|
Your donations keep RPGWatch running!
RPGWatch Forums » General Forums » Tech Help » where to store your passwords & logins

Default where to store your passwords & logins

March 5th, 2009, 15:45
Don't you ever get annoyed for the need to remembering and managing all those logins and passwords or other sensitive data ?

1) write them down on a piece of paper and put them somewhere not easily discoverable or reachable? nope, i don't think so that's the safest way.

But it could be quite safe if you implemented a second line of defend in case someone found it. E.g you wrote down random numbers mixed with alphabet or symbol. And to get useful information or password contained in those random words and numbers only if you know the proper ways (the only one know how) to read them (e.g , look for password in the second last line but read it backward and ignore the number zero).

I use the technique for years and still occasional use them for certain types of passwords. the problem is what happen when you crammed multiples sensitive data into those random words, numbers or symbol. You would forget how to read them later. Even when you learnt a secret language just for the purpose, after some time especially when not often used, you ability will deteriorated as in case of the second or third languages you learned.

2) Put them into security software like Password Safe? Nah, what happens if your computer get hijacked, corrupted by virus or experiencing hardware failures? Your sensitive data may be lost forever.

3) Put them on internet or online, places like Microsoft Workspace, on an email and then save them as draft (but remember don't ever accidentally send them to everyone on your address book ), or free online storage places?. I don't think those storage servers are full proofed, but probably it's good compromise between convenient and security,Plus you could retrieve them from anywhere and anytime, no?
Remus is offline

Remus

Remus's Avatar
Antihero

#1

Join Date: Oct 2006
Location: Malaysia
Posts: 1,028
Mentioned: 0 Post(s)

Default 

March 5th, 2009, 22:33
I believe 1 is the best thing, so far. Everything else can be broken in, when it is connected to the net.
--
Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction. (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR
Original Sin 1 & 2 Donor

#2

Join Date: Nov 2006
Location: Old Europe
Posts: 18,102
Mentioned: 8 Post(s)

Default 

March 6th, 2009, 00:48
I just keep them on a master text file, in a passworded zip file. If i really need one, i just enter my one master password and extract it.

Not really super-secure, but in a way I dont sweat it that much. The worst someone could do is like, post on a message board in my name or read my emails. I guess they could buy some stuff on amazon or whatever, but I'd get notification theoretically once someone bought something or entered a new shipping address.
xSamhainx is offline

xSamhainx

xSamhainx's Avatar
Paws of Doom
Original Sin Donor

#3

Join Date: Oct 2006
Location: San Diego, Ca
Posts: 4,997
Mentioned: 1 Post(s)

Default 

March 6th, 2009, 10:18
I just remember them!
--

That is not dead which can eternal lie,
And with strange aeons even death may die.
Zakhary is offline

Zakhary

Zakhary's Avatar
Noble Savage

#4

Join Date: Jul 2007
Location: The Frozen North
Posts: 1,044
Mentioned: 0 Post(s)

Default 

March 8th, 2009, 18:21
Zak's got the right idea. Mnemonics work very well. Invent a way to create passwords, remember the way, and you'll never forget a password. And you can make them extremely strong.

For example:

(1) Invent a "root" for your password that only you remember, which contains at least one special character (like !, *, ', #, or whatever).

We'll pick !er -- pronounced "banger" (! is pronounced "bang;" phonetics for other punctuation works great too -- * is splat, ' is tick, # is hash, - is dash, and so on; if you want the whole set, see the famous nerd poem Waka waka bang splat.)

(2) Take the first three letters of whatever it is you're inventing a password for, and capitalize them (or, alternatively, capitalize the "root" you just invented). Say it's RPGWatch, it'll be "RPG." Tack this to either the beginning or the end of your root. We'll tack it in the beginning, which gives us !erRPG.

(3) Take your birthday, or someone else's birthday that you'll always remember, and tack it at the beginning and/or the end of the password or between the root and the suffix. Let's use my birthday and tack it at the beginning and the middle. This would give the password 28!er04RPG -- unique for RPGWatch and entirely uncrackable via the usual dictionary attacks, or even by knowing anything much about me.

