Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Passwords

Reply
Thread Tools

Passwords

 
 
davidfromtas
Guest
Posts: n/a
 
      05-09-2004
Hello,

I am sure I am not the first person to encounter this problem. I hope
somebody can point me in the right direction to a solution for it.

I am a fairly low tech computer user. Over time I have accumulated a
rather large collection of accounts and passwords.

Some of them are for unimportant things like a on line forum I am a
member of. Some of them allow access to my bank account or the like.

I have a half decent system for keeping passwords that relies mostly
on my own memory. But it regularly falls down on things I dont access
for a long time. I am aware of other methods like:

writing them down on a piece of paper that I hide.
keeping a list in a computer file that I encrypt.
using the same password for lots of things.
allowing my browser to remember the passwords for me.
getting a password management program.

I am willing to spend some, but not a massive amount of time on
managing these passwords. I think that there are probably people out
there who are capable of getting my passwords whatever I do. I'd like
to get some advice from the experts here on what is a good way to look
after my passwords.

I am leaning towards getting a password manager program. Is that too
much of an all your eggs in one basket approach?

Cheers,
david



 
Reply With Quote
 
 
 
 
Bit Twister
Guest
Posts: n/a
 
      05-09-2004
On Sun, 09 May 2004 12:01:23 -0700, davidfromtas wrote:

> I am a fairly low tech computer user. Over time I have accumulated a
> rather large collection of accounts and passwords.
>
> I am leaning towards getting a password manager program. Is that too
> much of an all your eggs in one basket approach?


downside is now you'll forget passwords faster and realy be up a creek if the
data file/OS changes or a virus wipes it for you.

 
Reply With Quote
 
 
 
 
^reaper^
Guest
Posts: n/a
 
      05-09-2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In <(E-Mail Removed)>, davidfromtas
<(E-Mail Removed)> says...

> I am leaning towards getting a password manager program. Is that
> too much of an all your eggs in one basket approach?


Pwd mgmt proggies are great. Nice way to not only keep your pwds
where you can easily find them, but most have other features too
(like adding special categories, place for notes to self, etc.).
Course, as with anything, if it's compromized, yer screwed. So don't
use it to keep stuff like CC#s, SS#s, or other info that can give
someone a way to steal your identity. I'd also try to find a proggie
for a pda (if you have one). That way you've got it readily available
no matter where you are.

^reaper^


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBQJ6LyVMeYoHj2dI5EQI8hQCePrbFsrVtDjcAuCchXEdnTV 1Ci1sAniz7
S9SYp2Coz1aC6dw9/rVknj3Z
=KQtQ
-----END PGP SIGNATURE-----

 
Reply With Quote
 
Ali-Reza Anghaie
Guest
Posts: n/a
 
      05-09-2004
davidfromtas <(E-Mail Removed)> wrote:
> I am leaning towards getting a password manager program. Is that too
> much of an all your eggs in one basket approach?


I take a two pronged approach... one is a program with my passwords
encrypted with my OpenPGP key. And the other is a relatively recent
acquisition from http://www.mandylionlabs.com/ ..

Cheers, -Ali

--
OpenPGP Key: 030E44E6
--
Was I helpful?: http://svcs.affero.net/rm.php?r=packetknife
--
Politics is the art of looking for trouble, finding it whether it
exists or not, diagnosing it incorrectly, and applying the wrong
remedy. -- Ernest Benn
 
