The challenge with passwords is to over come the Catch 22: “Passwords that are easy to remember can be easy to hack, and passwords that are hard to hack can be impossible to remember.”
One technique that you can use to solve the Catch 22 is phrases. Basically you use a string of words. An example would be: Cold weather isn't tropical! This 28 character long password would be nearly impossible to hack/guess. And you could change the “o”s to “0” and the “a”s to “#”s for good measure. Something like this example beats the Catch 22, but it breaks down when you have 100 of them. You can't remember 100 phrases (I can't anyway), and you can't remember which one is used where.
One solution to this impasse is to duplicate some passwords based on the value of what you are protecting. This is “going against the rules”, but if the risks are minimal...? For example, let's say you list and rank the sites you use like this:
- Retirement Account
- Investment Account
- Checking Account
- Credit Cards
- Email Account
- Cloud Storage Account
- Project Management Service
- Online Tax Service
- Shopping Sites
- Apple ID
- Social Sites (FB, Twitter, etc.)
- Entertainment Apps (Netflix, Hulu, etc.)
- Tool Apps (Auto 360, Lucidchart, etc.)
There are other worthwhile ideas in the article I referenced above, and you might find they give you the amount of security you want. My desire is to have the security without the “remembering”. In other words I would rather learn a system that does the managing and remembering for me.
The Final Update can be found here.