Of course I’m not asking you to give away your passwords. But for those of you who have so many, how do you keep track of them all? Do you use any unique methods?
I know many people struggle between having something that’s easy to remember and something that’s easy to guess. If you keep a note with your passwords on it, for example, it can be stolen, lost, or destroyed, or if you make them according to a pattern that’s easy to remember, the wrong people might find them easier to guess.
Like other have said, Bitwarden.
But I also would like to add: I use the Emergency Access feature in case of forgotten master password.
You basically set up another account and do a sort of “public key exchange handshake” with your main account. Then your secondary account becomes a way to recover your main account.
You can store the credentials to secondary account in plain text on a piece of paper in a drawer somewhere you have a habit of accessing (so you don’t forget where you put it). Its doesn’t matter if a snooping family member saw those credentials, theres a pre-set timer that needs to expire before access is granted. If I saw that timer being triggered, I’d know someone had been snooping, and I can just click deny access from my main account.
So if you somehow forget your main password, you find the paper with your secondary account and use it to request access to your primary account. And well you’d have to wait out the timer, but its better than losing your vault forever and having to reset every password.
I don’t. Bitwarden and that’s it.
I only remember one password, the one to my password manager.
Password manager
Bitwarden
Nice try
KeePassXC/DX.
Keepassxc remembers for me.
For cases where I may not have access to a password manager, I have a standard procedure where I’ll take the website url, add a fixed salt word, and run it through a hash function.
Either this is a common algorithm or you might be my friend who also does this.
I have a friend who resets his passwords whenever he connects. So he only remembers one password, that of his email. He claims it’s safer this way.
Theres… There’s something to it, I guess. Make sure your email is secure, and if not even you know your password, how can someone else. Christ, it sounds like a massive pain in the ass, though.
Exactly, like I agree with him on principle but it’s too time consuming.
Bitwarden and be done.
I use passphrases from movies of shows that I like. Then add a special symbol and a number that I like.
Thanks for nothing you useless reptile!61
This has 100.54 bits of entropy. I consider anything above 60 sufficient enough
Similar, but I just take the first letter of each word, keep proper pronunciation, and turn some into numbers as appropriate.
Two trailer park girls go round the outside, round the outside, round the outside.
Becomes
2tpggrto,rto,rto.
No, for the record I do not use THAT song.
I worked in IT at a company years ago that standardized on song lyrics in a similar fashion:
4 Those about 2 rock we salute you!
I want 2 rock & roll all night
Etc.
They’re all the same-ish.
Let’s say my password is Token, but spelled like t0k3||
I would attach something related to the site on it, so if the site is lemmy for example, the password would be like
t0k3||Addictedtosurfing
If the site is Amazon something like
t0k3||Thanksformyfavoritejob
I called it “lock and key” style and I’d change the beginning part, the “lock”, once a year.
So next year it’ll be ef|=027Addictedtosurfing
These are examples lol
Pretty much this. But I used a function of the host name, so it would be easier to remember.
It gets annoying when the site forces you to rotate the password. After that happened a couple of times I started using a password manager.
I guess you can sha256 hash them for extra security too
Before password managers I used to come up with a phrase or nonsense word that was personally significant to me, or an inside joke. Some sort of “catch phrase” that would only make sense to me and maybe my closest friends. Sometimes just an initialism of something I’d know, like my ex-gf Angie (not her real name) had a gap in her teeth, so I’d tell my friends “Angie’s got a gap in her teeth so my dick’s gots to fit!” and so my password would be “Agagihtsmdg2f!”