PDA

View Full Version : What's your password style?



aysiu
September 27th, 2006, 08:57 PM
I'm just curious what people's approaches are. I know I'm not as good about passwords as I could be. I don't pick super-easy-to-guess passwords, but they're not the most complicated either.

Poll options aren't perfect, so pick whatever's closest to your reality, and then explain what you actually do.

By the way, there are no hard-and-fast definitions of weak, okay, and strong for passwords, but I'll give you a sense:

weak: a word in the dictionary or the name of your pet or some other personal fact about you that someone can guess (birthdate, mother's maiden name)

okay: something meaningful to you but combined with a few numbers

strong: seemingly random--no recognizable words in English or another language, a mix of upper- and lower-case letters, symbols, and numbers.

daller
September 27th, 2006, 09:04 PM
I voted "I randomly generate passwords and memorize them all." - And it's really getting insane!

26 passwords so far! (about 10 of them are 4-digit PIN's - If that counts!)

I guess I'm kind of a security freak!

xhaan
September 27th, 2006, 09:13 PM
Hmm I don't have a lot of passwords...
I tend to make gibberish, mixed case passwords with numbers, but I will sometimes use the same one for different things, especially when I don't care, but I won't use a password I've used before on something that I want to be secure.

For something I want to be very secure I tend to go with a very long password, more like a pass sentence than a pass word. :D

monktbd
September 27th, 2006, 09:18 PM
all my passwords are the first letter of words from phrases, e.g. tfactbptlfh = these forums are clearly the best place to look for help.
i have only very few phrases and combine them with a few numbers and special characters at times.

i'd say they are strong.

Randomskk
September 27th, 2006, 09:22 PM
I have a few different passwords, ranging from strong to weak.
At the weak end of the spectrum are sites where I doubt the author's even used MD5 on a database, in which case they get a simple plain alpha password which I can remember easily, but won't use for any other type of site.
At the strong end, I've got a 20-something digit alphanumber-with-punctuation passphrase for my PGP key, which has only been used for one thing.

In a way it's kinda tiered, at the weak end are a fair amount of sites with weak passwords and at the strong end are only one or two sites with a pretty strong password. Easy enough to remember; me signing up for some random site doesn't let the author use my email or paypal; yet not so complex that it takes ten minutes to login to a "Members Only Downloads" section of a friend's site.

angkor
September 27th, 2006, 09:25 PM
I have different strong passwords for all my logins on my comps. Random letters, numbers, symbols, upper- and lowercase usually between 8-15 characters. I memorize them by typing them over and over a couple of times until I just know where the keys are. I usually can't write down the password if I start thinking about it :).

I do have some weak or standard passwords for useless online things (email accounts I don't use for important stuff).

skymt
September 27th, 2006, 09:29 PM
I use a "password algorithm". That means I take some bits of data (username, type of account, various numbers, etc) and run them through an algorithm simple enough to do in my head. This means that while my passwords look random and are hard to crack, I can always come up with the right password in a couple tries, without memorization.

Credit to Steve Gibson of the Security Now podcast for the idea.

%hMa@?b<C
September 27th, 2006, 09:30 PM
i have one password. its not a word. no more hints;)

moore.bryan
September 27th, 2006, 09:32 PM
depends... sometimes i just put two random words together, other times a random password generator. a great tool to keep track of them all is keepass (they just recently put-on a linux version of the program, so i can keep one file for my work xp machine and home linux to share).
http://keepassx.sourceforge.net/en/

matthew
September 27th, 2006, 09:33 PM
I generally make up strong passwords...not 100% compulsive level, but good. I always include one or more of the following in my passwords: a lowercase letter, an uppercase letter, a number or symbol, at least 8 characters total. The only weakness is that they're not entirely random because I have to remember them. Some people are good at memorizing random stuff but I'm not among them.

