot more to worry about than your passwords. Now zombies, those are real, which is why I'm holed up here in the middle of Nebraska with enough ammo to put the entire state out. You hear that zombies, you'll never take me alive!

A piece of paper in a drawer

[captainpanic]

For work-related passwords, my boss has every right to know my passwords if I get sick. So, it makes sense to store them offline (e.g. a piece of paper in a drawer at the secretary's office). The security my passwords then relies on the security guards at the gate.

For my personal passwords, I rely on security through obscurity: I don't believe that anyone can find my passwords in the giant mess that I call my office. If I get sick, I can use the recovery time to clean up my office. It will take weeks, if not months.

Btw, I don't need a terrible accident to forget passwords. It happens a lot for those passwords that I don't need too often.

My passwords do not...

[jw3]

...suffer from amnesia. Passwords generally don't, so I would not worry about that particular problem.

And now excuse me, I need to water my keyboard.

I did something really clever

[Chrisq]

I did something really clever with my password list .... I'm darned if I can remember what though.

Republican answer

[korbulon]

Try not getting amnesia in the first place! Whore!

Re:I did something really clever

[Chrisq]

I did something really clever with my password list .... I'm darned if I can remember what though.

You emailed the list to me for safekeeping. Just send $10,000 (plus shipping and handling) to my paypal account, and I'll send it right back to you!

Sure ... just tell me my paypal password first, I can't remember it!

Re:Just post it on Slashdot

[master5o1]

Remember, posting your password on the internet [bash.org] will show the password to you as as your password, but others will see it as stars.

See, look at my password ************

So now if I get amnesia all I have to do is come back and check my comment history and I'll find my password.

Re:Secure safe.

[wonkey_monkey]

Like that'll ever happen. You post here all the damn time.

Ask NSA

[ZeRu]

Just ask NSA for your passwords, since they probably know them all.
Not sure if they will want to reveal them to you, though.

Re:A piece of paper in a drawer

[ifiwereasculptor]

do I have any physical place where someone finding out my passwords would be the least of my concerns? If you have a place like that, store your passwords there.

You just gave me the best idea ever: tattoo your passwords on your penis. The chance of losing it is small when compared to the chances of losing a notebook or piece of paper, it's a private location and chances are social engineering industrial espionage attempts will have to get pretty interesting. I can see only two minor problems with my plan: first, you might not be able to fit strong passwords in there. If you end up only being able to fit easy to brute force passwords, I suggest you use the old piece of paper method, and maybe a pump. Second, your work may be one of those that use five or six different systems, all with different passwords, and rotate them on a monthly basis. You can still stick with the idea, but oh, boy, you're going to be sore.

Do what I did

[140Mandak262Jamuna]

Pick some nerdy site, say slashdot, and create an account. Use your password as the username, but it won't stand out in such sites. Cackling devilishly at the foolishness of the masses who do not realize that your password is hiding in plain sight is optional.

Re:Just post it on Slashdot

[oodaloop]

Yeah, I use a bunch of asterisks for my passwords too.

Re:A piece of paper in a drawer

[shikaisi]

I'm not bragging, but I just wanted to mention that I've got plenty of room for strong passwords.

Re:Secure safe.

[FatLittleMonkey]

"The password is in the book"; "Moby Dick"; "Page 27, Line 6"

Oops. Heh.

"unlock his bridegroom clasp--yet, sleeping as he was, he still hugged me tightly"

Oh Queequeg...

Re:Just post it on Slashdot

[isorox]

Remember, posting your password on the internet [bash.org] will show the password to you as as your password, but others will see it as stars.

See, look at my password ************

So now if I get amnesia all I have to do is come back and check my comment history and I'll find my password.

So your password is hunter2?