Password Nightmare
Almost every useful/interesting web site requires a password. If you want to play with them, you’ll need to register. To register, you’ll…
Almost every useful/interesting web site requires a password. If you want to play with them, you’ll need to register. To register, you’ll need a password. It’s just the way it is on the net these days.
However, it’s a nightmare considering the number of my daily visited web sites.
Well, I don’t know how you handle it, personally I have my own mental system for this. Obviously I shouldn’t use the same password for every web site. I don’t trust anyone, not even Google (do you?). Therefore, I use a few primary words plus some special characters to generate a unique password for each site. For example, for web site foobar.com I might choose a primary word foobarcom mixed with 6&8 to generate a unique password foo6bar&com8 [¹].
That’s for generating passwords, the easy one. The hard one is to actually remember them. Currently I rely on Firefox [²]. But there’s one problem: it’s hard/troublesome to keep sync between multiple computers. Also, if I can’t use my own computer, I’m in trouble.
A more thorough refection on this issue could be found here: More on Passwords. And there’s a new way of handling it: Web Password Hashing [³].
Basically PwdHash lets you generate a unique password for each site based on a primary word you choose. Yes, it’s a little like my system described above but without requiring you to remember the special characters (and how to mix them with the primary word). So now all you need to remember is a few primary words (and on which web sites they are used).
PwdHash is a Firefox extension and is very easy to use. Whenever you need to enter a password (for a specific web site), just press F2 (or a special prefix “@@”) before you type your chosen primary word. PwdHash would generate a unique password for this site (only) based on the primary word you type.
Please bear in mind that I don’t really think it’s a good idea to use the exact same method for treating your critical passwords. Be very serious about your critical, secret passwords.
Keep your secrets in you mind only, or it is not secret anymore.
[¹]: Well, this might work for non-critical web sites. But for other critical, life-supporting sites (like E*Trade, NetBank), using the same system to generate passwords is simply unacceptable. It is wise to keep them completely separate from those used for non-critical web sites. If you’ve never been worried about it, you should start to worry.
[²]: Again, that’s for normal non-critical web sites. For critical passwords, I use Oubliette. These days, web sites start to require you to change your passwords every few months. I really can’t remember them without some kind of help.
[³]: If you don’t know what hashing means. Hashing is a process for generating unique word from a given input. It will always generates exactly the same word if the same input is given. And by unique we mean hashing will generate a completely different word if a different input is given (even just a single character change).