passwords and PINs - aaaaaagggggggghhhhh!

[principalitygirl]

It seems that increasingly you need a password or PIN / security number for every website or online service, even the most mundane. They all have to be I'm different formats (total digits min / max plus capital letters, numbers, symbols etc) and we're always told not to use the same password for everything anyway and to never write them down and to log out fully once you've finished on a website. How do you keep track of all yours? I'm always forgetting mine esp the ones I use less frequently, even when I make them similar to each other. Waste so much time resetting them and then forgetting them again...!

I've discovered that there are some smart phone apps that seem to log all the passwords for you and guard them with one password to access them all but are these safe?!

Thx!

I have the same problem, I keep forgetting them and then having to reset them, I have an 8 digit pin for work, then a 4 digit one to access the radio, one for my rota info and one for email. The email and rota ones I have to change every 6 weeks and that's before I even include all the ones for websites. I confess to using the same ones for sites where I don't buy anything like MN but my brain still hurts!
Would be interested to know about the phone app but keep forgetting my itunes password that I need to get apps. I am truly a bear of very little brain.

i personally keep 2 'lists' using different programs or apps to do it.
i store all 'non critical' usernames/passwords (so logins for websites like mumsnet) in a table saved as a page in the notes app 'cherrytree notes'.
with this particular app you can password protect the database (all your notes within the app).
But you can do the same thing with by creating a table in excel and saving the document with a password.
For critical and very personal data (so bank logins, passport data, paypal etc.) i use a program called 'KeePassX' which is supposed to be very secure. essentially, all your data is saved in a password protected and encrypted database file, so in theory you only have to remember the password for that file when you open the app.
BTW i use linux for my day to day computing, but i believe that both the apps i have mentioned are available for windows as well.

i should also mention that KeePassX is opensource, meaning the code used to write the program is available for anyone to view. According to this recent Guardian article this means your data (in theory anyway...) is safer from NSA snooping.

I use KeePassX too and KeePassDroid on my mobile.

Go knows what you are supposed to actually do other than remember them (not possible for me anymore). Once they are down anywhere there is an increased risk.

Store them in an encrypted passwprd manager like KeePassX. Read this to see how it works.

I just remember mine. I have a different one for each site/ service they contain letters numbers upper and lower case. I have an algorithm i use, that way i only need to remember that. I've been to sites i've not seen in ages, applied it and voila.

I dont' trust any password storage systems, and they also mean you don't have to remember the actual passwords they are storing for you.

LastPass - lastpass.com

I use Lastpass on my desktop. It's a godsend and I don't think i can manage without anymore.

Just make sure your lastpass password is a complicated one.

The other thing I do is have different 'levels' of passwords which helps.

And the websites I go to, I place them into three categories.

1. I don't care if someone hacks. eg. any general website like MN, MSE etc.
2. I do care but the damage isn't really the end of the world eg. email, facebook
3. I absolutely do care and a hack would damage me eg. bank/credit card company

Then I have three different types of password. Make it 8 characters long with Caps & a number and you should get through most websites.

That cuts it down from xxx numbers of password to about 3 you need to remember.

Hope that makes sense

as 12th monkey says, use a method for all sites - an 8 letter password with a capital and a number works on nearly all sites so an example may be:

use the first 8 letters from the website, all vowels are numbers (a is 1 etc) and the 3rd non vowel is a capital

using this, your mumsnet.com password is:

m5mSn2tc

Thanks niceguy2 for enhancing my brief reply - I was in a rush. I use LastPass on all my computers. That's the only password I know and it's complex. It's set to expire after a period of inactivity. The more secure stuff is set to prompt for password entry on access.

caroldecker - formulaic passwords are a bad idea as there is a pattern that can be used to derive passwords to other sites. Random is good; mix of uppercase, lowercase, numbers, symbols, etc. is good. But they are harder to remember - hence LastPass.

Thanks for all the replies. I'm going to try to get down to 3 non-formulaic pins and passwords and try to remember them. Will have a look at lastpass and similar too.

I have them all listed in Microsoft documents. 3 pages! Shortcut icon on my desktop. I'm the only one using my pc so it's ok.

I will have to print the bank details out and delete when I send to pc in for its service though!!

It's a nightmare.

I have a generic one, name and password for boring stuff that doesn't need bank details which makes it easier.