Just write them down on a piece of paper. You think someone's going to break into your house looking for a piece of paper somewhere with your passwords on? :p

I dont think its ARMS ruplayer, it is just embedded in my windows.

nvm, thought you worked for law enforcement agency.

Are you talking about ARMS? ARMS makes me do the same exact thing every 3 months.


@Cracker Jack I disagree, in fact you are less secured than a person that is choosing a favorite hobby + date of birth for password. Systems make more sense than random events. Lets imagine that you just registered on autoparts.forums.com give us a password that would be generated by your system and we will encrypt your system with knowladge that there is a system. In other words one of your accounts on some random gaming forum gets hacked and the next thing you know someone is cashing out your banking account.

Again, the system contains arbitrary elements and connections. Knowing that my password on war-lords is XXYZ (which could be something like XanderXanderYapZoro) doesn't tell the person that the X corresponds to the letter w, X corresponds to number of letters in the first word, Y corresponds to L, and Z corresponds to the number of letters in the second word. This isn't how my system currently works, but it means that the system is useless to someone who wants to access my gmail account if they don't have the corresponding word for g or m, much less whether or not the system is currently set to a first letter-number of letters per word cipher or a number of letters-last letter cipher.

Two middle class Russian cryptologists would have had all your passwords withing a day if they had only one of them available.

I've been using KeePass for almost a decade now. KeePass itself is 256bit AES encrypted, and on top of that I place it inside a TrueCrypt container.

I only know, and have, ONE password... all my other 170 or so passwords are something like: nOdMVR6/c=o%FIT*p""z

my password for WL is: 1=8CqiexeH\vIobYPPAzFg+409KaK.3s,1h'+J"N

XD

my KeePass database travels everwhere on my phone with me so i will always have them

Pew

Two middle class Russian cryptologists would have had all your passwords withing a day if they had only one of them available.

Again, they would have no where to start with only one because the key is longer than the cipher, and it doesn't have a definite number of operators, which makes algorithmically reconstructing the key impossible. One password could be RussianPolandSweden, and another could be LightTacoMadness. While the pattern would be easily figured out with the key and a few of the passwords and their corresponding websites, the key doesn't exist in electronic format.

If you really think it would be easy to crack with a single password, you either don't understand how the system works, or you have a very tentative grasp on cryptology.

Again if you have RussianPolandSweden on one site and LightTacoMadness on another site, than it's not so hard to figure XxxxXxxxXxxx on the third site. It's even easier if it's machine generated. Passwords RussianPolandSweeden on facebook and LightTacoMadeness on gmail may not throw any light on their similarities and systematic formula for you, but it will definitely mean something for other people. And yes, It's very hard and almost impossible with one password, unless you get to unveil relation between password and site, but having two or even more passwords makes it very easy for cryptologists.

Even though I did overrate middle class Russian cryptologists, look at this from this point of view, A is your site, B is your password, C, D, E, F, etc. are any additional sites, and C1,D1,E1,F1 are any additional passwords available. We have a formula (A:B) = (C:X) (where "x" is unknown) with a single password, very hard, but not impossible to find any additional password , and (A:B) = (C:C1) = (D:X)(where "x" is unknown) with 2 passwords available, makes it relatively easy task to do. Because A to B is parity to C to C1 and is parity to D to X.

And the only way not to get all your passwords unveiled is to generate them randomly with random characters, but you already mentioned in one of your early messages, that system is used.

perhaps changing passwords regularly is the most secure way?