Arimaa Forum (http://arimaa.com/arimaa/forum/cgi/YaBB.cgi)
Arimaa >> Off Topic Discussion >> Remembering Usernames and Passwords
(Message started by: omar on May 14th, 2011, 7:31pm)

Title: Remembering Usernames and Passwords
Post by omar on May 14th, 2011, 7:31pm
As the number of accounts created on various sites keeps growing, it is getting hard to keep track of the login info. So I've been letting my browsers remember my username and password on various sites. I recently found out that this is very unsecure. I am not so worried about other family members using my computer, but rather that any software I download and install on my computer can actually access the login info saved by the browser since it is stored unencrypted.

I have now started using this program from LastPass.com. It keeps the login info encrypted and requires a password to access it. Just thought it might be useful for others.

Title: Re: Remembering Usernames and Passwords
Post by lightvector on May 15th, 2011, 1:41pm
For now, my own solution is to try to use a single shared password for all sites that aren't critical (online games, forum accounts, etc), and only use unique passwords for critical sites (email, banking).

I keep a text file storing login ids and password hints. The password hints have very little relation to the actual password, except to me, and mostly serve as the minimum necessary "key" for me to recall which of the unique passwords I used for a site, or whether I used the shared password. So if someone else sees the textfile, it's not too bad.

But yes, the number of accounts is growing a little bit ridiculous.

Title: Re: Remembering Usernames and Passwords
Post by Janzert on May 16th, 2011, 4:12am
I use the firefox addon from password maker (http://passwordmaker.org/) for basically all my regular/non-critical web accounts. This basically has the benefit of only needing to remember one password while avoiding exposing the password to all of my accounts if one of those sites should get hacked. For critical/financial websites I use PasswordSafe (http://passwordsafe.sourceforge.net/).

The problem I have with LastPass.com is that it is a single point of failure outside of my control while also a high profile target for hackers (see the recent scare (http://blog.lastpass.com/2011/05/lastpass-security-notification.html) although I understand it turned out to be basically nothing).

Janzert



Arimaa Forum » Powered by YaBB 1 Gold - SP 1.3.1!
YaBB © 2000-2003. All Rights Reserved.