I use an algorithm to have different high security passwords for different websites and still be able to remember them following rules I adopt for every website. I mix my username, the website url, a known token and some punctuation.
Example: let's say that I need a password for hacker news.
- Let's say that I like dolphins, so my chosen token will be Dol
- I decide to take the second letter from each word in my username: exa (D e usE x M a china)
- I decide to take the third letter from each word in the domain name: wom
- I then choose some punctuation to mix in the password: #&%
Now I'm ready to assemble my password: Dol#exa&wom%
If I have an account on www.yahoo.com with ginger.roger as username, the password would be Dol#io&whm%
It's long enough (but I can making it longer, if I want), uses capital letters and special characters (you can also throw in some numbers, this was just an example) and if someone looks into a database the password is not distinguishable from a random one.
I use a similar method; the "algorithm" is different of course, but I too use a unique password for every account I have anywhere, which I calculate in a similar fashion.
My algorithm is a bit simpler than the one you described though, I can figure out a password I don't remember in just a few seconds. That also makes it less secure of course, I just think its sufficiently secure.
I still enjoy the method I picked up from patio11: a sentence with a few numbers thrown in and maybe a mispelling that only I'll remember. This works exceedingly well as I also speak Japanese and throw in wrongly transliterated japanese words into the mix. I can have 2-3 passwords (throwaways and "OMG never use this outside of the most secure sites") and remember them all easily.
Simple and elegant, that really sells it for me. I user SuperGenPass which is great as long as you can run javascript when you need your password. The latest trouble I've been having is on my android device when logging into applications. It's enough to make me want to learn how to write an input method for android/supergenpass.
Short, low security (simple passwords, e.g. a mashup of 2 words or an uncommon word with a typo/1337 edit): Memory
Very very long, or very very infrequently used: Paper slips. Stored somewhere less obvious than a wallet.
Lastly, my favorite:
Long/High security: My hands. No joke. The muscle memory in my hands currently knows about 5 complex passwords that my brain has partially forgotten. The only way I can give someone the password is to pretend I'm typing on a keyboard and tell him what I'm typing.
I lost one of my best passphrases, to Bank of America, because after eight years of having it in muscle memory I became unable to recall it. Two days after getting it reset (to something far less secure, of course) I was typing it accurately again...
Here's a twist - write them all down, but have a common prefix, suffix or replacement that you use. So every password on the paper is followed by "pi43?".
My last password (now changed everywhere it was used) was "I once had a giraffe named Benjee. He was a mightily large fellow!"
Happily, nothing ever said "maximum length exceeded" when I registered that. I think, like our move away from IE6, the short password days are mostly over.
Thankfully systems like 1Password have made this process automatic and still secure, across multiple devices. You can even put all your passwords on your iPhone :-)
That said, for things like PIN numbers for credit cards, etc, you can come up with some reasonably secure but still not easily guessed systems, such as using the last digit of each quad of digits on the card or two pre-decided groups of two. Different PINs everywhere, hard for anyone else to guess, and not hard for you to figure out :-)
I do this, but I leave it on a sticky note behind a piece of furniture, or in a file folder related to the account. But I don't put the actual password on; rather, my passwords consist of a "leetspeak" word, and the sticky note has a fairly simple hint one to two degrees out-- but if you even guessed the answer, you would still have to figure out the numbers in combination.
For example, if I used 5p0ng3b0b, I would write "who lives in a pineapple under the sea?" or "Patrick"
... or maybe I'm missing how this would be easy to break? Dictionary wouldn't work, brute force would take too long, and idk enough about rainbow tables to know their time frame.
Writing on a piece of paper is exactly what I do. With one difference, that I find having them in the wallet a really stupid advice. The ones I use the most, I remember, and just in case I have them securely written at home along with lots of other ones, in a place only I know. Why would I carry them around where there's a chance someone can look at them (even when obfuscated) and I won't even know that they have been copied?
I take it you leave your credit cards at home as well, then? There's definitely "a chance someone can look at them (even when obfuscated) and I won't even know that they have been copied."
I strongly disagree with the idea of keeping passwords in your wallet. Do I really need my PayPal password in my wallet? No. If I'm doing something that requires a password I'm probably at home or the office and I should have a relatively safe place to keep passwords at either location.
If your credit cards get stolen, you can cancel them. If they're used before you get a chance to cancel them, you aren't liable for those charges.
If your password gets stolen, you might be able to change it. But if the attacker gets there first, all you can do is get in touch with the website and say "my password got stolen and changed, please return my account" and hope they comply.
If you don't write down what your password is for, you're probably safe (but keep a backup, especially for email) - but only as long as most people don't do this.
Bit by bit, people will memorize long passwords, too, after repeated exposure and handling, and at that point they will stop using the piece of paper with their long, hard-to-guess password scribbled down on, and it will have turned into one more memorized password.
The one single long password I have is 28 characters long; a random password I tapped on the keyboard and then wrote down on a piece of paper, used to administrate my ADSL modem's NAT/wifi/etc. which sadly can't be configured to allow only local login, hence the need for an "unguessable" password - however, not only have I inadvertently, from typing in the password many times, memorized the full password by the character, but I've also inadvertently memorized it motorically, and can without thinking repeat it on the keyboard in a second.
I agree fully on Schneier's advice, though, as the longer and the more random the password, the lower the chance for a dictionary or brute force success, but I'd store the piece of paper somewhere else than in my wallet :)
Example: let's say that I need a password for hacker news.
- Let's say that I like dolphins, so my chosen token will be Dol
- I decide to take the second letter from each word in my username: exa (D e usE x M a china)
- I decide to take the third letter from each word in the domain name: wom
- I then choose some punctuation to mix in the password: #&%
Now I'm ready to assemble my password: Dol#exa&wom%
If I have an account on www.yahoo.com with ginger.roger as username, the password would be Dol#io&whm%
It's long enough (but I can making it longer, if I want), uses capital letters and special characters (you can also throw in some numbers, this was just an example) and if someone looks into a database the password is not distinguishable from a random one.