Ask HN: How do you manage your passwords?
Perhaps I'm just more aware of it, or perhaps it's happening more frequently, but it seems like every couple of weeks a major service demonstrates that they have exposed some user data or passwords.
Intellectually, I know I should be using a different password for every service, game, and application I use. Practically, I reuse a handful of long, strong passwords.
I'd like to change that practice. I'd like to use a different password on every service, but that's probably a few dozen passwords. Too many to remember practically, in any case. There's a lot of misinformation out there about how to do this correctly, and I'm looking for examples on how to do it right.
15 comments
[ 2.9 ms ] story [ 51.3 ms ] threadSimple and quick to use which helps maintain the discipline.
Something else I found interesting is Apple allows a max of 32 chars in their passwords. I discovered this as the password I was trying to set was significantly longer than this. Does this not suggest that the passwords are not hashed? If they were the length of password would not matter as the hash outputs are identical lengths and Apple could set the db column size accordingly.
Password management still seems like an unsolved problem.
Specifically, I use Password Gorilla (since it's psafe compatible and cross-platform) and SpiderOak (since it's encrypted and cross-platform).