ArchaicArcane

100% correct. A couple of things I would add:
Use a Password keeper program instead of password protected documents. The documents use a very simple type of encryption that's easily broken. The password keeper (Keepass is my current favorite, I've used Password Corral for years) programs can use up to a military grade encryption.

Don't use a website for storing your passwords. Websites are hacked all the time. They're by their very nature less secure than your computer because of exposure. I seriously think it's only a matter of time before a site storing people's passwords becomes a major target. 3 sites that I belonged to were hacked -this year- including the Apple developers website. This is getting worse not better.

If you think changing one password is a pain, what's it going to be like to change every one that you have, calling your bank, canceling all of your cards and changing your bank accounts?

I'm not even comfortable with the password keeper programs that will auto fill your passwords. I think there's a lot that can go wrong in the wrong hands here.

If you want to use a service like dashlane or whatever - make sure that they're storing information with a one way hash, and find out what their storage and encryption methods are. I'm sorry to say if you don't want to know what hashs and encryption are, you shouldn't be storing your information anywhere out of your hands.

If you really want to keep a written copy of passwords - get a book that looks like other books in your book case, and file it there, not on your computer desk. Better still if it can be a "decoy" that says something like "War and Peace" on it. That'll deter most thieves. Getting up to get the book is good for your heart anyway - This is called security through obscurity and it's not a "good" security measure, but it's better than nothing.

For passwords, I use the sentence thing as well, I also change "S" for $ and "I" for "1" or "!" so it's extra hard to crack.

Exercise a little common sense too. Some passwords are less important than others. The one you log into to reload your starbucks card and has your credit card information? (you iTunes account?) Pretty important. Use all the measures you can, and don't let your browser remember the password!!

Let's say you only use craftsy to view the free classes and you never have or intend to buy from them. They don't have your credit card information, and they don't have 3 pieces of personal information (this is usually all that's needed to perform identity theft) - your password is less important, don't use the same one use used for your starbucks/iTunes account.

Keep track of your passwords in some manner so that when a website contacts you to say the dreaded "We've been hacked" please change your password here and anywhere else you've used the same one - you know which sites you need to visit to change your password.

Experience - Computer Systems Admin for 16 years before I gave it up this year.

JanieH

I have a small binder type notebook with alphabet dividers - it takes looseleaf sheets so I can add to a section as needed. Periodically I go through the book and xxx out the ones no longer needed.

RugosaB

I keep mine on a flash drive AND

There have been a lot of tornadoes around here recently (2 in the last 5yrs - that's a LOT for here) and I asked my son to get me a flash (that could be the wrong name for them, that's what I know them by) that I'll just keep in a bag on a hook on the wall to the basement. That way, if we go down there for a tornado warning, I'll just grab the bag and take it with me.
Ok, I'm a worrier, but I imagined my computer flying away, with the flash, and a couple of years later finding out my flash was found 2 states over, by a dishonest person.

BellaBoo

DH and I have a low limit credit card we use to do all credit card transactions. The low limit card has a different name and different credit info then what is on our banking info. The two are no way connected. We pay the card in full with a money order each month. If that identity is ever stolen it's really nobody!

kyrose

I use a small Rolodex and fill out the cards using memory joggers. First I write the name of the site, then the user name such as QuiltingGirl and finally the password; for example Hello would be H3___0. Most sites asked that you include a number or symbol so pick one that looks like a letter. @ for a $for S 3 for E 0 for o.

CAS49OR

I have an Excel spreadsheet right on my PC. It is usually in my "Recent Documents" folder for easy access to change or add PWs and to find out what in the heck user name and PW I used! I print it out on occasion in case I have to format my PC. Of course, I am NOT on a shared computer. It's my home computer.

Oh, I just read the security threads. I agree it would be super easy for a thief to steal my passwords.

I use the same few easy simple PWs for almost every site I frequently browse. I don't care who can log into them using my password, and they have no personal information on those sites. I use complicated long passwords with numbers and strange characters for bank and credit card sites, anything that involves my money. That is not stored on the PC.

cathyvv

I'd tell you, but then I'd have to kill you!

The technique I use most successfully is to take a common phrase or a line from a nursery rhyme, and turn it into a password. I've read that using symbols makes it MUCH more difficult to break a password, hence the (( and ** embedded in the password. They are a pain to type, though.

For instance, "Mary had a little lamb" becomes ((mary-had1little)**lamb

I also changed 'a' to 1 and had1little became one word.

The nursery rhyme makes it easier to remember.

coopah

My husband uses index cards. If he goes before I do, I'm in a world of trouble! They aren't alphbetized, so it will be a mess. Oh, you wanted to know how I ​ keep track. LOL!! I'm the one that has to be sent the password every time I use certain sites.

Abby'smom

I need to write mine down on paper-- but for now, I have Post-It Sticky Notes on my desktop and have some of my user names and passwords written down, some hidden among other notes and such -- as most of them are not really important, I keep them on the 'puter where I can easily get to them -- I keep my stacked notes covered by a blank cover note

PATTIESPEARL

I put them on a spread sheet. store them on a usb stick