Here's an example of something I might use but now never will: Gu17arzRl<00l
(for those who can't read that, it's a cryptic form of "guitars are cool")

EDIT: I also use a program called Revelation from the repositories to keep track of my passwords because some of them don't get used very often.

Krakatos
September 27th, 2006, 09:35 PM
I have a strong password only used for linux.
For my imporant mailboxes I have another strong one(cause anyway, since I only check them from home, there's no way for anyone not on my pc to see them. Well, theorically of course).
Then I have one I use for non important mailboxes, the kind of ones you use to sign up on not important sites and such.

For all the rest, it's either of what follow:
-use a strong passwords for multiple important sites, on the condition that I do not use the same nickname. This way, even if someone where to get my password, they would not know where to use it
-I have a bogus password for all the taks I don not care the least bit about...

yopnono
September 27th, 2006, 09:38 PM
I normally put my passwords together something like this:
kqn930028 meaning some letters (3-5) + some digits (6-8) or in reverse.

EDIT: disabled smiley's

aysiu
September 27th, 2006, 09:41 PM
Thanks to all who have responded so far (or answered the poll... or done both).

It's interesting how the poll results are all over the place. Usually, some kind of pattern emerges with the polls I put up.

I want to hear more about what people do. Maybe I'll change my strategy if I hear enough ideas.

Random thought: ten years ago, I had only a handful of passwords--my email account, my network login at the university, and my bank card PIN.

Now, I've got passwords for at least fifteen websites and five different email accounts... and logins at work, too! It's a lot to juggle.

bobbybobington
September 27th, 2006, 09:47 PM
I have different passwords for my "important" things like gmail, digg etc... and the same password for the more numerous things that are "nonimportant" that i wouldn't mind loosing.

croak77
September 27th, 2006, 09:51 PM
Weak passwords for things like this forum. Usually dictionary words. Please don't hack me.

Strong passwords for email, linux. Mixture of uppercase,lowercase, and numbers. Usually 6 or 7 characters.

Wicked Strong for banking, paypal. Upppercase, lowercase, and numbers. At least 16 characters.

Yolan
September 27th, 2006, 09:58 PM
My passwords are between 10 and 14 characters long and change bimonthly if they're not on something like a forum. Fourm and low risk passwords are about 10 characters long and only change once in a while. All passwords are random with at least one number, letter, and symbol.

diggity
September 27th, 2006, 10:02 PM
I've found, the best way to create passwords that are extremely easy to remember, yet all of them are unique, is to have a password + key combination.

For example (these are not actual passwords :mrgreen:)
Password: Abc123
Key: eba (first 3 letters in ebay)
So the password for ebay would be Abc123eba or ebaAbc123

Key: ama (first 3 letters in amazon)
So the password for amazon would be Abc123ama or amaAbc123

Make sure the password portion is strong (letters+numbers+upper+lower)
Make sure the keys are consistent i.e. all keys are the first 3 letters of the site/app or all keys are the last 4 letters of the site/app, etc...

maniacmusician
September 27th, 2006, 10:35 PM
Thanks to all who have responded so far (or answered the poll... or done both).

It's interesting how the poll results are all over the place. Usually, some kind of pattern emerges with the polls I put up.

I want to hear more about what people do. Maybe I'll change my strategy if I hear enough ideas.

Random thought: ten years ago, I had only a handful of passwords--my email account, my network login at the university, and my bank card PIN.

Now, I've got passwords for at least fifteen websites and five different email accounts... and logins at work, too! It's a lot to juggle.
they're probably so well spread because of the number of options...and there's no biased answer that the community would instinctively conform to, unlike many other polls on here.

as for myself, I said one strong password, but after reading all these posts, i can say that it's not really that strong. it's usually a phrase that has a certain meaning to me that other people wouldn't easily guess. usually between 20-35 characters long. for sites that don't allow passwords that long, i have a weak 6 character password that i use...those are the sites that I don't really worry about that much (wouldnt care if someone guessed the password to my account).

