2
My wife and I use the same accounts on many web pages, such as music, video, and utilities. We're looking to improve our system to have us both able to login to the same accounts. Our goals:
- Ubiquitous access to determining and adding passwords.
- We use many computers, and need access from multiple locations.
- No software management tool or service. (e.g. RoboForm).
- We aren't looking to put all our eggs into one basket vulnerable to hacking.
- We want access without installing software if we're a guest on another computer.
- Fairly easy to use without memorizing a lot of secrets.
- We can handle memorizing a few numbers, or a list of 10 words or so.
Examples we're looking to beat:
- Plain text file hosted on a web server.
- Obviously too much of a security risk.
- Plain text file hosted behind a login based collobration site, e.g. a private wiki.
- Getting better, private wiki makes it easy for either to update it. But still too vulnerable as all passwords are plain text.
- Obfuscated text file hosted on collaboration site.
- Ok, now we're talking, but how to obfuscate it?
- Memorize a 3 character password prefix, only write down the unique bits after that.
- If someone knows one password and they find the list, the rest are obvious. - You better idea here.
- Memorize a 3 character password prefix, only write down the unique bits after that.
- Ok, now we're talking, but how to obfuscate it?
1Lastpass is the way to go – surfasb – 2012-11-11T03:39:49.130
I use google docs to store password hints, I'll write the first few characters of my password
I don't really value my security for many online message boards, or subscriptions to media websites like netflix – cloneman – 2012-11-11T03:43:33.723
"No software management tool or service." That makes this pretty much unanswerable, at least not in an on-topic kind of way. – Ƭᴇcʜιᴇ007 – 2012-11-11T03:49:53.657
Don't trust a password system you design yourself is an appropriate thought here. A software tool can easily make things available when on a guest computer (e.g. 1password Anywhere or LastPass). – Alan Shutko – 2012-11-11T03:51:50.303