Page 1 of 2 12 LastLast
Results 1 to 15 of 20
  1. #1
    2 Star Lounger
    Join Date
    Sep 2011
    Posts
    175
    Thanks
    21
    Thanked 20 Times in 11 Posts

    Here's a way to write down your passwords - safely!

    I originally posted this as a response to a discussion on this issue on another site and it seemed to generate a positive response, so since the Loungers here at WindowsSecrets have been so incredibly helpful to me with my computer issues, I thought I'd post this idea here in case it's helpful to anyone.

    Like many others who've written or posted on various sites with regard to passwords, I prefer LastPass (or Keepass) to keep my passwords safe, but if I need to write some down for any reason, I can do so with no security concerns. When I create passwords, remembering strings of random characters is way beyond the capacity of my aging brain, so I find it easier to just create little blocks of characters that I can easily remember and give them code names that will mean nothing to anyone but me.

    For example, let's say that your sister's initials are PDG, born on the 27th of April, and your brother's initials are MJD, born on the 6th of May, and that you all grew up at 673 Clarkson St. Your password could then be pdG27673mjD06. Your written-down code for that could be "SisClarksonBro" (without the quotes), or even SClarksonB, if that's all you need to remember what it stands for.

    Using this procedure (though you can easily invent your own - and should!), you could add blocks for Dad and Mom, your children or grandchildren, your pets, or anyone else you choose. However, if you want to get extra uses out of fewer blocks, especially for lower importance sites where a security breach wouldn't be life-destroying, you could, using this system, keep the "Sis" and "Bro" blocks, but vary the middle one (or the first or last, as you choose). For example, if your best friend Mike lives on Dogbreath Drive, your password could be pdG27DogbreathmjD06 and your written code for that could be SisMikeStBro or SMikeStB. If you do a series of these and can remember the constant bits, all you have to write down is your middle block (or whichever block you vary), so your written-down password list would look like:

    Site 1: Clarkson
    Site 2: MikeSt
    (Etc.)

    Also, please remember that you're not limited to only three blocks in a password (longer is always better), nor do you have to only vary one block. It's important to make up your own system [this is not the one I use, which is of course Top Secret, but just an example I made up for this post], with the key point being to use character blocks you can easily remember because they have meaning to you, and for which you can have a simple code that will jog your memory, but no one else's.

    There you have it, a way to keep a written-down list of password codes that are meaningful only to you and will be utterly useless to anyone who might find your list.

    Hope that helps.
    Last edited by HealingHands33; 2013-05-28 at 23:31.
    Windows 7 Pro, 64-Bit, SP1 on desktop
    Windows XP/Media Edition, SP3 on Dell laptop
    Windows 7 Home Premium, 32-bit, SP1 on HP Mini 5103
    Samsung Galaxy S2 running JB 4.1.2

  2. The Following User Says Thank You to HealingHands33 For This Useful Post:

    trofasteven (2013-06-07)

  3. #2
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,625
    Thanks
    161
    Thanked 933 Times in 853 Posts
    I also use Last Pass. In the Form Fill section there is a notes tab. I have added all my keys to various S/W apps there. You can also add all the different PWs as well. In this manner you only need to remember one Master Password to access your Last Pass account. Plus if I have to reinstall an app for whatever reason, the key for that app is readily available for the installation.

    edit: By the way, where did you get 4.1.2 for your Galaxy. My S2 is still at 4.0.4
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  4. #3
    2 Star Lounger
    Join Date
    Sep 2011
    Posts
    175
    Thanks
    21
    Thanked 20 Times in 11 Posts
    edit: By the way, where did you get 4.1.2 for your Galaxy. My S2 is still at 4.0.4
    Hi, Ted,

    The honest answer to your question is, "I dunno." When I first got my S2 last June, I found that I was able to upgrade immediately to 4.0.3 (ICS), which I'd used ever since. Then, a few days ago, I got a notification on my phone about a "Software Upgrade." I was away on business, so I postponed doing anything about it until I got back yesterday, at which time I tapped on the notification and found that it would upgrade me to 4.1.2 (JB). How or why or from whom I received that notification is a total mystery to me [I think it may have been from Samsung, but I'm not sure], but not being one to look a gift horse in the mouth, I jumped at the opportunity first thing.

