Ask HN: How do you deal with all these passwords?
Nowadays everyone of us has so many electronic accounts(Facebook, emails, websites, forums, work, finance, e.t.c.).
What is the most convenient and secure way to deal with that issue? It has been a long time since my memory was sharp enough to remember all of them.
P.S: Sometimes I even forget my username :)
EDIT: my initial post was focused on passwords from the user's perspective. But, how do you deal with passwords in your websites as developers?
15 comments
[ 4.1 ms ] story [ 49.2 ms ] threadI use it on the Mac and sync over dropbox across my various Macs. Looks like there's a Windows version, never tried it.
The closest i've seen is keepass. I've seen implementations that read/write the keepass db for linux,windows, mac. The only android one i've found so far is read only :(
And I've to agree here, it's a must use product.
break your password into two hands' worth of typing, the first part on one hand is the same string of gibberish at all locations, the second hand adds a location-specific suffix of shorter gibberish.
If you pick a simple algorithm for going from location to suffix, you only have one hard-to-divine string to memorize -- and that's the hand you practice all the time.
Now if you'll excuse me, I have to go shoo some kids off the lawn...
That scared me enough to look at password managers, and after some research I settled on Keepass, and syncing the database via Dropbox. It keeps the username, password & URL, so that solves most of the problems I have.
It's cross platform (I care about Windows, Linux & Android) and seems reliable enough (I've noticed no bugs in about 6 months).
"Autotype" means I never need to see my server passwords, so they can be really random strings.
There are a few things it doesn't do and possibly aren't reasonably practical, e.g. remote desktop passwords, SSH passwords, Minecraft login etc. I do use it for storing misc things like SSH keys though.
As for passwords in my site, salt them, SHA2 hash them and throw them away.