I mainly use a password manager. I also just use the same password for some sites. How do you keep track of all your passwords?
I use the same password for most of my website logins. The majority aren't important so password security doesnt concern me. For the few important ones i just store them in my head.
Aaah! Lucky ol' you!! Wish my head was the same. Unfortunately my brain began to baulk at the effort of remembering my 63 ASCII character wireless router password, my 30 ASCII character password for accessing said router, my 20 character alphanumeric case sensitive credit card password, etcetera, etcetera.... Well, you get the idea....
Those of you only using your memory, what happens if the part of the brain that memorizes your passwords, goes kaput? Sure, there are passwords that should only be kept in memory, such as bank account password. We can always retrieve it again, by going to the bank. But, what about e-mail accounts, etc? What if you also forget about the e-mail addresses? I think we should always have a backup plan.
I have one master word, which I never use as the password itself. For really important things like VPN and such, I use a specific variant that includes alpha, numeric and symbol characters. For moderately important things like email accounts, I use a variant that mixes capital letters and sometimes numeric if the site requires it. For less important items like forums etc, I use a synonym of the master word, or a form of the synonym. I will always remember the master word and never, ever, tell it to anyone, including my wife. The variants that I use are easy to remember as I only need to remember the differences of the real word or the synonym. The result is that if I forget, within a few tries I find the correct one, and I don't need to write it down. If I die, my wife will have a heck of a time with my personal accounts. I use another sort-of synonym for our banking etc, one that I easily remember but that doesn't give away my master word. Sul.
I have actually come to this problem recently trying to remember all this information like passwords is starting to suck when your registered at so many websites. So I see where the last poster here is coming from... I have been using my memory but the 20 or so websites that I am registered to I have been forgetting the password as I have not been visiting them as frequently in the summer being out of the house more often I tend not to use the internet as much. My question is this if I were to use keepass just how safe is it? I know databases are subject to injection type attacks. That could wind up rendering the security useless. Also there are some pretty good crackers out there that could just continue to step through and decrypt the information in some security measures or knowing the encryption could allow for decryption if the password or a password is stored in the file for decryption somehow it would be a matter of setting a flag or lets say we use a password of all 1's in binary as an added key this would allow for factoring of a key by one computer in a lifetime or knowing simple information about a person like there email would allow for people that store there user name being there email address in many cases you could somehow come up with a way to look for this particular information while decrypting by knowing some of the info that is private you could potentially trim down the processing power needed to crack such a thing. There is also file date that in some cases is changeable and this is exploited in some security. So knowing all of this I just wonder does anyone know how keepass is coded weather it stores a password or how exactly is the security in this software I would really like to know cause I am feeling that I need to subject myself to something to keep track of things for me as of late.
You both said the same thing, so I have a couple questions for you... Did you install LastPass as a browser extension, or as a standalone that can be used with multiple browsers? And why the brain for the most important ones, i.e. is it because you don't completely trust LastPass? Sounds like it to me.
Brain for anything sensitive (Encrypted drives/volumes, Lastpass login, etc.) LastPass for websites Keypass and KeypassX for anything that I *may* forget. These are just short bits of the password (about 4 characters from random spots) so I can remember what password I used where. I have no issue memorizing passwords but I often forget what password was used on what login That's where key pass comes in. I store the database on my IronKey along with a back up of my LastPass data base and the offline viewer.
In my case "Brain" is for the LastPass master password. Everything else is on LastPass. But, any really important password, that I use pretty much everytime, is stored in my brain as well. Lol. I use LastPass bookmarklets, that work in any browser (that supports javascript, of course).
Between work and home I have many passwords. So I use an app for my iphone called STRIP. It is an encrypted password manager that can be backed up to my computer. It works great.
I don't have that problem, i tend to avoid unnecessary usage of anything that would involve leaving some e-footprints. All i got are email 20+ pass (only using for general question/answer correspondence) and wilders (its a bit shorter, found it to be a interesting forum but don't care so much for the password and if stolen i can start posting under new name, no biggy). Did have a paypal/ebay etc passwords, they were all 20-30 long and still remember them all (and they were "strong" passwords, not those "pet name" thingys). Hm, My head must be really big If that happens, then you have some bigger problems, and any stored passwords wont mean a thing since you wont know what they are for. If you have them all written down in plain text and a side note what are they for, then those passwords are not secure and there is no point in having them (security and obscurity don't go hand in hand)
Sticky Password for forums and other email accounts. Brain for banking and my personal email account.
Well, now that's way beyond my understanding. That is, I got no idea if the parts of the brain that handle our memory are the same ones, in such scenarios. Would losing part of our memory affect all we can remember about something, or only parts of this something? If I lose part of my memory, would I forget everything about my e-mails, etc, or this different information is placed in a different part of the brain? Probably, my long-term memory would still be there and I'd remember my e-mail addresses. But, not my passwords. So, having the passwords in hand would make it easy to know what they're for, if such info is there. Anyway, I'm not an expert, therefore I cannot go any further than this. Not if no one can make anything out of it. Now, I'm not saying I got mine written down and simply visible to anyone, but the same wouldn't mean that anyone could simply look at what I got and decipher it. I'm pretty sure their brains would bleed to death first. Bottom line is, I have "backup plans". If one fails, there's another one, etc. If none works... well... Just enjoy life.
If you loose entire or just a part of your password and/or email address then you can't login. That's it. Backup plans are good but they NEED to be as secure as the original "plan". As long as we "try" to keep pass in our head, have some backup plan just as secure, using strong pass, fighting keyloggers. etc. it's on the safe side. But majority of people do this: they use strong pass everywhere, use different pass every time, but can't wont remember them, so they store them in a container (so far so good) and then they can't/won't/lazy to use/remember strong pass for the container and they go with a "bad" pass. What i am trying to say is that every backup/support plan has to be as strong as the original one, otherwise its "no go" this picture summons it all http://i56.tinypic.com/2czsdo5.jpg
