Thread: How do you manage your online passwords?

I saw a suggestion a few years ago, similar to the one in this article that seemed to make sense.
The variation was to take a line of a song that had special significance to you and use the first letter of each word. Then try to meet the other requirements for capitals and numbers.

For example the password "t1wasbnoBB" would be easy to remember if as a child, you used to sing the old folksong "Billy Brink The Shearer", which starts, "There once was a shearer by name of Bill Brink".

Length, Width and Depth

A strong, effective password requires a necessary degree of complexity. Three factors can help users to develop this complexity: length, width & depth. Length means that the longer a password, the more difficult it is to crack. Simply put, longer is better. Probability dictates that the longer a password the more difficult it will be to crack. It is generally recommended that passwords be between six and nine characters. Greater length is acceptable, as long as the operating system allows for it and the user can remember the password. However, shorter passwords should be avoided.

Width is a way of describing the different types of characters that are used. Don’t just consider the alphabet. There are also numbers and special characters like ‘%’, and in most operating systems, upper and lower case letters are also known as different characters. Windows, for example, is not always case sensitive. (This means it doesn’t know the difference between ‘A’ and ‘a’.) Some operating systems allow control characters, alt characters, and spaces to be used in passwords. As a general rule the following character sets should all be included in every password:

uppercase letters such as A, B, C;
lowercase letters such as a, b,c;
numerals such as 1, 2, 3;
special characters such as $, ?, &; and
alt characters such as µ, £, Æ. (Cliff)
Depth refers to choosing a password with a challenging meaning – something not easily guessable. Stop thinking in terms of passwords and start thinking in terms of phrases. “A good password is easy to remember, but hard to guess.” (Armstrong) The purpose of a mnemonic phrase is to allow the creation of a complex password that will not need to be written down. Examples of a mnemonic phrase may include a phrase spelled phonetically, such as ‘ImuKat!’ (instead of ‘I’m a cat!’) or the first letters of a memorable phrase such as ‘qbfjold*’ = “quick brown fox jumped over lazy dog.”

What may be most effective is for users to choose a phrase that is has personal meaning (for easy recollection), to take the initials of each of the words in that phrase, and to convert some of those letters into other characters (substituting the number ‘3’ for the letter ‘e’ is a common example). For more examples, see the University of Michigan’s Password Security Guide.

The Simplest Security: A Guide To Better Password Practices | Symantec Connect Community

For most of my passwords I think of a relevant sentence and take the first letter of each word.

So something like
June 2010 we head off to cape york to 4wd becomes,

J10whotCYt4wd

I usually have problems remembering for the first couple of times but then everythings OK, work passwords have to be changed every 60 days so I do the same at home.

I have struck problems once when a password was too long for one application.


Martyn

I gave the details of all my accounts and my passwords to a guy who checks how secure they are for you for a small fee. He contacted me offering this service via email. I will see if I can dig it up for you.

I would have thought someone in Australia would have come up with this business idea, but it seems The Nigerians beat us to it.

CC

I just use a password manager, KeePass. Don't try to remember any password (there are so many of them) other than the master password.

I use RoboForm. I've been using it for many, many years.

I use a word phrase for non essential stuff

all my essential stuff is usually a keyboard pattern because I've got a good pattern memory and most of my patterns can be used backwards, sideways across at least 5 locations on the keyboard, combined and in some cases done upside down. The problem is that I'm screwed if I use a non standard keyboard layout.

So far for an 8 character password I havent had one score below strong.

one more for roboform,used it for a long time.

I use keeppass as well. A good way to make simple passwords harder is to use ch@rac+er5 that look similar but aren't the same as the 1e++er in the word. They need to be at least 8 characters long.