Help with storing/remembering passwords

Everywhere you go on the web today, it seems like you have to have an account with a username and password.  You could use one username and password for everything, but then if someone gets that one username and password, you could be in for a world of BIG hurt!

Security is important, but not always easy.  How should someone keep track of multiple usernames and multiple passwords.  Here are a few methods that work with a limited amount of security:

The following list is not intended to be comprehensive, just an indication of some simple techniques used.

1. Write down all account info on a sheet of paper and keep it in your wallet.  This assumes you always have your wallet with you when you need the info.  But, if someone can get that paper, then all your accounts could be compromised.
2. Like the previous method, but only the passwords are listed without any other info, like username or where the passwords are used.  This only makes it a little harder on the thief, as your passwords are still listed in plain-text and a thief could try each password until one the correct one is found.
3. Using either of the previous methods, but you only list part of the password, or use easy ciphers or encrypt it in a way only you might know.  For example, if a password is "strongBad01" your list shows "sb1" or "tuspohCbe12" (using substitution ciper, each character was substituted with the following character, a is b, b is c, etc...).  This is better, as it makes it harder on the thief to figure out the passwords, but a smart thief can figure out simple ciphers.
4. Using your computer, you could use any of the methods above and save it as a plain-text file, an encrypted text file, or some other propietary format.  As long as you don't use a filename like, passwords.txt, pw.txt or something similar, then it might be a little harder for someone to find your password file.  But a file on one computer is only convenient when you are using that computer.  To get around that, you would have to:
   1. Copy the file to each computer you use.  Files could get out of sync unless you synchronize all copies after modifying.
   2. Place the file on removable media and only use it from the removable media.  If the removable media is lost or damaged, all your passwords are lost.
   3. Combine the two previous methods, use the removable media to make and synchronize the file on multiple computers.  This is a better plan, but if your password file is not encrypted well, then if someone gets your removable media, then again, the thief will have access to all your accounts.
5. Use a specific password tool that itself is password protected and uses strong encryption.  This way you only need to remember one username and one password and then you can access any number of other accounts and passwords.  I highly recommend KeePass, it is free, open-source and easy to use.  Check out the website for more info, screenshots and downloads for many different Operating Systems and devices.

There are, of course, many other options that will improve security and/or convenience, but usually require a lot more work.  For instance, if you know how to setup a website and have the ability and facilities to do so, you could setup a secure website that stores all your passwords in an online database.  Then, no matter where you go, as long as you have internet access, you can access your account info.

Tip!  Always use strong passwords.  Strong passwords use the following rules:

1. Length of password is at least 8 characters long.
2. Password is not a word in any dictionary.
3. Use a mix of upper- and lower-case letters.
4. Use a mix of letters and numbers.
5. For additional security, use non-alpha-numeric characters such as ! @ # $ % ^ & * ( ) { } [ ] ".

Well, that's all for now.  And remember to use a strong password.

Back to Top

Last revised: February 11, 2015 13:48