Of course I’m not asking you to give away your passwords. But for those of you who have so many, how do you keep track of them all? Do you use any unique methods?

I know many people struggle between having something that’s easy to remember and something that’s easy to guess. If you keep a note with your passwords on it, for example, it can be stolen, lost, or destroyed, or if you make them according to a pattern that’s easy to remember, the wrong people might find them easier to guess.

      • KittenBiscuits@lemm.ee
        link
        fedilink
        English
        arrow-up
        4
        ·
        25 days ago

        I definitely use a password wallet.

        And because I’m getting into the demographic where my peers are going through end of life planning (whether for their parents or themselves), I have written my master password down and keep it with the will/“very important papers”. Whoever settles your affairs will thank you.

        Also, since I’ve wrangled with this one specifically, when a loved one passes keep their mobile number active so you can navigate mfa and password resets for their accounts.

  • WhatsHerBucket@lemmy.world
    link
    fedilink
    arrow-up
    12
    arrow-down
    1
    ·
    25 days ago

    I have hundreds of passwords, there’s no way I could manage that without a password manager.

    1Password isn’t terrible, it’s pretty intuitive.

    Bitwarden is another popular option.

    Using the same (or similar) passwords for multiple things is a really bad idea.

  • Like the wind...@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    1
    ·
    25 days ago

    They’re all the same-ish.

    Let’s say my password is Token, but spelled like t0k3||

    I would attach something related to the site on it, so if the site is lemmy for example, the password would be like

    t0k3||Addictedtosurfing

    If the site is Amazon something like

    t0k3||Thanksformyfavoritejob

    I called it “lock and key” style and I’d change the beginning part, the “lock”, once a year.

    So next year it’ll be ef|=027Addictedtosurfing

    These are examples lol

    • sbv@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      2
      ·
      25 days ago

      Pretty much this. But I used a function of the host name, so it would be easier to remember.

      It gets annoying when the site forces you to rotate the password. After that happened a couple of times I started using a password manager.

  • Nadru@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    25 days ago

    I have a friend who resets his passwords whenever he connects. So he only remembers one password, that of his email. He claims it’s safer this way.

    • Ookami38@sh.itjust.works
      link
      fedilink
      arrow-up
      4
      ·
      25 days ago

      Theres… There’s something to it, I guess. Make sure your email is secure, and if not even you know your password, how can someone else. Christ, it sounds like a massive pain in the ass, though.

  • traches@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    5
    ·
    25 days ago

    For passwords you have to keep in your head, diceware. Surprised it’s not already mentioned! Basically you roll dice to choose words from a long wordlist until you have 6 or 7 words.

    Human brains are good at remembering words. It’s way easier to remember a password that looks like:

    grandson estimator virtuous scabbed poet parasitic
    

    than it is to remember a random character string.

  • AbouBenAdhem@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    25 days ago

    For cases where I may not have access to a password manager, I have a standard procedure where I’ll take the website url, add a fixed salt word, and run it through a hash function.

  • randombullet@programming.dev
    link
    fedilink
    arrow-up
    4
    ·
    25 days ago

    I use passphrases from movies of shows that I like. Then add a special symbol and a number that I like.

    Thanks for nothing you useless reptile!61

    This has 100.54 bits of entropy. I consider anything above 60 sufficient enough

    • Ookami38@sh.itjust.works
      link
      fedilink
      arrow-up
      5
      ·
      25 days ago

      Similar, but I just take the first letter of each word, keep proper pronunciation, and turn some into numbers as appropriate.

      Two trailer park girls go round the outside, round the outside, round the outside.

      Becomes

      2tpggrto,rto,rto.

      No, for the record I do not use THAT song.

      • sem@lemmy.blahaj.zone
        link
        fedilink
        arrow-up
        1
        ·
        25 days ago

        Wouldn’t it be better to use the full quote, with some random numbers and symbols interspersed?

        • Ookami38@sh.itjust.works
          link
          fedilink
          arrow-up
          3
          ·
          25 days ago

          Depends. I like this because it’s shorter, but still maintains a good level of security, and I’ll never forget it. Technically the full password is stronger, yeah. This also has the added benefit of someone being able to see you type it or catch a glimpse of it plaintext for some reason and have NO chance of remembering it.

          Either way, they’re both pretty secure, I just don’t wanna type several lines of… Anything each time I log in.

    • IphtashuFitz@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      25 days ago

      I worked in IT at a company years ago that standardized on song lyrics in a similar fashion:

      4 Those about 2 rock we salute you!

      I want 2 rock & roll all night

      Etc.