Jump to content

Passwords An Pins

astral

By astral
in IT and Computers

 Share

Recommended Posts

astral Star Member

astral

Posted
Posted

I have 3 credit cards,

2 bank cards

and numerous internet and mail accounts.

It is becoming increasingly difficult to remember all the PINs and passwords.

I hate to write them down.

How do you manage this.

PS Just in case someone asks, I will not be sending out the info so you can remember it for me!! :o

cdnvic Star Member

cdnvic

Posted
Posted

Write the passwords down in one place, and a key to the password list in another. Usually it's less of a security issue to write down a password than to make it simple enough to remember.

Tywais Star Member

Tywais

Posted
Posted

Use truecrypt and create a volume, put the data in a notebook .txt file and keep it in the volume. Now easy to access by mounting or dismounting the volume and encrypted. Of course you need to remember the password for the volume. :o

monty Diamond Member

monty

Posted
Posted

I have them in my phone!

They are hidden under names which only makes sense to me, and pin codes are just hidden in 9 digit phonenumbers.

I only need to remember how to extract the PIN's, for example, every other digit starting from the third or something like that...

I got over 300 numbers in my phone, so it would be close to impossible to extract the information by somebody else then me!

h90 Star Member

h90

Posted
Posted

I had a phone book and add names and phone numbers which contained the informations.

It was 100 % save as 1 month later I couldn't figure it out myself anymore.

I know some people who write their pin code on the back of their atm card (excellent idea).

nikster Diamond Member

nikster

Posted
Posted
I have 3 credit cards,

2 bank cards

and numerous internet and mail accounts.

It is becoming increasingly difficult to remember all the PINs and passwords.

I hate to write them down.

How do you manage this.

PS Just in case someone asks, I will not be sending out the info so you can remember it for me!! :o

I remember the PINs for bank cards - only torture can make me talk!

For mail accounts, I use my "hard" password. (*)

For bank accounts, I use an "impossibly hard" password. I have two, so two different ones I have to remember.

And for the rest, I use the same easy to remember password for all of them. Same user name where possible too. It's totally unsafe. None of these have been hacked, and if they do get hacked, I don't really care. Forum accounts etc..

The thing I hate most is password policies which force one to change the password every x months. That's supposed to be "safe" but how on earth should a normal person manage that. It's difficult enough to memorize one hard password - making up new ones _and_ remembering them is unpractical.

I have a trick for that too, though, a programmer colleague once taught me that one: Use the same password but append a new number. Surprisingly, this always works even with systems that are supposed to check for similarities in old and new passwords. So it will be (reallyHardPassword)_1, (reallyHardPassword)_2 and so on every time the system asks to upgrade the pass. This totally gets around the purpose of the password-change policy - but then again, I think the password-change policy is stupid.

Back in Uni the admins would run a password cracker every night and out people with bad passwords - that was fun, humiliating, and everyone learned very quickly how to pick good passwords.

(*) BTW - make sure your email client accesses your email using an encrypted protocol. If you use webmail, make sure the address starts with https:// instead of http://. The reason is that the mail protocol transfers the password in plain text. I have never heard of any real-world exploit of this but if you are say on an unencrypted Wireless network you are basically broadcasting your email password for all to hear. Might want to avoid that.

autonomous_unit Silver Member

autonomous_unit

Posted
Posted

I once tried to re-use the tiered "good" and "really good" passwords. But with the proliferation of web accounts I decided it was too difficult to protect these things from each other and make sure I never accidentally used a really good and important password at an unimportant and insecure site.

So now I generate completely random passwords and use the encrypted notepad strategy to keep them all. This also means I can change them to a new random password more frequently, without fear of forgetting them. Most of the web ones I also let my browser store (encrypted) except bank/financial ones which I have to remember or dig out from the real encrypted file once a month when I do bookkeeping. I go to extreme effort to make sure my encrypted file is accessible to me even if someone steals my computer or my house burns down, etc. In other words, I am confident I can recover them but I am also pretty sure nobody can pilfer them without me knowing about it (since I trust the encryption and do not share the passphrase).

By the way, I would NEVER try to access any authenticated web/internet resources except from my own computer where I have installed the OS from scratch and trust that the system is not running keyloggers etc. Therefore, I have no use for carrying around a big set of passwords when I don't have my laptop or a local machine I already trust as my own.

Bank ATM card PINs are another story entirely. I avoid having too many cards, and I have a tendency to forget my own PIN and then remember it eventually a few months later. I just ask my wife for cash instead. :o

nikster Diamond Member

nikster

Posted
Posted
By the way, I would NEVER try to access any authenticated web/internet resources except from my own computer where I have installed the OS from scratch and trust that the system is not running keyloggers etc. Therefore, I have no use for carrying around a big set of passwords when I don't have my laptop or a local machine I already trust as my own.

Good point, actually. I use my Windows machine for everything except internet banking which I do on my old Mac. Because... no known viruses/trojans/rootkits/keyloggers :o

Before any kind of flame war starts: I didn't say it's impossible - I just said there are none out there.

People tend to think I am paranoid, but the truth is that I read about the *potential* viruses out there and quite frankly - the current malware authors are nowhere near using this potential. Together with virus-kits the attacks are going to get ever more sophisticated. You can buy a zero day attack vector for a few hundred dollars, low thousands for a botnet, disabling AV software is standard with all virus kits etc...

It's possible to protect your windows system with good security - I just find it easier to use the Mac.

For those who do internet banking on internet cafe computers - good luck! You'll need it.

Guest Reimar

Guest Reimar

Posted
Posted
I have 3 credit cards,

2 bank cards

and numerous internet and mail accounts.

It is becoming increasingly difficult to remember all the PINs and passwords.

I hate to write them down.

How do you manage this.

PS Just in case someone asks, I will not be sending out the info so you can remember it for me!! :o

I use an simple Casio PDA with just 4 MB of memory for to store all my "secret" information like Card number and Pins, Serial Number, MS-CD-Key's and so on.

To "open" the PDA i need to keyin an special password, so even if I loose the PDA there is no way to retrive the Data. The Batteries last for month 's because I rarly use the PDA, except I need some info out of them!

Crushdepth Ruby Member

Crushdepth

Posted
Posted

I like to use a small freeware program called Password Safe by Bruce Schneier, which is a simple but nicely paranoid tool for organizing and encrypting passwords.

This lets me use long random industrial-strength passwords without straining the grey cells. For mobile use I keep an encrypted text file on my PDA.

(Some of my colleagues who have lazily used lame-duck passwords to protect their websites etc have been brute forced or guessed - in one case the hacker left a message saying 'you really shouldn't put the password to your site in your forum signature...')

Farma Platinum Member

Farma

Posted
Posted

I've known people save their passes etc as names and numbers on their mobile phones in such a way anyone looking in the phones can't tell these entries are passwords.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.


ASEANNOW

ASEANNOW (formerly Thai Visa) Thailand's oldest and most popular forum for expats and foreigners.

Sign up today and have your say

MORE INFO

POPULAR AREAS

CONTACT US

219/59 Asoke Towers, 15th Floor, Soi Sukhumvit 21, Watthana, Bangkok 10110
(+66) 99 196 1100
[email protected]

×
×
  • Create New...