Actually your abortive first post was funny and I thought it was intentional!
"Here's a list of my three secrets for managing password 1. 2.
3. " LOL
One method could simply be picking a baseline train of thought and build on it:
Iteration1: This is really dumb!
Time for password change, then move it to: This is really stupid!
Round 3: Is this really stupid?
Then you can add adjectives, etc.
Dave
From: Dean Cunningham [mailto:[email protected]]
Sent: Tuesday, April 28, 2009 5:05 PM
To: NT System Admin Issues
Subject: Re: Managing your passwords was (RE:Password Policy - - how do you
handle this?)
lets try that again
1. for general internet use. if compromised will it matter (e.g. this gamil
account only used for mailign lists)
2. more serious internet use (ebay and other sites that could cause me a bit of
trouble (ie bidding on things i don't want and my reputation being sullied)
3. internet banking etc. (compromise means i just lost money,job total
reputation)
each are based on an alogrithim .
e.g.
1. a word or two with maybe using 3 for E etc maybe increment by a number at
each change
2. a different word or saying always using 3 @# %
3. a complex arrangement of letters that never chaneg, unless I want to
all memorised
for work, any password, complex with a copy in the safe on usb key and
hardcopy. If my memory fails the safe is the
next place
On Wed, Apr 29, 2009 at 11:55 AM, Dean Cunningham
<[email protected]<mailto:[email protected]>> wrote:
I (for personal use) have 3 levels of password "series" or "alogritim" based on
sensitivity
1.
On Wed, Apr 29, 2009 at 5:33 AM, Jonathan Link
<[email protected]<mailto:[email protected]>> wrote:
I thought I'd hijack this thread and ask how others manage the myriad passwords
they have.
I did something crazy when I got to 10+ passwords, I started writing them down.
I have two lists, one is a list of sites, the other is a list of passwords.
The list of sites is stored in my network share, the passwords are actually
stored in a handwritten note in my wallet. Neither us useful without the
other, and in the event I'm mugged for my wallet, I have a relatively
convenient listing of all the myriad passwords I need to set about changing.
And to answer a question, no, my work account password isnt' stored anywhere
except in my head. I've also found I'm much less likely to recycle a password
accidentally using this method.
I have no idea where I came up with this, I doubt I'm creative enough to think
of this on my own.
-Jonathan
On Tue, Apr 28, 2009 at 1:09 PM, Ben Scott
<[email protected]<mailto:[email protected]>> wrote:
On Tue, Apr 28, 2009 at 12:28 PM, Jeremy Anderson
<[email protected]<mailto:[email protected]>> wrote:
> Passowrd Policy is that password expires after 90 days, 10 passwords
> remembered, Min Password age 0. On the 89th day the user changes their
> password 11 times back to the expiring password. Changein the Min password
> age to 1 would prevent that from happening.
That's it exactly.
For some of our government interest systems, it's min age 7 days, 24
passwords remembered. That's about half a year's worth of weekly
password cycling to reuse the same password. Also max age 90 days, 12
character minimum, complexity checking enabled. There are several
such systems, and you're not supposed to use the same passwords across
multiple systems. Oy, passwords coming out my ears.
-- Ben
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
