A random thought in these here crazy times... how many security codes, PINs, bank code numbers etc do you use and have to try and remember in the average week?

I'm not interested in prying, just felt it was approaching overkill, unless you do what you should not and use a generic 'based on my birthdate' code.

house security
3 x bank and credit cards
office security
couple of online banking codes, then passwords
about 5 cycling websites (okay, usually cheat and have auto login)
ebay
a bunch of professional websites
security at a club I belong to

okay, realised I'm up to 18 discrete passwords and codes without even trying. Sheesh.

There are a lot of sites where I have to request a new password every time I log in (sites that won't let you auto login). Especially if they require a certain amount of letters, plus digits, plus special characters.

I don't have to remember any of them. With Apple's Keychain program, I've got a place to securely store all of them, and add more.

I'm surprised they haven't invented a universal card or fob that, in conjunction with ONE PIN, will work at your ATM health club, supermarket, etc.

tell me about it - the password security requirements at work are crazy. i can understand the need, but at some point the complexity of the password requirements forces people to write this stuff down, which is, of course a no-no.

cant stand it myself.

My bank requires a login name, Password and 6 digit+ security code.
After finally getting used to all that, now they have decided
that instead of entering the security code, they want you to enter the
2nd, fourth, and sixth digit of the code (today) and maybe the 1st, 3rd and 4th
digit next time.
Ha Ha Ha Ha
I finally got in after nine tries!

All in the name of security, I guess.

All I wanted to do is to see if I'm still getting my awesome .00001% interest rate on savings!

Ha Ha Ha welcome to the 99%

For computer stuff I use a tool called KeePass (on the mac or OS X its KeePassX). I have a different 15-20 character random password for every site. It stores them all in an encrypted DB.

Cause you do not want to use the same password on multiple sites, if one site were to get compromised the rest would be exposed as well.

-Joe

Cause you do not want to use the same password on multiple sites, if one site were to get compromised the rest would be exposed as well.


I'm about the worst case of ADD you'll ever meet. My memory seems to have no chronology to it at all. Imagine taking everything you've ever tired to memorize and jamming it into 10 minutes - welcome to my world... My bank account has had the same password for the past 27 years. The little device to keep passwords wouldn't work, I focus on something else, it gets lost. People don't understand that this is a handicap and I'll never be able to function normally in a world where everything has become password driven and menu based interfaces. I've known for a long time that I have no sense of direction. Tell a normal person to go right then left then right, and that's what they do. Tell me the same thing, a second later I don't remember the order. Menu based interfaces on computers and phones are the same thing, your selections are based on the screen before that, which is no longer right in front of you. This isn't a problem for most people, it's impossible for me. Anything that requires a password I simply don't use. Think about how much of your life that would change...

For computer stuff I use a tool called KeePass (on the mac or OS X its KeePassX). I have a different 15-20 character random password for every site. It stores them all in an encrypted DB.

Cause you do not want to use the same password on multiple sites, if one site were to get compromised the rest would be exposed as well.

-Joe

+1 Keepass is free and a digital life saver. With a password/pin manager you only have to remember 1 password. It is free, its database is encrypted, and it can autogenerate passwords and pins based on a multitude of criteria that you can define.

"the complexity of the password requirements forces people to write this stuff down, which is, of course a no-no. "

Yep, wrote all of mine down. when i didn't it was a mess spending to much time creating new passwords only to be forgotten a day later. and If they get comprimised.......

To me, this is one of the biggest failings in computing. When I first started using CRT based computers (as opposed to punch cards) in the 70's the authentication protocol was user ID and password. Forty years later, nothing has changed. Yes, there are programs such as keepass or the apple keychain but these only work if you're on your computer. What about when you're at a friends house? Standing in front of the ATM at your bank? Logging in from another country?

There has been a lot of research into authentication mechanisms over the years and some of them are fairly simple and robust but none have been widely (read: universally) adopted. Until that happens, hackers rejoice!

I've not counted them lately but the last time I did I had 42 different accounts, most with different user ID's and all with different passwords. Ridiculous.

Yes, there are programs such as keepass or the apple keychain but these only work if you're on your computer. What about when you're at a friends house? Standing in front of the ATM at your bank? Logging in from another country?

That's why you get an iPhone :-D

But I agree with your sentiment, there is room for improvement.

For computer stuff I use a tool called KeePass (on the mac or OS X its KeePassX).
-Joe

At the suggestion of a co-worker who has been using KeePass, I just started using it. Keep the encrypted file in DropBox and/or on a fob, and you're set. You can also just keep the executable and the password file on a fob and run it from there.

There's too many people out there trying to get into bank accounts, and I'm too old to start at $0. :eek:

Murph

I am guilty of using the same password as much as possible so that I don't have to remember which password with which site.

Couple that with the fact that many user names are your email address and every time you sign up for a website or service, you have just given them your credentials to access your other stuff.

The thing is, what if biometric identifier technology such as retina scans were inexpensive and ubiquitous? I'd feel uncomfortable with that.

It's a never ending balancing act between safety/security and privacy/intrusion.

Also check out 1password. Not free, but has a nice encryption algorithm.

https://agilebits.com/onepassword/mac

I am guilty of using the same password as much as possible so that I don't have to remember which password with which site.

Couple that with the fact that many user names are your email address and every time you sign up for a website or service, you have just given them your credentials to access your other stuff.

Me too.

I use 3 passwords.

One plaintext password for all my forums.
One password of random letters and characters for my banking sites.
One for my email (which is actually my banking sites minus one character).

I don't care if someone steals my forum info (sorry if my future-self rips you off or something ;) ). Banking sites, I have the same password but different usernames.