    If anyone can explain how/why/from whom this sudden update notification came, I'll share your interest in learning that.

    Cheers,
    Al
    Windows 7 Pro, 64-Bit, SP1 on desktop
    Windows XP/Media Edition, SP3 on Dell laptop
    Windows 7 Home Premium, 32-bit, SP1 on HP Mini 5103
    Samsung Galaxy S2 running JB 4.1.2

  5. #4
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    6,491
    Thanks
    212
    Thanked 852 Times in 784 Posts
    Ted,

    I'm on AT&T & my S2 has version 4.0.4. When I run the manual check for updates Settings, About Phone, Software update it tells me I'm up to date according to the AT&T server and that I can check back in 24 Hrs. HTH
    May the Forces of good computing be with you!

    RG

    VBA Rules!

    My Systems: Desktop Specs
    Laptop Specs


  6. #5
    4 Star Lounger SpywareDr's Avatar
    Join Date
    Dec 2009
    Location
    Miami, Florida, USA
    Posts
    415
    Thanks
    4
    Thanked 44 Times in 35 Posts
    Another way to do it is use substitute characters in your passwords. For example:

    @=a
    3=E
    1=I
    0=O
    n=u

    $=S

    So, if you want to use the word "password" for your password, simply write down

    password

    but then type in

    p@$$w0rd

    as your password.


    Write down:

    WindowsSecretsLounge

    Type in:

    W1nd0w$$3cr3tL0ng3

    You get the idea.


    Only you will know that you're using substitutes for all vowels and a "$" in place of an "s".

  7. #6
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    6,491
    Thanks
    212
    Thanked 852 Times in 784 Posts
    S.D.

    Unfortunately, all of your substitutions, with the exception of n=u, are well known to the bad guys and if they know it they check for it. I'm just sayin'
    May the Forces of good computing be with you!

    RG

    VBA Rules!

    My Systems: Desktop Specs
    Laptop Specs


  8. #7
    4 Star Lounger
    Join Date
    Dec 2009
    Location
    Hillsborough (San Francisco Bay area), California, USA
    Posts
    596
    Thanks
    5
    Thanked 61 Times in 60 Posts
    Re: Galaxy SII - Sprint is up to v. 4.1.2. ??What's your carrier??

    Zig

  9. #8
    4 Star Lounger SpywareDr's Avatar
    Join Date
    Dec 2009
    Location
    Miami, Florida, USA
    Posts
    415
    Thanks
    4
    Thanked 44 Times in 35 Posts
    I agree, those particular substitutions are known. So use other, or add more substitutions, or combine it/them with something else, or . . .

  10. #9
    Silver Lounger
    Join Date
    Oct 2012
    Posts
    2,148
    Thanks
    12
    Thanked 249 Times in 242 Posts
    Our passwords are "freeze dried" so they can be reconstituted on the spot without remembering a thing except the phrase or lyric or passage they come from. Usually these don't include numbers so that's where the old street address or the answer to life, the universe and everything (reference to Hitchhiker's Guide to the Galaxy) comes in. Capitalize names and places or such. Method falls a bit short on special character inclusion but I don't know it that makes much difference to brute force computation effort or not.

  11. The Following User Says Thank You to F.U.N. downtown For This Useful Post:

    SkbInOk (2013-08-21)

  12. #10
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,625
    Thanks
    161
    Thanked 933 Times in 853 Posts
    I guess I will have to check because my SII is through Sprint as well.

    Well that sucks, I am still at 4.0.4 and my phone tells me it's Up To Date, both Firmware and Samsung S/W. You guys must ne considered very "SPECIAL" LOL
    Last edited by Medico; 2013-05-30 at 06:15.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  13. #11
    4 Star Lounger SpywareDr's Avatar
    Join Date
    Dec 2009
    Location
    Miami, Florida, USA
    Posts
    415
    Thanks
    4
    Thanked 44 Times in 35 Posts
    Quote Originally Posted by Medico View Post

    You guys must ne considered very "SPECIAL" LOL
    Yep, they even get to ride the "Special Bus"!

