Sorin Dolha suggests in the comments to this post that rather than coming up with a unique password for each site, or having several remembered passwords, or resorting to the "whoops... I forgot my password" form on most websites that a methodology should be implemented instead. For example, if my methodology is the number of letters of the domain name, followed by the $ sign, followed by my first name, and some random year I like...say the year I first went online, then my password for amazon might be: "6$Jason$1990"; (or you could be more complex). Fun, easy, and annoying to hack. Great reasoning Sorin! This is another of those "Now why didn't I think of that first?" ideas...
It looks like the number of passwords that I have to remember grows linearly over time. Since I don't have the best mnemotechnic abilities I decided today that it is OK to just forget them. Then, I just tell the whatever-site-I-must-log-on that I've forgot my password and ask it to send it by email (or reset it) each time my cookie expires. Then I simply cut & paste the password from the received email and voila, everything seems to work fine. This also allows me to implement real cryptic passwords without any fear that I might forget them later.
P.S. Yes, I know that SMTP is not really a secure protocol... :-)
Previous Topic
