Of course I’m not asking you to give away your passwords. But for those of you who have so many, how do you keep track of them all? Do you use any unique methods?

I know many people struggle between having something that’s easy to remember and something that’s easy to guess. If you keep a note with your passwords on it, for example, it can be stolen, lost, or destroyed, or if you make them according to a pattern that’s easy to remember, the wrong people might find them easier to guess.

  • TrueStoryBob@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    11 hours ago

    I have four passwords I memorize: my password manager, my main email, my work login, and a throw away password for stuff that doesn’t matter too much (signing up for giveaways, throw away social media accounts, etc). For everything else I have the password manager create some twenty character monstrosity.

    The four memorized ones are all nine letter words with numbers and symbols replacing letters usually always including a comma somewhere as I heard once that a comma makes a password hardet to crack (but, now thinking about it, I don’t know where I heard that and it sounds like a myth).

  • Ænima@lemm.ee
    link
    fedilink
    arrow-up
    2
    ·
    12 hours ago

    For the work passwords I have to remember and cannot always access a password manager, I use pass phrases instead. Statistically, 3 random, non-similar words, are more secure than normal passwords. Changing random letters to symbols and capitalizing can further improve the security. For instance…

    • Stove glob3 hamst#r
    • pants Stuffin& quote
    • z1ptie float beet$l
  • AA5B@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    10 hours ago

    I only need a couple “real” passwords. They are long, complex, and backed by 2fa

    Historically I re-used things from personal history. I know I shouldn’t but they’re easier to remember since I already memorized them. Usually they’re not public data, more like

    • my first PIN of my first ever bank card is now additional authentication for my app with my current bank
    • one password is the name and IP (with substitutions) of one of my favorite servers from a job 15 years ago when I ran my own lab
    • I gotta admit, I still have some trivial passwords for things that seem trivial

    But my passwords are mostly generated (and the password to that is complex and unique, plus requires additional Auth). Anything from the last couple years also has a unique generated email

    My company is pretty serious about such things: I have generated passwords, two separate 2fa apps and a yubikey. Plus they have some annoying shit on the laptop that is sometimes annoying

  • JackbyDev@programming.dev
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    14 hours ago

    I only try to remember two passwords. My email password and my password manager password. The rest and random gobbledy gook.

  • randombullet@programming.dev
    link
    fedilink
    arrow-up
    4
    ·
    17 hours ago

    I use passphrases from movies of shows that I like. Then add a special symbol and a number that I like.

    Thanks for nothing you useless reptile!61

    This has 100.54 bits of entropy. I consider anything above 60 sufficient enough

    • Ookami38@sh.itjust.works
      link
      fedilink
      arrow-up
      4
      ·
      16 hours ago

      Similar, but I just take the first letter of each word, keep proper pronunciation, and turn some into numbers as appropriate.

      Two trailer park girls go round the outside, round the outside, round the outside.

      Becomes

      2tpggrto,rto,rto.

      No, for the record I do not use THAT song.

      • sem@lemmy.blahaj.zone
        link
        fedilink
        arrow-up
        1
        ·
        12 hours ago

        Wouldn’t it be better to use the full quote, with some random numbers and symbols interspersed?

        • Ookami38@sh.itjust.works
          link
          fedilink
          arrow-up
          2
          ·
          11 hours ago

          Depends. I like this because it’s shorter, but still maintains a good level of security, and I’ll never forget it. Technically the full password is stronger, yeah. This also has the added benefit of someone being able to see you type it or catch a glimpse of it plaintext for some reason and have NO chance of remembering it.

          Either way, they’re both pretty secure, I just don’t wanna type several lines of… Anything each time I log in.

    • IphtashuFitz@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      13 hours ago

      I worked in IT at a company years ago that standardized on song lyrics in a similar fashion:

      4 Those about 2 rock we salute you!

      I want 2 rock & roll all night

      Etc.

  • NeoToasty@kbin.melroy.org
    link
    fedilink
    arrow-up
    1
    ·
    13 hours ago

    Muscle Memory.

    Plus, I go by a chain or series of passwords. For example, I’ll have a series of passwords that begin with P@ or something and I’ll branch off from that.

    • ERROR: Earth.exe has crashed@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 day ago

      I have Bitwarden set up with a feature called Emergency Access. The credentials to access that is just stores in plain text on a piece of paper in a drawer that I frequently use. If I ever forget my master password, I pull out the paper and use the Emergency Access feature, and start the timer, I set it at one or two weeks.

  • Nadru@lemmy.world
    link
    fedilink
    arrow-up
    5
    ·
    19 hours ago

    I have a friend who resets his passwords whenever he connects. So he only remembers one password, that of his email. He claims it’s safer this way.

    • Ookami38@sh.itjust.works
      link
      fedilink
      arrow-up
      3
      ·
      16 hours ago

      Theres… There’s something to it, I guess. Make sure your email is secure, and if not even you know your password, how can someone else. Christ, it sounds like a massive pain in the ass, though.

  • shneancy@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    17 hours ago

    i have difficult & long unique passwords for each of the important things (emails, bank, any official gov or edu sites etc.) that i keep on a piece of paper in my notebook (with a few backup copies). And i also have 3 degrees of difficulty for my other passwords that i use like this: easy “i could not care less if this account got hacked, in fact i know this password has been leaked in plain text before so whatever”, medium “i’d kinda suck if this got hacked but ultimately it’d not cause major issues”, hard “i do not want this to be hacked”

  • traches@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    5
    ·
    20 hours ago

    For passwords you have to keep in your head, diceware. Surprised it’s not already mentioned! Basically you roll dice to choose words from a long wordlist until you have 6 or 7 words.

    Human brains are good at remembering words. It’s way easier to remember a password that looks like:

    grandson estimator virtuous scabbed poet parasitic
    

    than it is to remember a random character string.

  • Akasazh@feddit.nl
    link
    fedilink
    arrow-up
    2
    ·
    18 hours ago

    I use postal codes, street names and house numbers of addresses where I previously lived. They contain numbers and capital letters, are random for anyone else, but in doubt I can always look them up.

  • PetteriPano@lemmy.world
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    22 hours ago

    I used to have a couple of letters from the site/service followed by an obscure dialectal word that’s not found in dictionaries with a few characters replaced by numbers and symbols. Those two letters kind of work like salting to keep every hash of my password unique.

    Now I just do bitwarden.