And as long as you use the same system for all your passwords, you'll never forget them.
Prime Junta is offline

Prime Junta

RPGCodex' Little BRO

#5

Join Date: Oct 2006
Posts: 8,540
Mentioned: 0 Post(s)

Default 

March 8th, 2009, 18:39
That's basically my system--though I have a little memo book where the most sensitive pw's are written down, or ones for sites that won't conform to my general rules(f'rinstance, one government site we have to use requires a password with only seven characters, only numeric--dumb)and that therefore i have trouble remembering.

The only thing I worry about is that I don't randomize individually as Prime J. described above--I use the same 2 or 3 pw's for all my sites. They are jumbled up, they are multicharacter, etc--I just don't originate a new one for every occasion. Hopefully that's not a big deal.
--
Where there's smoke, there's mirrors.
magerette is offline

magerette

magerette's Avatar
Hedgewitch

#6

Join Date: Oct 2006
Posts: 7,929
Mentioned: 0 Post(s)

Default 

March 8th, 2009, 18:54
I use an addon for firefox called Sxipper easy to use and very handy.
But mostly I have 2 or 3 combinations which I use for almost everything.
Kostas is offline

Kostas

Kostas's Avatar
Dormant Watcher

#7

Join Date: Aug 2008
Location: Dear Green Place
Posts: 1,713
Mentioned: 0 Post(s)

Default 

March 9th, 2009, 15:08
Great tips there PJ;

gonna change my passwords soon.

Question: I didn't even know special characters is usable for password and only some websites for user name. How widely are websites including financial institution website accepting the special characters in password?
Last edited by Remus; March 9th, 2009 at 15:56.
Remus is offline

Remus

Remus's Avatar
Antihero

#8

Join Date: Oct 2006
Location: Malaysia
Posts: 1,028
Mentioned: 0 Post(s)

Default 

March 9th, 2009, 16:23
I haven't done a survey or anything, but most do accept special characters. Some require numeric-only, and a few alphanumeric-only. Adding the special characters gives an additional layer of protection, but it's not really essential or anything.

With numeric passwords and PIN codes, I use a mnemonic I learned when practicing card tricks back in the day: each digit corresponds to a consonant, and then you can fill in vowels to make words. That way you can memorize just about any sequence of numbers very easily, simply by remembering a word, a few words, or a phrase. Here's the key:

1 - L (looks like l)
2 - N (because N has two vertical bars, like II)
3 - m (rotate 3 counterclockwise and you get m)
4 - r ('cuz fouR ends in R)
5 - v or f (because it has both in it)
6 - b or p (because it looks like it)
7 - T (because it looks like it)
8 - ch or sh (because eight sounds like aitch)
9 - g or k (because it looks like it)
0 - z or s (starts with z)

Long consonants (ss, tt, etc.) only count for one digit; if you have a repeated digit, insert a vowel between them.

So, for example, 678160 could be "patchouli buzz," a nice hippie image that's easy to remember. (As usual, naughty phrases are even easier to remember.)
Prime Junta is offline

Prime Junta

RPGCodex' Little BRO

#9

Join Date: Oct 2006
Posts: 8,540
Mentioned: 0 Post(s)

Default 

March 14th, 2009, 01:43
I looked into KeePass, an open source application of managing logon, your e-mail account, and password. The program is using strong AES encryption to protects its database. Anyone has experience and comment on using the program?

It also has password generation function base on parameters you specified. I picked couples of them and integrated into my new password. The longest password i created and used as the master key to protect the KeePass contains 31 digits - using combination of alphanumeric, Html code of smiley, keyboard special characters, both upper and lower cases. Yeah it sound crazy. The shortest one contain 9 digits. I would probably tweak them further.
Remus is offline

Remus

Remus's Avatar
Antihero

#10

Join Date: Oct 2006
Location: Malaysia
Posts: 1,028
Mentioned: 0 Post(s)
RPGWatch Forums » General Forums » Tech Help » where to store your passwords & logins
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +2. The time now is 12:04.
Powered by vBulletin® Version 3.8.10
Copyright ©2000 - 2018, vBulletin Solutions, Inc.
User Alert System provided by Advanced User Tagging (Lite) - vBulletin Mods & Addons Copyright © 2018 DragonByte Technologies Ltd.
Copyright by RPGWatch