  14. #12
    2 Star Lounger
    Join Date
    Sep 2011
    Posts
    175
    Thanks
    21
    Thanked 20 Times in 11 Posts
    Quote Originally Posted by Medico View Post
    I guess I will have to check because my SII is through Sprint as well.

    Well that sucks, I am still at 4.0.4 and my phone tells me it's Up To Date, both Firmware and Samsung S/W. You guys must ne considered very "SPECIAL" LOL
    Hi, Ted,

    Perhaps that's the answer to your initial question about "where did you get 4.1.2 for your Galaxy. My S2 is still at 4.0.4." I'm currently living overseas and have my phone service through Vodafone, so maybe different phone service providers get updated at different times. It seemed like an update from Samsung, which you'd think would apply to all S2 phones everywhere, but perhaps the timing of updates varies with the phone service provider, though I'm not sure why that would be.

    Cheers,
    Al
    Windows 7 Pro, 64-Bit, SP1 on desktop
    Windows XP/Media Edition, SP3 on Dell laptop
    Windows 7 Home Premium, 32-bit, SP1 on HP Mini 5103
    Samsung Galaxy S2 running JB 4.1.2

  15. #13
    4 Star Lounger
    Join Date
    Dec 2009
    Location
    Hillsborough (San Francisco Bay area), California, USA
    Posts
    596
    Thanks
    5
    Thanked 61 Times in 60 Posts
    Al,

    The different phone service providers pass out the update at different times because they have to ensure that the update will work with their own modification (often crapware) of the OS. This is usually several months after Google has released the "official" update.

    Zig

  16. #14
    2 Star Lounger
    Join Date
    Sep 2011
    Posts
    175
    Thanks
    21
    Thanked 20 Times in 11 Posts
    Quote Originally Posted by Zig View Post
    Al,

    The different phone service providers pass out the update at different times because they have to ensure that the update will work with their own modification (often crapware) of the OS. This is usually several months after Google has released the "official" update.

    Zig
    Hi, Zig,

    Thanks for that explanation. What's interesting, though, is that I didn't buy this phone from Vodafone. It's officially set up with the original crapware from Telecom, Vodafone's biggest competitor here, but I bought it unlocked from a local electronics store chain and it has worked fine through Vodafone. As a result, I'm not sure whether the update would have come from Vodafone, with whom I have my service, or through Telecom, who originally marketed the phone. No matter, though; I'm just glad to have the update. Now if only I could get rid of some of the Google crapware, THAT would be great, but that would require rooting the phone and I rely on it too much to risk bricking it.

    Thanks again for the info.

    Cheers,
    Al
    Windows 7 Pro, 64-Bit, SP1 on desktop
    Windows XP/Media Edition, SP3 on Dell laptop
    Windows 7 Home Premium, 32-bit, SP1 on HP Mini 5103
    Samsung Galaxy S2 running JB 4.1.2

  17. #15
    New Lounger
    Join Date
    Jul 2010
    Location
    New York, NY
    Posts
    16
    Thanks
    1
    Thanked 3 Times in 2 Posts
    I store my passwords in my contacts folder -- using fake names that I recognize as fake.

    Thus:
    Sidney Banque
    2380 Westlake Blvd Apt #14J
    Los Angeles CA 91335

    Immerse this in your contacts list, and only you will know that your CitiBank password is 2380WestlakeBlvdApt#14j
    You can, in most contact lists, add comments, so as an alternative to the address, your list might have a comment, like "Birthday April 28th" (or "Wife Cathy, Son Charles @ U. Michigan") which is your password, Birthday_April_28th (or WifeCathySonCharles@U.Michigan).

    For complete camouflage, you could use the actual contact information of actual people, and adopt their actual addresses or comments as passwords. Use defunct contacts, or random strangers from the phone book, so you won't inadvertently change the entry. You can look up people named "C. Banker" or "M. Card" (or enter fake comments like "Knows Frank from Citicorp Dallas office") to provide cues to the relevant accounts.

  18. The Following User Says Thank You to jpdemers For This Useful Post:

    SkbInOk (2013-08-21)

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •