Situation
Over time I am required to choose and use many passwords in different environments. Some on my computer where I could choose to use a password manager, but many on client systems where I may not even have online access and definitely can't plug in a storage device. Sometimes one cannot even bring in any auxiliary resources like a phone.
Question
Assuming that I don't want to use a password manager and have to select and use passwords manually, what would be a good system for this?
Ideally the system should meet the following constraints:
System constraints
- It should give me a password for (nearly) any combination of password constraints (see below)
- It be comparatively easy to remember/recreate if I know the setting (and the date?!) and its constraints
- It should be secure against someone who knows the system (but not the input parameters)
- It should be secure after I use the system in an insecure environment and the password used there may leak. I am not worried about someone knowing more than 1 leaked password.
- Bonus: It would be nice if it was secure against someone knowing an old password.
Example password constraints
Typical constraints in choosing a password (of course they vary per system):
- Between min and max characters
- No symbols / at least n symbols from a limited set
- At least some letters of each case
- Password must be changed periodically and does not match anything from last M periods
I am not worried about only numeric passwords
What have I tried?
I tried to come up with systems, but have not found anything that meets all system constraints (Or is good enough in general).
Example 1: smallest first fit
Just to show what a system could be like, I will mention this ridiculous example.
- Keep adding the letter a, until the minimum character count is satisfied, for example aaaaaa
- Recursively change a character till the constraints are met, you could end up with aaaaA1
This system will generate a password that can always match the requirements. Of course its strength can be horrible if you don't start with a random string. So this system would either fail system constraint 2 or 3.
Example 2: start with the core
I feel like this is not a strong system, but I believe it does get used in practice.
- Choose a (hopefully strong) core, for example: securitystackexchange
- Tweak it to match the requirements, for example: Securitystackexchange01
If you have a long core, it can typically lead to weak passwords when the max chars is limited. For example Security01. Also this system does not meet system constraint 4.
Example 3: Choose random characters within the requirements
- Choose random characters within the requirements
One cannot remember many of these, so this does not qualify as something I can use manually and I would say this fails system constraint 2.
Update regarding password managers
I am not worried about the quality of password managers, and understand that their use would make this question trivial. However I am looking for an answer that does not require them because you may not be able to conveniently use them everywhere. For instance when it is not allowed to access the internet, install programs, or bring your own device.