The Underscore Archives

Iwein,

I use a fairly simple method of keeping track of usernames and passwords. I
use this system because it helps me remember all the passwords for all the
systems I use. I choose one of only 5 passwords for all the systems I use. 2
of them are for use in situations where security is not that important. The
other three are designed to be very secure and are used in situations where
security is very important.

The 2 'low security' passwords (one for personal use, one for work use)  - I
use these on sites where the consequences of having my password stolen
aren't very significant. I use them for sites which never ask for my credit
card details and which don't hold much information about my identity. I'm
happy lending these passwords to close friends and would be comfortable
leaving them lying around on a post-it note if necessary. My dad and my
girlfriend know these passwords. I make them up from a group of words,
preferably nouns, to thwart any attempt at a brute force dictionary attack.

password examples: eg: jesuitmarmalade, fundentalmenace etc.

3 'high security' passwords (one for personal use, one for work use on web
systems, one for work use on internal systems - for example root passwords)
- I use these passwords on sites where the consequences of having my
password stolen would be catastrophic. I use them for sites I am certain I
can trust and in any situations where money or credit card details are
involved. I decide to use these passwords if I think the consequences of
getting hacked would be severe. I do not write these passwords down or tell
them to anyone. They're 15 characters  long, made up of 2 words from
different (preferably dead) languages both preferably using obscure
grammatical forms, so I consider it to be fairly safe from dictionary
attacks!

eg jasminoidesperforatum, nobispraegustatum**

I tend to use the same username on all these systems if I can. It makes it
easier to guess my login details when I try to log back into sites years
after registering. I find that using this system makes it easy to remember
passwords for different systems.

Keeping work and personal passwords separate is useful so that when you
leave a company or contract, you can simply hand them over without the risk
of anyone being able to log into any of your personal systems.

I recommend Firefox's 'Remember Passwords' setting, but I'd make sure you
use the Master Password feature to prevent your password list being stored
on the disk in plain text.

Hope you find this useful - I've spent the morning procrastinating so spent
far longer on this than I should have done!

Cheers

Chris

Good morning _,
>
> Question 1: Has anybody got recommendations on strategies for keeping
> track of usernames/passwords for things like FTP sites, Basecamp
> accounts, server logins, etc?
>
> Question 2: Looking for an app that takes comments and white space out
> of (X)HTML, CSS and JS files. Not looking for obfuscation, but
> optimisation (CSS shorthand etc) is not an issue. In a spectrum from not
> that useful to ideal at the one end it would be an online thing where I
> can copy and paste code and process and copy/ paste back into my file.
> To be honest I could write this myself. On the ideal spectrum of the
> scale, it would be a Win desktop app that I can let loose on a specific
> folder/folders and look at specific extensions.
>
> Thanks,
>
> Iwein
>
>
> --
> underscore_ list info/archive -> http://www.under-score.org.uk
>