Barney's Blog

Blog archive

Doug's Mailbag: Password Helper

When questioning what ever happened to single sign-on technology, Doug asks you to share your password thoughts:

I have an openID but not too many places uses it. My main tool is LastPass, in combination with a Ubikey -- two-factor authentification. Works great and is secure. Would recommend it to anybody.

I have the little notebook for each site I use regularly, Online E-mail, frequently used sites, etc. For the stuff that needs to be secure, like the PayPal, Apple, iPod –ahem- stuff, I have another little notebook in the lockbox safely tuck away. My computer is not one that is accessed by other people, just myself and my wife. We use a netbook for general surfing. At work, all I can say is that I don't use a notebook with passwords, but I do use phrases as passwords.

To be honest, for secure stuff like banking, general billing and credit cards, I still don't do that stuff online. One can argue that someone can intercept the snail mail, true, but the guy from Romania isn't coming over here to snoop through my mailbox outside my house. Also, if a person is snooping in my mailbox, he can be prosecuted. If the credit card company, bank or utility is hacked, I am not the one that is liable for the security breech.

You asked 'How do you keep track of all your log-ins and passwords?'

It's called Pencil, a piece of paper and a kitchen table where the spouse keeps all the junk mail. Buried under a thick stack of junk mail where nobody, myself included, will ever find the said list. 

But, of course, the Geek Squads among us keep these things on their NetBooks or WiFi-enabled phone so that a good hacker can have easy access to them. LOL.

Unfortunately, I've been forced to use an Excel spreadsheet with all my usernames and passwords. I avoided it as long as I could, but with the sheer quantity of accounts, both frivolous and work-related, many with different requirements for username length and makeup, and varying password requirements as well, I reached a point that I couldn't remember them all and got tired of resetting passwords all the time. I keep the file on my PC hidden, and the printouts where only I know how to find them, but I am fearful of the day that list gets found by someone else.

I've yet to find a really fool-proof way to keep and track user names and passwords SECURELY, so I continue to use the stone-age method of little wire-bound notebooks -- one for my job-related stuff and one for my personal/friends/family accounts. Neither one of these little notebooks lives with any specific machine. That way if one of my laptops gets stolen, heaven forbid, I haven't also lost my 'keys.' I've got most of the important passwords memorized, but that is becoming increasingly difficult too as I work with more and more customers at the university where I'm employed. So I suppose my 'method' could be called the 'grey-matter paper' method of tracking passwords <grin>.

Share your thoughts with the editors of this newsletter! Write to [email protected]. Letters printed in this newsletter may be edited for length and clarity, and will be credited by first name only (we do NOT print last names or e-mail addresses).

Posted by Doug Barney on 04/18/2011 at 1:18 PM


comments powered by Disqus

Subscribe on YouTube