General discussion


How about password STORAGE?

By HavlicekChas ·
A lot of articles written here at TechRebublic and other forums, blogs, etc. are about creating passwords. I've seen quite a few good ideas about strategies and personal systems for creating strong passwords that aren't dictionary terms or typical strings that a brute force attack can overcome easily. Many of the articles have some really nice suggestions for masking a new password so that it can be remembered AND still be secure. So far, so good: for one or a few passwords!

The problem is that in the real world people have lots and lots of passwords - usual more than they think. Once they get past a couple of strong passwords that they can reasonably carry around in their heads, most people will fall back into old habits like reusing passwords, or using your children's names and other words that can easily be guessed. Any strategy for creating passwords has to make sure that it is used consistently. The weakest link in the security chain is always going to be us: the drive of human nature is for us to try to eliminate work and make things easy.

My approach is to take several elements that I like best from some of the proposals I?ve seen and use them for a couple strong passwords. (I?ll leave it to you to pick and choose your own!) I can remember a couple strong passwords, but not for all the online accounts that I have. One of the passwords I use as the master password in Sticky Password (http://www.stickypassword.com). I?ve mentioned it in a couple of forums here at TechRepublic. I?ve tried a few programs over the last several years, and it?s the best program I?ve found. With Sticky Password, I can have it create the strong random strings as passwords, or I can have it store a password that I?ve created.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -


by cmiller5400 In reply to How about password STORAG ...

Is this an ad for the site?

Collapse -

Good Eye Nail him with the button

by IC-IT In reply to ummm

That is all he has ever posted about (3X) since the day he joined (and first posted about it).
The button is yours to push, I stand aside. ;-) :-)

Collapse -

Sorry I already pushed the button

by JamesRL In reply to How about password STORAG ...

Based on a) only posts ever made all reference stickypassword, and this one isn't even connected to another discussion or question and b) His name, Havlicek, is Czech, which coincidentally is where the company that owns stickypassword is from (joint venture with Ukranian company).

So it smells a little bit fishy to me.


Collapse -

contributing to the dialog

by HavlicekChas In reply to Sorry I already pushed th ...

Let me get this straight, if I say positive things about the Orioles (which isn?t easy these days) and don?t mention other teams than that means I work for the Orioles?

As you know from my profile I?m new here and still getting my feet wet. So I?m sure I don?t know all the rules. Since I?m just starting I?m writing about what interests me. I?ve gone through a few password managers (www.roboform.com, www.lastpass.com) and found what I like, and they weren?t it. I don?t like extra toolbars and I don?t like my passwords stored in the cloud somewhere. Why shouldn?t I talk about it?

I finally make a contribution other than to comment on someone else?s idea and that?s a bad thing?

Collapse -


by JamesRL In reply to contributing to the dialo ...

Your first post in September 09 was an enthusiastic endorsement of stickynotes. You included the URL.

Your second post in October 09 was an enthusiastic endorsement of stickynotes. You included the URL.

Your third post in March 2010 was an enthusiastic endoresement of sticknotes. You included the URL.

Your fourth post, the first discussion you started was about....wait for it....stickynotes, another enthusiastic endorsement. Shockingly, you included the URL.

This despite the thousands of other posts here on many technical and non technical subjects, these were the only ones you decided to post, and they all contain an enthusiastic endorsement and the URL.

Methinks you use google or a service to find internet discussions about passwords and then you shill for sticknotes.

You have no contacts listed here, you don't allow us to privately email you. Perhaps because we might find out your affiliation?

What other conclusion can we draw. That your only IT interest is in stickynotes?


Collapse -

That was my observations also [ NT }

by IC-IT In reply to Conversely
Collapse -

Yea, he obviously didn't get it

by JamesRL In reply to That was my observations ...

I did by the way goole Havlicek and stickynotes and found some links to developers forums....Not conclusive but....


Collapse -

Excel spreadsheet?

by Aaron Mason In reply to How about password STORAG ...

Why not just select a cell in an excel spreadsheet and slam your fist on the keyboard?

A random password generator is relatively simple to write in VBA.

Collapse -

too random

by HavlicekChas In reply to Excel spreadsheet?

Depending on the size of your fist, the result would be as random as the keys on the keyboard, and you probably couldn't mix upper and lower case, or mix in numbers and special characters. Plus, it would be really hard to remember the password, and even harder to remember more than one. And that's the point I was hoping to bring up - most people don't want to spend the effort to remember hard things. That's why they use the same password over and over again.
And that excel spreadsheet isn't the best idea for all sorts of practical reasons.

How big is your fist?

Collapse -


by RPip In reply to How about password STORAG ...

Without posting a URL or getting into any sidebar discussions... I keep it simple on my systems by storing passwords in a simple text file, then encrypting that with AxCrypt. One strong password is all I need to remember. Is there a downside to this?

Related Discussions

Related Forums