Of course I’m not asking you to give away your passwords. But for those of you who have so many, how do you keep track of them all? Do you use any unique methods?
I know many people struggle between having something that’s easy to remember and something that’s easy to guess. If you keep a note with your passwords on it, for example, it can be stolen, lost, or destroyed, or if you make them according to a pattern that’s easy to remember, the wrong people might find them easier to guess.
KeePassXC/DX.
I remember them two characters at a time.
Theres a couple of passwords I remember, like for logging on my PC and into my password manager
I don’t. Bitwarden and that’s it.
I used to have a couple of letters from the site/service followed by an obscure dialectal word that’s not found in dictionaries with a few characters replaced by numbers and symbols. Those two letters kind of work like salting to keep every hash of my password unique.
Now I just do bitwarden.
Bitwarden and be done.
2 ways
1 password manager
- I use them very often. I have a bunch of different yes complex passwords that I’m using repeatedly throughout the day so brute force rote memory….
But yeah. Password manager
hunter3for everything.You use 7 stars for your password?
In my experience the best way to remember passwords is to… Get a password manager
This is 100% the best advise. But how do you remember your password managers password? I highly recommend Computerphiles tips, I’ve never seen it explained better: https://youtube.com/watch?v=3NjQ9b3pgIg
(Join 3-4 random, unrelated words for a strong, memorable password)
https://xkcd.com/936/ Because theres one for every situation.
If you only have one password for all the things you don’t need to be pretty forgetful to forget the word.
how do you remember your password managers password
another password manager
It’s easy enough to remember one long password, when it’s prompted often.
Until finally there is one to bind them all.
And that password is written on a scrap of paper attached to my monitor. Perfect security.
I definitely use a password wallet.
And because I’m getting into the demographic where my peers are going through end of life planning (whether for their parents or themselves), I have written my master password down and keep it with the will/“very important papers”. Whoever settles your affairs will thank you.
Also, since I’ve wrangled with this one specifically, when a loved one passes keep their mobile number active so you can navigate mfa and password resets for their accounts.
Edit: replied to the wrong comment
I have Bitwarden set up with a feature called Emergency Access. The credentials to access that is just stores in plain text on a piece of paper in a drawer that I frequently use. If I ever forget my master password, I pull out the paper and use the Emergency Access feature, and start the timer, I set it at one or two weeks.
I only remember one password, the one to my password manager.
They’re all the same-ish.
Let’s say my password is Token, but spelled like t0k3||
I would attach something related to the site on it, so if the site is lemmy for example, the password would be like
t0k3||Addictedtosurfing
If the site is Amazon something like
t0k3||Thanksformyfavoritejob
I called it “lock and key” style and I’d change the beginning part, the “lock”, once a year.
So next year it’ll be ef|=027Addictedtosurfing
These are examples lol
I guess you can sha256 hash them for extra security too
Pretty much this. But I used a function of the host name, so it would be easier to remember.
It gets annoying when the site forces you to rotate the password. After that happened a couple of times I started using a password manager.
Like other have said, Bitwarden.
But I also would like to add: I use the Emergency Access feature in case of forgotten master password.
You basically set up another account and do a sort of “public key exchange handshake” with your main account. Then your secondary account becomes a way to recover your main account.
You can store the credentials to secondary account in plain text on a piece of paper in a drawer somewhere you have a habit of accessing (so you don’t forget where you put it). Its doesn’t matter if a snooping family member saw those credentials, theres a pre-set timer that needs to expire before access is granted. If I saw that timer being triggered, I’d know someone had been snooping, and I can just click deny access from my main account.
So if you somehow forget your main password, you find the paper with your secondary account and use it to request access to your primary account. And well you’d have to wait out the timer, but its better than losing your vault forever and having to reset every password.
Before password managers I used to come up with a phrase or nonsense word that was personally significant to me, or an inside joke. Some sort of “catch phrase” that would only make sense to me and maybe my closest friends. Sometimes just an initialism of something I’d know, like my ex-gf Angie (not her real name) had a gap in her teeth, so I’d tell my friends “Angie’s got a gap in her teeth so my dick’s gots to fit!” and so my password would be “Agagihtsmdg2f!”
Password manager. For things that I forsee I will end up needing to type often, I might choose a passphrase made of actual words. Some password managers can do this, or create passwords made of syllables you can pronounce. It’s way easier to type correctly.
When I’m without a manager, I just look around for random objects, especially things with numbers and special characters.
