[AccessD] OT: RE: Password Managers

Jim Dettman jimdettman at verizon.net
Sat Sep 18 15:28:17 CDT 2021 

<< So far I haven't used one. >>

Me neither.

I prefer not to store my passwords anywhere.   What I use is a two-part
password system.    One part I memorize, which is a "base" password.   The
second part I write down on a cheat sheet and it's unique for each password
I need, and include a token to represent the base password.     So on my
cheat sheet, I might write:   Sec1+)95483$.    Only I know what Sec1 is.

 So even if someone picks up my cheat sheet, they can't use it. If someone
hacks a web site, they get the full password, but it's only good for that
site.

I also take it one step further in that I have multiple base passwords.
One I use on only 2 or 3 sites, which is for the critical stuff, like
banking, where I know they take security very seriously.   Chances of them
getting hacked are slim.    Then a second one for sites like Linked-in,
Facebook, etc.   Places where security is a concern, but they might be
hacked.  Then I have a few for all the junk sites, like ordering parts for
the dishwasher from xyz company, where chances are high that they will be
hacked and the password exposed (i.e. they run a Word Press site).

And there's all kinds of flexibility in this.

1. You can put the base password anywhere     )3923$Sec1  or )392Sec13$ as
you don't have to memorize the whole thing.   Just what represents the base
password.
2. The second part can be lengthened / shortened  to allow for sites that
have different allowed password lengths (i.e. must be 8 characters, 6-10
characters, etc).    There's nothing more frustrating than having a password
memorized, and a site won't accept it because it is too long or short.
3. You can have as many base passwords as you want.    I make them easy to
remember by thinking of book or movie titles, then take the first letter of
each word and throw in a special character and/or numbers.   You also can do
the character substitution thing ($ for S), utilize unique capitalization
(last letter instead of first, 2nd letter in, etc).    Whatever makes it an
easy mnemonic/system for you to remember.

Jim.

-----Original Message-----
From: AccessD On Behalf Of Arthur Fuller
Sent: Saturday, September 18, 2021 10:25 AM
To: accessd at databaseadvisors.com
Subject: [AccessD] Password Managers

So far I haven't used one. Google reported to me that one of my passwords
was detected in a data breach I have a couple of questions. 1. Will a
manager create strong passwords automatically?  2. Is there one that is
cross platform? I have three working computers, each running a different OS.

-- 
Arthur
-- 
AccessD mailing list
AccessD at databaseadvisors.com
https://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

More information about the AccessD mailing list