I use the suggestion given by Joel Spolsky[1]: having the binaries of password gorilla for Windows, Linux and Mac OS X all on my dropbox. The cool thing about this is all my passwords are different for one another but I only have to remember one...
RoboForm. It is indispensable. It encourages good security because now you can use meaningless, random 15-character passwords that are different for every site. It's a pleasure to use. Signing on to a site is a breeze: Roboform not only remembers your password, but also the site's URL, and your User ID.
Caveat: you must include the Roboform password file in your daily backup.
I also print every user ID/password, and keep them in a binder with alphabetic tabs.
(I do not work for Roboform not have any financial interest in the company).
I use LastPass[1] to store most of my passwords. It has extensions for every popular browser, auto-fill capabilities and a lot of additional features I don't really care about.
The only password I don't store there is the one for Gmail. It's the most important account for me, moreover it's the place where all the password recovery emails are sent.
I spent some time researching the architecture of LastPass and I'm quite confident that it's secure enough. The decryption takes place on the client side and passwords are not visible to anybody who doesn't know my master key.
7 comments
[ 2.9 ms ] story [ 30.1 ms ] thread[1] http://www.joelonsoftware.com/items/2008/09/11b.html
Caveat: you must include the Roboform password file in your daily backup.
I also print every user ID/password, and keep them in a binder with alphabetic tabs.
(I do not work for Roboform not have any financial interest in the company).
The only password I don't store there is the one for Gmail. It's the most important account for me, moreover it's the place where all the password recovery emails are sent.
I spent some time researching the architecture of LastPass and I'm quite confident that it's secure enough. The decryption takes place on the client side and passwords are not visible to anybody who doesn't know my master key.
http://lastpass.com/