Jump to content

Recommended Posts

Posted

I have 3 credit cards,

2 bank cards

and numerous internet and mail accounts.

It is becoming increasingly difficult to remember all the PINs and passwords.

I hate to write them down.

How do you manage this.

PS Just in case someone asks, I will not be sending out the info so you can remember it for me!! :o

Posted

Write the passwords down in one place, and a key to the password list in another. Usually it's less of a security issue to write down a password than to make it simple enough to remember.

Posted

Use truecrypt and create a volume, put the data in a notebook .txt file and keep it in the volume. Now easy to access by mounting or dismounting the volume and encrypted. Of course you need to remember the password for the volume. :o

Posted

I have them in my phone!

They are hidden under names which only makes sense to me, and pin codes are just hidden in 9 digit phonenumbers.

I only need to remember how to extract the PIN's, for example, every other digit starting from the third or something like that...

I got over 300 numbers in my phone, so it would be close to impossible to extract the information by somebody else then me!

Posted

I had a phone book and add names and phone numbers which contained the informations.

It was 100 % save as 1 month later I couldn't figure it out myself anymore.

I know some people who write their pin code on the back of their atm card (excellent idea).

Posted
I have 3 credit cards,

2 bank cards

and numerous internet and mail accounts.

It is becoming increasingly difficult to remember all the PINs and passwords.

I hate to write them down.

How do you manage this.

PS Just in case someone asks, I will not be sending out the info so you can remember it for me!! :o

I remember the PINs for bank cards - only torture can make me talk!

For mail accounts, I use my "hard" password. (*)

For bank accounts, I use an "impossibly hard" password. I have two, so two different ones I have to remember.

And for the rest, I use the same easy to remember password for all of them. Same user name where possible too. It's totally unsafe. None of these have been hacked, and if they do get hacked, I don't really care. Forum accounts etc..

The thing I hate most is password policies which force one to change the password every x months. That's supposed to be "safe" but how on earth should a normal person manage that. It's difficult enough to memorize one hard password - making up new ones _and_ remembering them is unpractical.

I have a trick for that too, though, a programmer colleague once taught me that one: Use the same password but append a new number. Surprisingly, this always works even with systems that are supposed to check for similarities in old and new passwords. So it will be (reallyHardPassword)_1, (reallyHardPassword)_2 and so on every time the system asks to upgrade the pass. This totally gets around the purpose of the password-change policy - but then again, I think the password-change policy is stupid.

Back in Uni the admins would run a password cracker every night and out people with bad passwords - that was fun, humiliating, and everyone learned very quickly how to pick good passwords.

(*) BTW - make sure your email client accesses your email using an encrypted protocol. If you use webmail, make sure the address starts with https:// instead of http://. The reason is that the mail protocol transfers the password in plain text. I have never heard of any real-world exploit of this but if you are say on an unencrypted Wireless network you are basically broadcasting your email password for all to hear. Might want to avoid that.

Posted

I once tried to re-use the tiered "good" and "really good" passwords. But with the proliferation of web accounts I decided it was too difficult to protect these things from each other and make sure I never accidentally used a really good and important password at an unimportant and insecure site.

So now I generate completely random passwords and use the encrypted notepad strategy to keep them all. This also means I can change them to a new random password more frequently, without fear of forgetting them. Most of the web ones I also let my browser store (encrypted) except bank/financial ones which I have to remember or dig out from the real encrypted file once a month when I do bookkeeping. I go to extreme effort to make sure my encrypted file is accessible to me even if someone steals my computer or my house burns down, etc. In other words, I am confident I can recover them but I am also pretty sure nobody can pilfer them without me knowing about it (since I trust the encryption and do not share the passphrase).

By the way, I would NEVER try to access any authenticated web/internet resources except from my own computer where I have installed the OS from scratch and trust that the system is not running keyloggers etc. Therefore, I have no use for carrying around a big set of passwords when I don't have my laptop or a local machine I already trust as my own.

Bank ATM card PINs are another story entirely. I avoid having too many cards, and I have a tendency to forget my own PIN and then remember it eventually a few months later. I just ask my wife for cash instead. :o

Posted
By the way, I would NEVER try to access any authenticated web/internet resources except from my own computer where I have installed the OS from scratch and trust that the system is not running keyloggers etc. Therefore, I have no use for carrying around a big set of passwords when I don't have my laptop or a local machine I already trust as my own.

Good point, actually. I use my Windows machine for everything except internet banking which I do on my old Mac. Because... no known viruses/trojans/rootkits/keyloggers :o

Before any kind of flame war starts: I didn't say it's impossible - I just said there are none out there.

People tend to think I am paranoid, but the truth is that I read about the *potential* viruses out there and quite frankly - the current malware authors are nowhere near using this potential. Together with virus-kits the attacks are going to get ever more sophisticated. You can buy a zero day attack vector for a few hundred dollars, low thousands for a botnet, disabling AV software is standard with all virus kits etc...

It's possible to protect your windows system with good security - I just find it easier to use the Mac.

For those who do internet banking on internet cafe computers - good luck! You'll need it.

Guest Reimar
Posted
I have 3 credit cards,

2 bank cards

and numerous internet and mail accounts.

It is becoming increasingly difficult to remember all the PINs and passwords.

I hate to write them down.

How do you manage this.

PS Just in case someone asks, I will not be sending out the info so you can remember it for me!! :o

I use an simple Casio PDA with just 4 MB of memory for to store all my "secret" information like Card number and Pins, Serial Number, MS-CD-Key's and so on.

To "open" the PDA i need to keyin an special password, so even if I loose the PDA there is no way to retrive the Data. The Batteries last for month 's because I rarly use the PDA, except I need some info out of them!

Posted

I like to use a small freeware program called Password Safe by Bruce Schneier, which is a simple but nicely paranoid tool for organizing and encrypting passwords.

This lets me use long random industrial-strength passwords without straining the grey cells. For mobile use I keep an encrypted text file on my PDA.

(Some of my colleagues who have lazily used lame-duck passwords to protect their websites etc have been brute forced or guessed - in one case the hacker left a message saying 'you really shouldn't put the password to your site in your forum signature...')

Posted

I've known people save their passes etc as names and numbers on their mobile phones in such a way anyone looking in the phones can't tell these entries are passwords.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...