Rhapsody
September 28th, 2006, 08:02 AM
My root password is a strong password, but it's also one of the few I've made recently. My older passwords are either okay or weak, and vary so much that even I have trouble keeping up with them. I really should make a proper system.

bikeboy
September 28th, 2006, 08:12 AM
I have one password I use for everything. It's okay. Well actually, I have 2 that I use for everything, one being older and weaker, but no dictionary style ones. Been thinking about changing my stronger one in some important areas, but then it gets harder to remember which password I used for what.

mostwanted
September 28th, 2006, 08:30 AM
I have 3-4 different passwords. For school stuff I have one password, for my own stuff (my own websites) I have one password, for other stuff I have one/two passwords.

They're medium strength >_>

alecjw
September 28th, 2006, 10:27 PM
I use the same pass for absolutely everything. But when I get the gut instinct that i should change it, i change it to something else, very slowly; changing 1 thing at a time.
Here are my previous passwords:
cozen73 - this was randomly generated for my very first internet connection, when I was about 5. I used it for aboout 5 years!
rollercoaster - from when I spent every waking hour playing RollerCoaster Tycoon 2.
zxspectrum - from when I got my forst ZX Spectrum (it was my mum's old one, so it didn't work :()

I'm currently in the process of changing passwords again, so I can tell you the one I'm using for the forums now soon. But it's just as insecure of all of my others and so is the one I'm replacing it with (or perhaps even more so!)

K.Mandla
September 28th, 2006, 10:32 PM
I change mine every month or so, using the random password generator here (https://www.grc.com/passwords.htm).

I usually take a string of eight characters that looks fairly easy to remember and use it.

The bad part is, it takes me about a month to get used to a new password. By then, it's time to change again!

alecjw
September 28th, 2006, 10:35 PM
The bad part is, it takes me about a month to get used to a new password.

Same here. I've built up a reflex - whenever i see a text box saying password, I instinctively type in xebian; without thinking. It's a bit freakish. I tend to only take a couple of days to do this with new passwords.

Edit: Ooops. I gave away my password. Oh well, I've been meaning to change it for weeks, and now I have!

prizrak
September 29th, 2006, 01:45 AM
I use a few approaches.
Computers:
I use the same password for all of them that is fairly strong.

Forums/random sites and Gmail is a medium strength password.

Important stuff such as online banking and anything that can holds financial info (credit cards and such) as well WAP I use a password generator/dbase/encryption program (KeePass Password Safe has Windows, Linux, OS X and PDA ports) that combines a master password with a decryption file kept on a USB flash drive. Those are the strongest passwords allowed by the site.

szf
September 29th, 2006, 01:52 AM
For some sites - a password that I can remember when I'm away from home.
At home & on Ubuntu - Gnome Revelation (http://packages.ubuntulinux.org/cgi-bin/search_contents.pl?searchmode=filelist&word=revelation&version=dapper&arch=i386).
At work and/or lappy & on WinXP... Automated Password Generator (http://www.adel.nursat.kz/apg/index.shtml) and Password Safe (http://www.schneier.com/passsafe.html).

Kingsley
September 29th, 2006, 02:13 AM
my passwords would be considered okay. in the past, i chose long words without numbers or symbols like tetrohydrocannabinol lol. then i switched to random characters but i forget those too easily. now all of mine are in my parent's native language, igbo, and combined with some numbers.

reacocard
September 29th, 2006, 02:34 AM
I have several different passwords. One for GMail (very strong), one for all other websites (strong), and one for my computer (strong).


I have a system for making passwords based on numbers. Whenever I need to change my password, I just choose a new number that's easy to remember, and instantly I have a strong, seemingly random password. (No, I'm not going to tell you what my system is :p )

IYY
September 29th, 2006, 03:02 AM
I have two passwordds: a strong one, and a weak one. I only use the strong one for the most important things.

