By chandan on Sep 16, 2005
Referring to Sara's post, here is how manage my passwords. I have three classes of passwords:
- A. really important passwords:
These change often. used for corporate accounts, bank accounts etc.,
- I use one or two silly phrases whenever I have to generate them. for eg. "Alice stole Bobs tarts". Phrase can be in any language and need not be gramatically correct. Longer the better.
- For each different account I add one or two words.
For Bank of America it becomes "Alice stole Boa tarts"
For CitiBank "Alice stole Bobs tarts in the city".
- I then distill or transform the phrase to a 8 or more character word:
AlStBoaTts or a(s\*TBoTacty. The transformation method is known only to me and I might use special random characters in between. Since I apply this method often, I remember it well.
- I then make a note of the phrase in some encrypted file (using vault)
- When I change password for one account I change them all
- B. important passwords:
These change rarely; root passwords, user passwords, etc.
Again transformed and long silly phrase, different for each account.
The phrase is noted down in an encrypted file (using vault)
- C. unimportant passwords
these never change - for websites that require a password for the sake of a password)
I use one of four or five of my regularly reused passwords. (like abcd1234)
(Ooops did I give away too much information about my passwords :-)