Which would be not to register at every obscure website that asks nicely and keeping the number of passwords you have to maintain and remember within certain limits.
On top of that I use different mail addresses for every place I register. As soon as I start getting unwanted mails, I know who to thank for that and can get rid of that account, the mail address and also the password.
"I don't know, extraterrestrial?"
"You mean like from space?"
"No, from Canada."
If software development were a circus, we would all be the clowns.
Having my own mail domain I can have as many email addresses on that domain as I can make up so if I sign up for xyzzy.com I create an email xyzzy@blab... so when the junk mail starts arriving to that address I know who sent/sold it. I have a catchall address that picks up all these temporary addresses and junks all of them after storage for a month. This gives me a chance to review them if I want to and keeps my real inbox clear. I don't even use my own mail domain for my own email anymore, just forwarding it to my gmail account.
- I would love to change the world, but they won’t give me the source code.
I use my email address, in most case I don't give a rats ass for suggested "at lease one character of sh*t", I just press password reset button. well codeproject gives me a random password within few seconds
I do not fear of failure. I fear of giving up out of frustration.
I use something similar to 'hierarchical protection domains[^]' so that unimportant sites get the generic spam password... higher level unimportant accounts get into the password rotation... e-mail accounts and other semi-important accounts get a unique password... and finally the most important stuff such as banking gets two-factor or multi-factor authentication.
Maybe not that - you're relying on developers handling different character sets and Unicode correctly, which is a stretch - not as hard for many developers as dates and time zones and things, but still...
Java, Basic, who cares - it's all a bunch of tree-hugging hippy cr*p
Anything that is unrelated to elephants is irrelephant Anonymous - The problem with quotes on the internet is that you can never tell if they're genuine Winston Churchill, 1944 - I'd just like a chance to prove that money can't make me happy. Me, all the time
I've settled on a prefix system, a short 4-6 sequence with letters and numbers, followed by the site/thing the password is for (i.e. Codeproject for this site). And if you capitalised the first letter of the site/thing, you've met most of the common requirements, numbers, capitals and size.
Ideal, no definitely not, but easy to use and remember, as you can make the prefix sequence as complicated as you like, as its repeated use means your unlikely to forget it.
I started to do that. But when microsoft started directing me to outlook for my hotmail, i locked myself. Im just hoping I wont repeat my mistake if yahoo mail decides to switch to being called verizon mail.
I don't keep the passwords in my mind, other than those really crucial like my email and social media. Everything else is secured in my KeePass. I think this is a good practice.
On the other hand, My bad practice is, I always keep few sites logged in. Specially, the blogs and tech sites, even CodeProject, is always logged on in my computer(and I don't remember the password if I accidentally logged out and need my tiny USB to use the KeePass).
I believe in the practice you are promoting, and I would love to have a system that "fills in" the passwords: basically, only one password with two-step verification, is needed to be known (to get into the vault of passwords). Unfortunately, there is no company that I trust sufficiently to hold that vault.
Unfortunately, there is no company that I trust sufficiently to hold that vault.
Code your own
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
Likewise, I create a new proxy address for almost any account I activate online. Along with creating more complexity to hack other accounts, it also means that when someone has a breach and I start receiving spam to a particular address, I can usually determine exactly who leaked it.