MrWizard
November 11th, 2006, 03:56 AM
My habits vary. I have maybe 15 password or so that I use. All passwords have at least 3 of the 4 types of characters (Aa1!). All are 7 characters or longer, and most are longer than 10 characters. About half are randomly generated and the other half are based on words or something significant to me, but then modified so that a dictionary-based password cracker would not work...

PriceChild
November 11th, 2006, 04:00 AM
I have about 5 of passwords, one which my family uses and which we all understand, its just a word.

Two which are words with numbers, used for random websites.

One random password for my normal accounts like logging on everywhere,

and one random password for all admin accounts on this pc, these forums etc.

slimdog360
November 11th, 2006, 04:05 AM
Pretty much just the one password and variations there of. That way if I forget a password I know its similar to one I mostly use and can guess it.

Dual Cortex
November 11th, 2006, 04:13 AM
I have one strong password which is my very personal password.
I have another password which my family members know about so I use it for local things; it's weak (only numbers).

kuja
November 11th, 2006, 04:21 AM
I have a handful of VERY strong passwords, and also a few weak ones. Which one I use for something depends on how worried I am about it being cracked, and the actual risk of it being cracked. For example I'd use a toughie for my GPG key or my bank site, and another toughie for my login password, but for simple stupid things, websites, etc I'll use weak passwords because I really don't care.

d3v1ant_0n3
November 11th, 2006, 04:40 AM
I have a variety of passwords for different things. I change them occasionally.

I generate my passwords by looking around where I am, and go by the title/author.whatever of the first book/movie whatever that catches my eye. Then I randomly capitalize/l33tify the words.

user1397
November 11th, 2006, 04:57 AM
i have different passwords for a lot of things, but for relatively unimportant things, i have one sorta weak password.

Peepsalot
November 11th, 2006, 05:03 AM
I have about 4 main passwords that I use on different sites.

You guys might be interested in this though:
http://www.hashapass.com/index.html

Basically, it takes a single master password, and a parameter(such as domain name) and creates a hash key for the two. Seems like a pretty nice solution, I've been thinking about switching my passwords to this.

I was holding off because I was going to try to make a greasemonkey script for it, but I never got around to doing that.

Edit:
here is another http://www.xs4all.nl/~jlpoutre/BoT/Javascript/PasswordComposer/
And check it out, someone did make a greasemonkey script for it.
http://www.xs4all.nl/%7Ejlpoutre/BoT/Javascript/PasswordComposer/pwdcomposer.user.js

der_joachim
November 11th, 2006, 08:24 AM
I have a number of 'okay' passwords. Mixed case, some numbers thrown in, 8+ characters long. Most of them have a common theme (which I will not tell you) and I switch between these regularly.

I've had them for years now. I should find a new theme. :-|

Steveire
November 11th, 2006, 04:35 PM
I have a different password for everything, and they're very strong. Here's how I do it: I'll start off with some kind of phrase that I'll remember. 'My strong Ubuntuforums password' might be a start. Then I take a few letters from each word and put them together to get something like 'myStgUbfmPw'. Next I add some leet/txtspk to it to get 'myHax579U4mPw'. Finally replace some letters with symbols or sprinkle some symbols in.

'm/H4}{$79U4m.Pw'

If I'm lazy or the password doesn't need to be strong, I'll skip the last step.

Kernel Sanders
November 11th, 2006, 04:53 PM
One strong password I use for everything.

I think of a long, random sentence, and then I take the first letter from each word, and than I add quite a few random numbers at the end.

So in the end you get something like this: kjsdfhjgfdg78687434 (Its hard to remember to start with though! :mrgreen: )

:cool:

gnomeuser
November 11th, 2006, 05:11 PM
I have a few:

Randomly generate high security passwords for things like root and my user account. Then for things I don't care about like my googletalk account, forum passwords and the likes I have 2 standard passwords.

