04-26-2004, 06:15 PM
Here's what I think is the best way to keep track of passwords for online sites. Use a password that's somewhat obfuscated (immune to dictionary attacks), but because it's the only one you'll be using, it'll be easy to remember. Then, append a couple letters to the password depending on what the function is.
So suppose my base password is T-hawk7! . Then my Lurker Lounge password would be T-hawk7!ll , my American Express online password would be T-hawk7!ae , and so on. It can be further obfuscated, by something like adding one to each letter (like T-hawk7!mm for the Lounge).
I haven't forgotten an online password in years. I can use a site once, come back to it 3 years later, and still know my password within a couple tries -- but in a much more secure way than simply using the same password for everything. There's a tiny risk the system could be discovered, but I've never had any problem at all.
So suppose my base password is T-hawk7! . Then my Lurker Lounge password would be T-hawk7!ll , my American Express online password would be T-hawk7!ae , and so on. It can be further obfuscated, by something like adding one to each letter (like T-hawk7!mm for the Lounge).
I haven't forgotten an online password in years. I can use a site once, come back to it 3 years later, and still know my password within a couple tries -- but in a much more secure way than simply using the same password for everything. There's a tiny risk the system could be discovered, but I've never had any problem at all.