Originally Posted by DebraK

I use a program called Last Pass.

Originally Posted by ArchaicArcane

100% correct. A couple of things I would add:
Use a Password keeper program instead of password protected documents. The documents use a very simple type of encryption that's easily broken. The password keeper (Keepass is my current favorite, I've used Password Corral for years) programs can use up to a military grade encryption.

Don't use a website for storing your passwords. Websites are hacked all the time. They're by their very nature less secure than your computer because of exposure. I seriously think it's only a matter of time before a site storing people's passwords becomes a major target. 3 sites that I belonged to were hacked -this year- including the Apple developers website. This is getting worse not better.

If you think changing one password is a pain, what's it going to be like to change every one that you have, calling your bank, canceling all of your cards and changing your bank accounts?

I'm not even comfortable with the password keeper programs that will auto fill your passwords. I think there's a lot that can go wrong in the wrong hands here.

If you want to use a service like dashlane or whatever - make sure that they're storing information with a one way hash, and find out what their storage and encryption methods are. I'm sorry to say if you don't want to know what hashs and encryption are, you shouldn't be storing your information anywhere out of your hands.

If you really want to keep a written copy of passwords - get a book that looks like other books in your book case, and file it there, not on your computer desk. Better still if it can be a "decoy" that says something like "War and Peace" on it. That'll deter most thieves. Getting up to get the book is good for your heart anyway - This is called security through obscurity and it's not a "good" security measure, but it's better than nothing.

For passwords, I use the sentence thing as well, I also change "S" for $ and "I" for "1" or "!" so it's extra hard to crack.

Exercise a little common sense too. Some passwords are less important than others. The one you log into to reload your starbucks card and has your credit card information? (you iTunes account?) Pretty important. Use all the measures you can, and don't let your browser remember the password!!

Let's say you only use craftsy to view the free classes and you never have or intend to buy from them. They don't have your credit card information, and they don't have 3 pieces of personal information (this is usually all that's needed to perform identity theft) - your password is less important, don't use the same one use used for your starbucks/iTunes account.

Keep track of your passwords in some manner so that when a website contacts you to say the dreaded "We've been hacked" please change your password here and anywhere else you've used the same one - you know which sites you need to visit to change your password.

Experience - Computer Systems Admin for 16 years before I gave it up this year.

Originally Posted by JoanneS

Thank$ - th1$ 1$ the be$t 1nfo I've $een on th1$ thread! I'm look1ng for the 'r1ght book as $oon a$ I f1n1$h typ1ng!

Originally Posted by gale

speaking of itunes, after hearing about accounts getting hacked often I only use itunes gift cards on it that I buy at a b&m store. Also, I will never again put my credit card info on walmart.com. Lots of people hacked there too.