If you follow the good advice of not re-using
passwords you end up with a lot
If you make them reasonably secure by making them
longer then you still have a lot of
passwords. But they are much more difficult to guess. (which is really
the point of passwords, right?)
So how do you remember them all?
My solution is to not remember them.
I use a password manager: It is a essentially a secure database of
passwords. It allows me to do things like:
- Not remember passwords - which is the main point
- Automatically "type in" the passwords - so I don't have to. I don't
even have to use copy/paste for this. Just one keystroke.
- Generate new (random and long) passwords
As a result, I honestly do not know most of my passwords. I can
clutter my brain with other things that are important to me instead.
Browser-based password managers are usually sufficient for most
people - and (all things considered) much better for most people: It
allows them to avoid re-using passwords and take away the pain of
That is: Until you start using a different browser. Or a different
The other browser (or other computer) will have no idea of what your
passwords are (it shouldn't - otherwise hackers would just use that
trick!). So many browsers now have features to synchronize them to
your cloud account (Google, iCloud, Microsoft Cloud or whatever). But
this means that you need to remember the username/password for your
cloud provider instead - which may be a good compromise for you.
For me, using the built-in password manager in a web browser is
insufficient: I have lots of passwords which are NOT for stuff used in
the browser - for example:
- Wifi passwords
- Shared network drives
- Linux user passwords
- Pin codes for credit cards
- encryption password for my backups
and probably more that I (obviously!) cannot remember.
- I switch browsers a lot
- I switch computers a lot
- I do not want to be reliant on a cloud provider
With a password manager like KeePass, my
passwords are saved on my computer in an encrypted database. I need a
(very strong) password to unlock the database.
Since I do not want to use a cloud provider for this, I needed a
different mechanism for keeping different computers in sync. More
about this in a later post.
Disclaimer: I have no involvement in KeePass - other than being a