Here is what I would like some kind of solution using a key manager with single signon behavior so that I could use my launchpad as a means of storing desktop defaults, then log on to any Ubuntu machine with an internet connection and have my desktop, my accounts, everything handy - maybe if there's a connection available to my machine have access to my files (I guess having a p2p storage thing would be an option but honestly having to access my DVD collection via the internet.. not fun)

.t.
November 11th, 2006, 05:14 PM
I have a couple of weak/okay passwords that I seem to use randomly as (pretending to be security conscious).

kadymae
November 11th, 2006, 07:39 PM
For message forums, I have a weak password.

For anything involving money I have a strong password.

For the logins on my computers I have intermediate passwords.


An intermediate password is a word in an exceptionally obscure (eg. mari, enets, faroese) dead obscure language (eg. pictish, cornish, manx) or an english transliteration of an obscure living/dead language not written with the Roman alphabet (eg. coptic, demotic, ge'ez, afar). I pick the same word across all the languages.

Note: the above are examples of the strategy, NOT the actual languages I'm using.

The strong passwords are usually formed by taking a phrase from a living language or a prominent dead one (latin, old english) and mixing it up and "leeting" it.

Start with the latin phrase Pax Deo I can get --> paxd30 or p4xd3o, etc.

or I can say, substitute the french word for god with the german word for peace and come up with "dieu ruhe" and then leetize that.

pax deo -->dieuruhe --> d13uruh3

Again, the above are examples of the technique, not actual in use choices of mine.

I then have a few stickies to help remind me which password goes with what.

Elite french-german god's peace means a whole lot to me, but next to nothing to anybody who finds the note.

Interestedinthepenguin
December 11th, 2006, 08:51 PM
For websites and forums, my passwords are usually related to why I joined.

Some of my passwords are mini phrases, Japanese words, and sentences with Japanese mixed with English.

My passwords are usually long. The longest being 19 characters long.:)

Henry Rayker
December 11th, 2006, 08:54 PM
It depends. If it's a long term something (my OS password, for example) I have a single fairly strong password (which I change every once in a long while...I know...tsktsk)

For my forums/webpages and things that need a logon, I use a couple different, rather weak, passwords. If its something I only need temporarily (to read a single article, or just to read one bit of a user-necessary forum) I just use a vulgar word. :rolleyes:

RChickenMan
December 11th, 2006, 08:56 PM
I have literally two passwords. One of them I use for those things that require "high-security" passwords (i.e. at least 8 characters long, at least one upper, lower, numerical, etc.) and then a second, even less secure one that I use for everything with less strict password rules.

aysiu
January 14th, 2007, 12:31 AM
Just saw this on Digg:
http://klaatu.anastrophe.com/index.php/2007/01/12/passwords-on-post-its-you-bet/

Interesting idea.

euler_fan
January 14th, 2007, 12:58 AM
I usually have four or so passwords with different levels of strength for the different levels of things I do. For instance, I have a longish but simple one for things like throw-away email accounts, moderately strong ones for things like longer-term email and long, complex ones for internet banking, root logins, etc. I haven't tried the random generation thing, but I anymore I use a strength meter (Thunderbird has one) and KeyPass to manage them all.

Out of curiosity--is a random password better than something like: "!l0veTHE$n0w" ?

MkfIbK7a
January 14th, 2007, 01:29 AM
lol
aysiu if it wasnt you or another staff member making this thread i would have thought it was a scam to steal passwords.
i use mostly one password that is actually a german translation for a word in english which is pretty much gibberish...
noone has every stolen anything of mine with this password:biggrin:

CADutch
January 6th, 2009, 12:02 AM
How about those websites who send you a confirmation email containing the word "PASSWORD" and then fully disclose your newly secret password in the body of the email.

e.g. your new password is d13uruh3.

VERY SMART !!!!!!!!!!!!!!! NOT NOT NOT

Maheriano
January 6th, 2009, 12:21 AM
This is funny, I flew across the country this morning and one of the things I did which I've been meaning to do for a few months was think about how I can have a better password. I have one for everything so I need to make it customizable. I've decided to take my current password and concatenate it with a series of numbers. That way if I need a strong password, I use the whole thing, if I need a PIN like at the bank, I use the digits only, if I need a short character password, I use the characters only, it's easy to splice up to my needs. Then I stick a symbol in there somewhere to increase strength and I'm good to go. Just got to switch over everything one at a time.