Reply With Quote
 
Colonel Flagg
Guest
Posts: n/a
 
      05-10-2004
In article <(E-Mail Removed)>,
http://www.velocityreviews.com/forums/(E-Mail Removed) says...
> Hello,
>
> I am sure I am not the first person to encounter this problem. I hope
> somebody can point me in the right direction to a solution for it.
>
> I am a fairly low tech computer user. Over time I have accumulated a
> rather large collection of accounts and passwords.
>
> Some of them are for unimportant things like a on line forum I am a
> member of. Some of them allow access to my bank account or the like.
>
> I have a half decent system for keeping passwords that relies mostly
> on my own memory. But it regularly falls down on things I dont access
> for a long time. I am aware of other methods like:
>
> writing them down on a piece of paper that I hide.
> keeping a list in a computer file that I encrypt.
> using the same password for lots of things.
> allowing my browser to remember the passwords for me.
> getting a password management program.
>
> I am willing to spend some, but not a massive amount of time on
> managing these passwords. I think that there are probably people out
> there who are capable of getting my passwords whatever I do. I'd like
> to get some advice from the experts here on what is a good way to look
> after my passwords.
>
> I am leaning towards getting a password manager program. Is that too
> much of an all your eggs in one basket approach?
>
> Cheers,
> david
>
>
>
>



PGP is your friend.




--
Colonel Flagg
http://www.internetwarzone.org/

Privacy at a click:
http://www.cotse.net

Q: How many Bill Gates does it take to change a lightbulb?
A: None, he just defines Darkness? as the new industry standard..."

"...I see stupid people."
 
Reply With Quote
 
Stephen K. Gielda
Guest
Posts: n/a
 
      05-11-2004
In article <(E-Mail Removed)>,
(E-Mail Removed) says...
> Hello,
>
> I am sure I am not the first person to encounter this problem. I hope
> somebody can point me in the right direction to a solution for it.
>
> I am a fairly low tech computer user. Over time I have accumulated a
> rather large collection of accounts and passwords.
>
> Some of them are for unimportant things like a on line forum I am a
> member of. Some of them allow access to my bank account or the like.
>
> I have a half decent system for keeping passwords that relies mostly
> on my own memory. But it regularly falls down on things I dont access
> for a long time. I am aware of other methods like:
>
> writing them down on a piece of paper that I hide.
> keeping a list in a computer file that I encrypt.
> using the same password for lots of things.
> allowing my browser to remember the passwords for me.
> getting a password management program.
>
> I am willing to spend some, but not a massive amount of time on
> managing these passwords. I think that there are probably people out
> there who are capable of getting my passwords whatever I do. I'd like
> to get some advice from the experts here on what is a good way to look
> after my passwords.
>
> I am leaning towards getting a password manager program. Is that too
> much of an all your eggs in one basket approach?


As others have recommended, pgp is a decent solution. However, there
are tricks to maintaining many passwords that are secure, yet easy for
you to remember. For example, come up with a phrase like "Ask not what
you can do for your country". Take the first letter of each word while
substituting numbers and symbols where appropriate. "Ask not what you
can do for your country" becomes A!wycd4yc. This is a normal technique
for passwords, but you want them unique for each site and still easy for
you to remember which you used for what, so take it a step further.

Add the first and last letter of the site you are registering for to the
mix. For example, Ebay take the E and the y, place the E at the
beginning of your hash, the y at the end. You now have EA!wycd4ycy. As
a password for e-bay. Register for Yahoo and it becomes YA!wycd4yco.
You end up with a unique password for everything that becomes very easy
for you to remember for each site because all you really have to
remember is one hash.

This is just an example, come up with your own, put the last letter of
the site or machine name first and the first last, place them in the
middle instead of the ends if you want. Whatever you feel gives you a
good hash mix and is easy for you to remember the structure. Then use
that constistently and you'll have unique passwords for everything that
are easy for you to remember.

/steve
--
Protect yourself on-line. Hide your identifying details in e-mail,
usenet, and more. A privacy service like no other.
No one gives you more control over your e-mail than we do!
http://www.cotse.net/servicedetails.html
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Wireless LAN with PEAP and Passwords Aironet 1200 AdminKen Wireless Networking 3 09-04-2006 04:03 AM
passwords =?Utf-8?B?bWlrZQ==?= Wireless Networking 1 10-11-2005 03:52 PM
Change password with 802.1x WinXP and cached Passwords. Michael King Wireless Networking 0 04-25-2005 02:03 PM
Migrate Saved Passwords? Christian Dornes Firefox 3 12-04-2003 07:02 PM
TB 0.2 - Not remember passwords Axl Firefox 6 09-28-2003 11:38 PM



Advertisments