saxitoxin wrote:I have 49 userids and passwords I use semi-regularly. They're all very complex and I change them frequently, so memorization isn't an option. On the most important ones I use two-factor authentication.
But how do I keep track of all this shit?
I have a password book I use right now to write them all down in and I keep the password book itself in a lock-box that is both hidden and chained to an architectural feature with 7/8th inch chain (bolt cutter resistant) so that even if someone broke in trying to find my password book they'd have trouble finding it and more trouble getting to it. But this doesn't help me if I'm away from the lock-box. Then, the only thing I can access is my email as it's the only password I keep memorized. I don't want to take the book with me because if I lost it then I'd be screwed.
I'm also concerned that the reset address to most of these is my email, meaning if my email was compromised then someone would have access to everything.
What should I do?
Simplest starting point is a passage of text or a poem that you recited a million times in school and are never going to forget. For instance, in high school I used to recite Bob Guccione's Modern Mother Goose rhymes.
Mary, Mary, hot and hairy,
How do your juices flow?or
Whack me nimble,
Whack me quick,
Get that cum to squirt out thick!I will have third stage Alzheimer's and I will still remember those.
Now, taking the first one, we can take the initial letters of Mary, Mary, hot and hairy, and we have MMHAHHDYJF. We now need to add some numbers. To do this, we arrange our accounts in some order. Let's say alphabetical, although there are more discrete orders (for istance, if you know, or pretend to know, where all these organisations are headquartered, you can arrange them east to west).
Let's say your accounts are:
Paypal
Bank of America
Conquer Club
BPSC (British Parliamentary Secretaries Club)
Catherine Deneuve Fan Club
KISS Army
You can arrange these alphabetically as
B of A
BPSC
CDFC
CC
KISS Army
Paypal
and assign to the above list a number, starting with some easily remembered number like the street address of your first childhood home. So, Wilhelmstrasse 77 gives us a starting point, and you will go through the list, assigning 77 to the Bank of America, 78 to BPSC, 79 to CDFC, and so on.
Going back to our poem MMHAHHDYJF, you now insert the numbers at predictable intervals. B of A is the first, so you insert the 77 after 1 and then another 1 space.
Your complete B of A password is therefore M7M7HAHHDYJF.
BPSC is the second, you you insert after 2 letters and then after 2 more, and your complete BPSC password is MM7HA8HHDYJF. CDFC becomes MMH7AHH9DYJF, and so on.
For higher security, you can play additional games with punctuation marks and stuff, but not all places accept punctuation marks in passwords, and unless you're an active KGB agent you really don't need that much security.
Now, what to do when it's time to change your password? That's easy. Now you just shift the entire poem, so you are taking the second letter in each word . SO, instead of MMHAHHDYJF we now have AAONAOOOUL. (mAry, mAry, hOt aNd hAiry, hOw dO yOur jUices fLow?)
It takes a while to explain but it's not hard once you get in the habit.