I also use a completely different password for all work related stuff in case my manager asks me for it one day. Don't want him having my personal password.

stimpack
January 6th, 2009, 12:30 AM
I wrote my own Python app that creates a hash of 2 items, ie. a website address and a semi-master password.

This gives me passwords of the form:
zGLPdPmGqXvqjL6pjyghfCIEJeILCcjasFctCIdovuovo03h2k p0Mahk7paG4Jb

secure enough :D :D

Typically 16chars for website passwords, 64 for truecrypt and 100+ for GnuPG.

Was an exercise in learning python so the time investment was free. I don't use punctuation despite the gain in bit strength as the few sites that reject it would prevent me from having a single common scheme.

Spr0k3t
January 6th, 2009, 12:32 AM
I use passphrases. In the phrases I take out random letters replacing them with 1337 equivs but shifted one character. Depending on the year, I add an unprintable unicode character to one of the word separators. My passwords are generally longer than 14 characters and consist of (at minimum) two upper, two lower, two numbers, two symbols, and one unprintable character. Each location is different depending on the level of security I need. Now to keep all of those passwords, I use KeePassX on an encrypted thumb drive with two levels of 24 character passwords. I have a backup of the drive I keep at my bank and one in the firesafe.

So, if there were an option for anal retentive... That would be my pick. :P

gnomeuser
January 6th, 2009, 12:54 AM
I wrote my own Python app that creates a hash of 2 items, ie. a website address and a semi-master password.

This gives me passwords of the form:
zGLPdPmGqXvqjL6pjyghfCIEJeILCcjasFctCIdovuovo03h2k p0Mahk7paG4Jb

secure enough :D :D

Typically 16chars for website passwords, 64 for truecrypt and 100+ for GnuPG.

Was an exercise in learning python so the time investment was free. I don't use punctuation despite the gain in bit strength as the few sites that reject it would prevent me from having a single common scheme.

Wow, and I thought I was dedicated. I generate a few random 25-30 character passwords and memorize them. I should really adopt your scheme, it would do me wonders compared to my tiered password system.

Also I love your Dark Tower signal, amongst my favorite books.

gn2
January 6th, 2009, 12:58 AM
I voted other. I have various different random passwords and regularly forget them all.

-grubby
January 6th, 2009, 01:02 AM
I wrote my own Python app that creates a hash of 2 items, ie. a website address and a semi-master password.

This gives me passwords of the form:
zGLPdPmGqXvqjL6pjyghfCIEJeILCcjasFctCIdovuovo03h2k p0Mahk7paG4Jb


As have I : http://grubbn.org/home/s/randpass

To answer the question:
Generally, I have different, non-memorized randomly-generated passwords for every website. I use one of the same, memorized, non-randomly-generated but secure, password for all of my logins that aren't web based, except for the websites I'm only going to use once.

I switch around the 'same' password every so often when I feel like it or when it's accidentally released to the public. On occassion when I'm in a secure mood I will switch around all my randomly-generated website passwords, though it is a hassle.

richg
January 6th, 2009, 03:49 AM
Sounds like a hacker looking for hints.

Rich

mc4100
January 6th, 2009, 04:02 AM
I'm not a fan of the many random (unmemorized) with one master password approach.
Although it's a good one in terms of security, I just think you should know every one of them.

(How can I explain this in a non revealing way...)

