I have over 600 passwords and I only remember one of them. I use a password manager (visKeeper -- sort of like Splash Data, except older). The one password I remember is the one I use to open visKeeper and to log in to my computer. All the rest I look up from the database. I use a different unique random password for everything.
I selected visKeeper because it had desktop PC and Windows Mobile versions, and you could sync the database between the two. I could look up, create and edit passwords on my phone when I needed to. When Microsoft dropped Windows Mobile, SFR (the company behind visKeeper) didn't pursue other phones or the successor to Windows Mobile. It may be out of business now -- at least today its Web site doesn't respond. I've lived without the phone version for a couple of years now, sort of miss it, but it hasn't messed me up very much to not have access to my passwords.
One of these days I'll get around to writing a program to convert the visKeeper data to something else, probably Splash Data which has good support for different phones.
The incident which pushed me to this extreme happened a few years ago. I had a login issue with a financial services Web site. I was only using my main password in a dozen or so places that I commonly visited, including this one. When the system administrator who was helping me said 'Can I verify that your password is ….?,' I was shocked. I considered that a compromise of every use of that password. It's also a terrible idea for systems to be designed so that anyone, regardless of privileges, can access your literal password. But you know systems designed like that are out there, so I decided I wouldn't use my master password anywhere else than on my computer, and I would use long random passwords everywhere else.
It's my solution on my PCs, work, home and all my mobile devices (available for the $1 per month subscription).
I create one master password for LastPass, and then it will generate pseudo-random passwords for all my Web sites, none the same. It also will import the passwords you already have on your system, secure them, and has quite a few other tools to help you change those passwords to make them secure. Even Wi-Fi keys and other secure data can be stored in LastPass.
I probably sound like an advertisement for the software, but I love it that much. It's my desert island app.
Shhh, I write them down on a sticky note under the keyboard ;) Just kidding, of course. I use Password Safe.
Share your thoughts with the editors of this newsletter! Write to firstname.lastname@example.org. Letters printed in this newsletter may be edited for length and clarity, and will be credited by first name only (we do NOT print last names or e-mail addresses).