Welcome to WebmasterWorld Guest from 18.104.22.168
Arrrgh! Where did I put all those little critters?
Sure, I jot them down. But with passwords for this, passwords for that and different passwords for those, that adds up to a lot of different jottings and many nooks and crannies in which they might -- or might not -- turn up.
Ah, here's one hiding under the smart card rebate I was supposed to send in last week.
What system don't you use?
My Visa card company mentioned that they are working on using PIN numbers for online shopping so that 3rd party payers will no longer be needed of course that means a lot of PIN numbers will floating around the web...
I've been watching another freeware password manager called Password Corral that looks to have potential if the developer gets around to releasing the next version.
Unfortuantely I have hundreds upon hundreds of logins that I track and I have considered just going the PGP encrypted Excel file so that I could sort everything the way I like.
You *can* make cryptic passwords memorable, though, just by substituting a few letters with similar looking numbers and symbols. For example you can turn your dog's name, say Jasper, into a password like j@5p3R. Then throw in a few extra characters to make j@5_p3R+
That way I only need to remember one password to access all my different id's and passwords (yes I assign different random 6 to 8 letter/number passwords to different sites). That one password is (password1password1password2) (where each password is a 6 digit alphanumeric combo). I figure an 18 digit alphanumeric password would take quite a long time to crack.
Using SplashID, my passwords are also in the encrypted desktop program.
Encryption buys time, not security?... no kidding. If I DO lose my PDA, I'll be changing my critical passwords... same as if your "scrap of paper" system disappeared. But, if your paper disappeared, you really WOULD have lost all your passwords.
Regarding having your passwords stolen via Broadband connection while Syncing... turn off cable-modem, sync, restart modem... and maintain your firewall.
Your scrap of paper can't be "hacked", but it can easily be deposited in the pocket of any visitor to your desk... do you know your friends and relations as well as you think?
-- irritating diatribe follows ---
I always love arguments that state: Your solution is not absolutely iron-clad-foolproof... therefore we'll do nothing. World hunger won't be solved by my donation, therefore I'd only be wasting my nickel, therefore I'll do nothing at all. Brilliant.
Shakespeare famously wrote: "nothing would come of nothing"
But I wasn't recommending nothing - I was recommending something!
(i.e. don't put data in digital format if you want it safe - put it in analogue format. I'm not aware of hackers burgling houses!)
No, hackers don't burgle houses, social engineers snoop, neighbors snoop, kids snoop.
Encrypt sensitive information with PGP. Once encypted, only cryptanalysts can snoop effectivley and without access to Crays, the cracking process will take more than 40 years.
Secure doesn't mean unbreakable. Secure means that the time involved to defeat the security isn't profitable.
That hackers don't burgle houses has been agreed upon.
Now we have
social engineers snoop, neighbors snoop, kids snoop.
Do social engineers burgle buildings to find passwords?