Forum Moderators: phranque
I've been a freelancer for 3 years now and it seems every day I get a new user/pw for something or other. It's driving me mad. I came to two conclusions:
1)For ones I won't remember: I write them by hand in a notebook. Safer, but dangerous if lost.
2)I need a method for remembering the info. I'm trying to come up with a formula. I use an easy-to-remember username, and I'll make the password a formula of the place it's for.
For example if I were registering with a company at www.somesite.com, I would make my password a formula of "somesite". I could replace the vowells with a number, or with specific #s, or write it backwards and tag on the end the # of consonants or something. So I would get:
s0m3s1t3 or
s9m9s9t9 or
somesite04 etc..
Then I just remember my formula and I can apply it anywhere and always have a different pw.
Not only that, but I could have various formulas, and give them names. So I could keep a digital file of my user/password without worrying about who sees it.
user: pingpong
site: www.kingkong.com
pw formula: funny vowells
Am I the only one who does this? What do you do? (I'm not trying to crack anyone's passwords here.)
<snip>
No database, and just a pass-phrase + name of site to generate a unique password at all times.
Not totally secure (what ever is?). But a nice step in the right direction.
[edited by: trillianjedi at 11:10 am (utc) on Nov. 5, 2004]
[edit reason] TOS [/edit]
The idea behind the snipped page is very simple, and anyone could create a quick script to do the same in under 5 minutes.
All you do is think of a passphrase that you can never forget, and no one should ever be able to guess.
Then you append the site name to that passphrase and generate an MD5 (or equivalent) and that becomes your password.
So if my passphrase was "I like George Bush" (which is not anything anyone would ever guess I'd say), then my password to WMW might be the MD5 of:
"I like George Bushwebmasterworld"
while my password to bondage-widgets.com would be the MD5 of:
"I like George Bushbondage-widgets"
Nothing need ever be saved or written down.....Just don't lose the script, if you wrote your own.
Was a time when I'd use same pass for everything, but you soon learn otherwise. Currently store all passwords in a notepad file and have firefox remember all .. with me checking notepad file each time form info, pass's are cleared ..
would like a much easier way though ...
There is even an extension to override sites that try to tell the browser NOT to remember [extensions.roachfiend.com]
the username & password (like Yahoo - screenshot) [extensions.roachfiend.com].
One on my desk - one in my handbag, so that if I'm out of the house, it is out of the house.
Very simply encoded so that I don't have to think about it to decode, but not obvious to a casual observer.
Perhaps most importantly, duplicate envelopes addressed to my brother - one in the house, one in the car - "if deejay gets hit by a bus, read this". Contains the code key and instructions on what needs to be done where to either take over or shut things down.
amz: That seems like all your eggs in one basket. I guess I'm willing for a little hassle up-front to save a lot of hassle if something happens to my "basket". But I'm a traveling webmaster type and enjoy my portability...
They can be backed up and restored, even to other computers if needed.
Only way to fly in my book, extreme productivity if you use only one or two computers.
If you use foreign computers in a cafe etc. you are risking keyloggers, I never login anywhere from a PC I don't "know".
That's another benefit of the Firefox password saver, it's not being typed in or going through the keyboard buffer, so keyloggers won't work.