Personally, I voted for the "I have different passwords for everything and one master password", but that's not exactly accurate:

I have one long string of randomness memorized. Which is typed as the base password.
And from that I make a unique one by tapping a sort-of beat on the arrow keys, moving from the beginning to the end, at each pause inserting relevant info about the use of the password (a domain name, e.g.,), and when I'm done with the tapping, if any more letters remain, they're just typed normally.
At the end, a little mix of capital letters (which respectively replace previously typed lower-case ones), and, finally, a fixed numerical bit.
If it sounds difficult, it's really not. Surprisingly easy, actually. And reproducible -- in a sense they're all remembered.

-grubby
January 6th, 2009, 04:09 AM
Sounds like a hacker looking for hints.

Rich

Yes, Aysui is a 1337 hax0r, didn't you know? Aysui has your ip - now run!

BLTicklemonster
January 6th, 2009, 04:15 AM
Here at the house I use an algorithm that choses random streams of numbers and letters based on background noise gathered from a ham radio set to fm on the 80 meter band.

At work I use whatever is on a yellow post it note attached to my monitor.

BLTicklemonster
January 6th, 2009, 04:16 AM
I voted other. I have various different random passwords and regularly forget them all.

lmao.

Post it notes. ;)

Dark Aspect
January 6th, 2009, 04:18 AM
My passwords are usually random strings of letters and digits that are about 15-30 characters long depending on the security.

cardinals_fan
January 6th, 2009, 04:19 AM
I have several random passwords of varying lengths that I memorized. I use them for different websites at random. I also have a file that contains all of them. It is accessible only by root, and I have a special root password that I use for nothing else.

-grubby
January 6th, 2009, 04:20 AM
I also have a file that contains all of them. It is accessible only by root, and I have a special root password that I use for nothing else.

Mine are listed as plain strings in the text file, however the plain strings need to be md5 encrypted first ;).

samjh
January 6th, 2009, 04:40 AM
I have several passwords. Two are weak, two are moderate, and two are strong.

For sensitive uses, I sometimes combine them to make super-strong passwords. Otherwise, I use them on their own.

The weak ones are used for casual stuff like forums, etc.

Moderate ones for things like study, work, home computer login.

Strong ones for banking, email, ISP, government.

Dr Small
January 6th, 2009, 05:14 AM
I generally use one password, but I do have several others for various websites. I generally keep a "master password" which is memorized, but over time and tired of repeated use, I think up a new one.

From now on though, I'll be generating mine from MD5sums of strings.

I do keep an encrypted text file that contains all of my passwords, though. It's encrypted with my GPG private key's password, so that's basically the master password for all the rest of them :)

azkehmm
January 6th, 2009, 11:02 AM
I have 6 or 7 passwords with both numbers and uppercase letters and stuff, that I ranomly use for email, bank etc. Every once in a while, I come up with a new one I find easy to memorize and put that in the pile.

Kingsley
January 6th, 2009, 11:13 AM
I use different styles of passwords for good security. For example: 12345, password, qwerty, my birth date, etc.

halovivek
January 6th, 2009, 11:18 AM
I randomly generate passwords and memorize them all.
i do have around 30-50 different sites from bank to email. i always memorize that one. i dont stay on a single password and working since it will not be safe for bank accounts.

CrazyArcher
January 6th, 2009, 11:21 AM
I have a weak password I use for forums and non-dangerous stuff, OK passwords for email accounts and strong passwords for stuff linked with money.

BLTicklemonster
January 6th, 2009, 11:38 AM
you know what blows my mind? you go register at places and you can just pick just about anything for a password and it just works! it's like they want you there or something.



(think dumb thoughts then read it again. I swear it's funny)

dannytatom
January 6th, 2009, 11:41 AM
I chose "I have one password I use for everything. It's strong."

I try to make sure it has multiple uppercase and lowercase letters, numbers, and symbols. A lot of sites don't allow symbols, though. :(

I don't have the memory for different passwords, or I'd do that. :P

Copernicus1234
January 6th, 2009, 11:45 AM
For me, its:

- I use about 4 different passwords for the computer login, internet sites and everything else.

Not part of the reply options though. I think a lot of people use the same password on internet sites and their computer, so if anyone would get access to the logins on a site, they have a good chance of also getting into some computers remotely.

