How do you store your passwords?

[michielnl]

Hi all,

How do you store your passwords?

This is how I store my password (and related recovery information):

1. First, use two factor authentication for your wallet.
2. Do not forget to store the keyphrase to re-enable this on another phone if needed (if you will loose your phone).
3. Use a long 'random' password, like: fLF)(kfkljf_(&F763kjhdlzpgfI46#_!eoslks9fPFODu38347dhls98f5vcte_BTC_RULES_O_YEAH
4. Store your password (and related info to recover) in a text file in an encrypted RAR file (which is encrypted by 128 AES, with a very long password with capitals and non standard characters)
5. Rename this RAR file to an innocent ZIP / DOC / JPG
6. Put this file on USB and to a well known online cloud service (if your house will burn down)

By the way, it seems people are able to recover passwords for bitcoin wallets if needed:
http://www.reddit.com/r/Bitcoin/comments/1v5o9c/dave_bitcoin_walletrecoveryservicesgmailcom_saved/
http://www.walletrecoveryservices.com/
I hope I will never have to use them.

[miaviator]

Aegis secure key 16gb USB

Primary and backup

Paper wallets in a safe deposit box

One password needed

10 wrong attempts on that key scrubs the encryption key forever and destroys the data.

Hasn't been hacked at a convention yet. 

Oh  and the wallet key never touches an internet connected computer

[Vod]

I use LASTPASS.  (lastpass.com)

Cannot recommend it enough.  I have 15 character random unique passwords for every site I visit.

[miaviator]

I use LASTPASS.  (lastpass.com)

Cannot recommend it enough.  I have 15 character random unique passwords for every site I visit.

Great product for everything web based.  There are a few of them as well.  Roboform. Password box.  Etc.

[cdog]

I store them in my head, and they are 20 character passphrases not passwords.

I forgot one for a BTC wallet late last year. It wasnt fun but I remembered it after trying combinations for a few days. You have to be very careful.

Not backing up your wallet and losing or forgetting your passphrase are by far the easiest ways to lose your BTC. If your wallet is locked with a decent passphrase and backed up its 99.9999999999999% safe.

Also, consider the possibility, if you have a family, that something could happen to you. Plan for such a contingency (e.g., leave an envelope with passphrases for your wife in escrow with a 3rd party)

[zeetubes]

I use LASTPASS.  (lastpass.com)

Cannot recommend it enough.  I have 15 character random unique passwords for every site I visit.

Thanks for the suggestion. Lastpass looks perfect. And I have a couple of yubikeys sitting around gathering dust that i can try to use after I get familiar with it. I guess now I have something to play with for the next few hours. Cool.

As far as the cold storage wallet, last week I bought a couple of ultra cheap android 4.X phones in china (~$28 each) and they have no sims, wifi disabled, factory reset etc. And the only app installed is mycelium. When I'm happy with the setup, and i've transferred the coins, I'll send one to my brother and mail him instructions on how to unlock it and/or recreate the wallet.

Any thoughts on that strategy?   

[clubminer]

I store them in my head, and they are 20 character passphrases not passwords.

I forgot one for a BTC wallet late last year. It wasnt fun but I remembered it after trying combinations for a few days. You have to be very careful.

Not backing up your wallet and losing or forgetting your passphrase are by far the easiest ways to lose your BTC. If your wallet is locked with a decent passphrase and backed up its 99.9999999999999% safe.

Also, consider the possibility, if you have a family, that something could happen to you. Plan for such a contingency (e.g., leave an envelope with passphrases for your wife in escrow with a 3rd party)

I think not made backup it, but I forget wallet number not my password 

[Joohansson]

Keepass 2 on PC and kypass 3 on iPhone with dropbox to sync between them. The only password software you will ever need. Only have to remember the master password.

[EvilPanda]

I just keep them on pendrive in an ordinary txt file. I don't use all this sneaky renaming, noone touches my stuff anyway 

[b!z]

I just keep them on pendrive in an ordinary txt file. I don't use all this sneaky renaming, noone touches my stuff anyway 

And now anybody who wants to touch your stuff knows exactly where you hide your passwords.

[spin]

Keepass2 running on PCs and on phone and tablet. All of these are kept in sync with btsync. I love btsync for this as it is p2p file sync. 

[EvilPanda]

I just keep them on pendrive in an ordinary txt file. I don't use all this sneaky renaming, noone touches my stuff anyway 

And now anybody who wants to touch your stuff knows exactly where you hide your passwords.

So now he has to get my address, come here, break in, spend hours turning my house up side down searching for that pendrive and get the reward. Any volunteers? 

[Bitbuy]

Don't like having my passwords at some online service...
Why not use Keepass2 / Keepassx? Same functionality, only completely in your control?

I use LASTPASS.  (lastpass.com)

Cannot recommend it enough.  I have 15 character random unique passwords for every site I visit.

Great product for everything web based.  There are a few of them as well.  Roboform. Password box.  Etc.

[Bitware]

KEEPASS database inside a truecrypt container.

[jonanon]

I keep my main password in my mind - I've memorised it over time and think it's the most secure - unless I die and no one can retrieve it 

[guybrushthreepwood]

I store them in my head, and they are 20 character passphrases not passwords.

I forgot one for a BTC wallet late last year. It wasnt fun but I remembered it after trying combinations for a few days. You have to be very careful.

I recommend keeping passwords in your head, but not massive 20 character pass-phrases lol.

[jonanon]

I store them in my head, and they are 20 character passphrases not passwords.

I forgot one for a BTC wallet late last year. It wasnt fun but I remembered it after trying combinations for a few days. You have to be very careful.

I recommend keeping passwords in your head, but not massive 20 character pass-phrases lol.

Haha yeah, anything past around 8 or 9 characters becomes had to remember if you don't think about it every day!

[rext]

Hmm hide it in a swiss bank hahahah, overkill

[coinpr0n]

I just keep them on pendrive in an ordinary txt file. I don't use all this sneaky renaming, noone touches my stuff anyway 

Similar here. With a little maths (algorithm) involved to get the actual passwords.

[guybrushthreepwood]

I just keep them on pendrive in an ordinary txt file. I don't use all this sneaky renaming, noone touches my stuff anyway 

Similar here. With a little maths (algorithm) involved to get the actual passwords.

As long as you use the pen drive on a safe computer. I recommend using a linux boot CD. If your computer is infected when you look at the password text file you could be in trouble.