Passwords

so I Have a bunch of different passwords to use on sites from health insurance, to car insurance, toi my bank, etc

how do you guys manage all the different sites, u sernames and passwords?

currenly, i just a Word Doc spreadsheet....or those post it notes that is called, "sticky notes" on my windows 7 computer and I keep a link to to the site, like the amazon credit site isnt the amazon site and my 401k site is something I need, but rarely use

than ks

 

you can have a look here and see if something strikes your fancy
http://www.majorgeeks.com/files/categories/password_managers.html
good luck with it

 

I use what i term a 'generic' password system, let me explain!

Usernames are easy enough, its mostly an email addy we are familiar with anyway.....its the passwords we need to shore up.

I use the target web name, followed by my common number sequence for all my logins across the network. This method is security enforced by using a 'character' both at the start of the pass, and at the end.
This virtually makes it almost impossible to brute-force, or dictionary attack my passes.

Lets just say my common number sequence is 98154, and my chosen character is #

If i were to log into Facebook, my pass would be #facebook98154#
If i were to log into majorgeeks, my pass would be #majorgeeks98154#
If i were to log into pornhub (lol), yep.....my pass would be #pornhub98154#
If i were to log into twitter, my pass would be #twitter98154#
Get the drift?

With this method i never have bother with recording passes in a notepad/word doc, using a password manager or storing any info either on the hard-drive, or within the cloud. Doing so would be way more insecure than the method i use.
Its all stored in the 'grey matter' quite easily with a systematic approach.

I never have to give a second thought to what my password would be, even though i probably have over 100 logins to contest as i don't ever allow my browser to store them to cache. This would also be a security risk imho.

If i wanted to log into ebay, what would my password be?

Naturally you would never let another living soul know what your number sequence was, or the special 'character' that you choose to use!

 

Is this really that secure? It would be so much better than using a password manager, although I hate typing in a bazillion lol. At least I wouldn't have to write them all down, but I do need a form filler.

 

No need for form fillers, once you commit your above pattern sequence to memory, its all website related........your security is your personal number sequence with your added characters.

Its secure if you never share your number/character sequence with anyone

 

Thanks Replicator. The form filler would be for name, addy, and phone number.

 

Thats cool but as stated by plodr, store any sensitive info forms or the like, Offline!

Many Bitcoin Wallets are stored this way today.........We should treat our sensitive data the same way!

You cannot hack, what is not there

 

Exactly. Thanks

 

This may be the wrong section to raise this issue although it is related, in that I am wondering why using both Google Authenticator and also trying Authy, why neither work as after scanning the code provided and entering the number given, I have repeatedly received and error message "The two-step verification value could not be confirmed. Please try again." which I have done multiple times and always getting the same error.

 

I use KeePassXC. It's FOSS, cross-platform, encrypted and can be unlocked with a master password, key file or hardware encryption device such as a YubiKey.

Used to store passwords, all sorts of login details, 2FA recovery codes, attachments and more. Here is the documentation should you be interested. I use this application to create extremely high entropy passwords that not even I know myself.