Take this site for example. Im sure there are quite a few users who use the same password here and to their computers. Different username probably though.

lswest
January 6th, 2009, 11:47 AM
I take one base password and have a series of varieties of that one password, so I can remember it, and if I forget it, I can still "guess" the right one. Every so often I change the base password though.

Chose "other" since it's more a mix of the options.

Delever
January 6th, 2009, 01:56 PM
I have few memorized sequences of random letters and I use simple combinations of those for different passwords. There is basically 3 types I use: for stuff that is not important - 1 easy to type short password, 1 password only I know - for more serious stuff, and finally variation of passwords for most important things.

It is actually not so hard to memorize strong password, and I strongly suggest doing it. Because once it is in your head, you can use that password not only for serious stuff, but also take any part of it and use as another password.

jespdj
January 6th, 2009, 03:21 PM
I use a small program (written by myself) to generate random passwords, and I keep all those passwords in an encrypted spreadsheet on my computer (with a master password).

happysmileman
January 6th, 2009, 03:35 PM
I have a strong password (20 digit random alphanumeric with upper and lower case) for my email which I use nowhere else.

And a 16 digit alphanumeric that I use elsewhere (appears random, is actually an abbreviation for some sentence I just pulled out of my head one day, has numbers and capitals)

forrestcupp
January 6th, 2009, 04:30 PM
My password for everything is just 'password' without the quotes. Have fun, people. :)


Just joking, I'm not dumb enough to actually give you my password.

CrazyArcher
January 6th, 2009, 04:49 PM
This thread made me change my PayPal passowrd to a much stronger one :)

lukjad
January 6th, 2009, 04:51 PM
My password habits are somewhat complex, so I chose other.

I used to have only one password, 4 characters long. It meant nothing, as far as I know, but it was ease to type and had a space in it. Then, I added a character to it on some sites that required more lengthy passwords. I then had to add another character when the password length was increased to 6. Finally, I created another password for everything new. Then, when that was too short, another.

My current password methods are like this:

Legacy:
Weak passwords that I can't be bothered to change.

Old:
Fairly good passwords that are starting to mellow.

Secret:
Old passwords that are never used, kept as a backup in case I forget the rest of my passwords.

Flux:
The ones I use as my login at school. I have too many people who want to get into my system to keep them for more than 2 weeks. This is usually a mixmash of words. I sometimes use 1337 speak for my Flux passwords as well.

jeyaganesh
January 6th, 2009, 05:01 PM
I use universal password, that is same password for all websites except few.

Some websites like Canon photography websites provide their passwords. I saved those passwords in Flock. Even I dont remember them.

I save forgotten passwords in my email.:D

JohnFH
January 6th, 2009, 05:19 PM
I have the same password for everything, including this website. It's *********.

That's strange - looks like this forum recognises your password and automatically masks it. Nice.

Seriously though I have different passwords for some things and some passwords may be completely random but may not. Obscure enough?

Delever
January 6th, 2009, 06:04 PM
I have the same password for everything, including this website. It's *********.


Fat chance, I saw that joke before :P :D

mihai.ile
January 6th, 2009, 06:16 PM
I have a set of passwords in my mind from which I use randomly for forums/emails/pc login/pin/etc
some are very strong others as easy as a "1234..." password

poisonkiller
January 6th, 2009, 06:30 PM
Voted: I have one password I use for everything. It's strong.

I took a common English word and translated it into hex code. Brute-forcing it could be rather difficult, as it is <8 characters long. :P

Achetar
January 6th, 2009, 06:35 PM
I have almost 40 passwords for various MMOs, emails, OSs, forums, etc. About 2 are randomly generated ones. All the rest are random words mixed with numbers and punctuation. There is no pattern for my passwords.

About 20 of those passwords are stored in Firefox, and I have some stored in TrueCrypt (so I guess in a sense I have a Master Password)