yatsey87
|
|
January 14, 2014, 03:22:28 PM |
|
I just keep them on pendrive in an ordinary txt file. I don't use all this sneaky renaming, noone touches my stuff anyway Similar here. With a little maths (algorithm) involved to get the actual passwords. As long as you use the pen drive on a safe computer. I recommend using a linux boot CD. If your computer is infected when you look at the password text file you could be in trouble. If you have to write passwords down it kinda defeats the point. Just make a reminder. If your password is Bitcoinpimp2014 just write down btcp14.
|
|
|
|
guybrushthreepwood
Legendary
Offline
Activity: 1232
Merit: 1195
|
|
January 14, 2014, 03:27:11 PM |
|
I just keep them on pendrive in an ordinary txt file. I don't use all this sneaky renaming, noone touches my stuff anyway Similar here. With a little maths (algorithm) involved to get the actual passwords. As long as you use the pen drive on a safe computer. I recommend using a linux boot CD. If your computer is infected when you look at the password text file you could be in trouble. If you have to write passwords down it kinda defeats the point. Just make a reminder. If your password is Bitcoinpimp2014 just write down btcp14. Yeah, as long as you don't forget what btcp14 means lol.
|
|
|
|
BadBitcoin (James Sutton)
Donator
Sr. Member
Offline
Activity: 452
Merit: 252
|
|
January 14, 2014, 03:35:09 PM |
|
I store them in my head, and they are 20 character passphrases not passwords.
I forgot one for a BTC wallet late last year. It wasnt fun but I remembered it after trying combinations for a few days. You have to be very careful.
I recommend keeping passwords in your head, but not massive 20 character pass-phrases lol. I use a 9 word passphase with a acronym in the center, just what wikipedia suggests I do. As an added bonus, I can't spend my coins while intoxicated because my password is way too complex to type properly when on drugs so I have my own anti-drug security measure on my bitcoin wallet, woho.
|
|
|
|
whtchocla7e
Full Member
Offline
Activity: 392
Merit: 116
Worlds Simplest Cryptocurrency Wallet
|
|
January 14, 2014, 03:52:02 PM |
|
My password(s) is a 256 bit hash of several answers to very personal questions. Basically a puzzle that you have to solve in certain order. Yes, it's a big hassle to retrieve it. On the other hand, yes it's a big hassle to retrieve it.
|
▂▂▂▂▂▂▂▂▂▂▂▂▂▃▅▆█ L E A D █▆▅▃▂▂▂▂▂▂▂▂▂▂▂▂ World's Simplest and Safest Decentralized Cryptocurrency Wallet! ▬▬▬▬▬▬▬ • STORE • SEND • SPEND • SWAP • STAKE • ▬▬▬▬▬▬
|
|
|
guybrushthreepwood
Legendary
Offline
Activity: 1232
Merit: 1195
|
|
January 14, 2014, 03:55:57 PM |
|
My password(s) is a 256 bit hash of several answers to very personal questions. Basically a puzzle that you have to solve in certain order. Yes, it's a big hassle to retrieve it. On the other hand, yes it's a big hassle to retrieve it. lol, big paswords wont matter if you've got a keylogger though .
|
|
|
|
BadBitcoin (James Sutton)
Donator
Sr. Member
Offline
Activity: 452
Merit: 252
|
|
January 14, 2014, 04:18:44 PM |
|
My password(s) is a 256 bit hash of several answers to very personal questions. Basically a puzzle that you have to solve in certain order. Yes, it's a big hassle to retrieve it. On the other hand, yes it's a big hassle to retrieve it. lol, big paswords wont matter if you've got a keylogger though . If you're incompetent enough to have a keylogger on your system and not understand why you should be regularly scrubbing your "run on start" programs (hijackthis! generally is my tool of choice) then you have bigger issues than keyloggers I reckon.
|
|
|
|
guybrushthreepwood
Legendary
Offline
Activity: 1232
Merit: 1195
|
|
January 14, 2014, 04:21:24 PM |
|
My password(s) is a 256 bit hash of several answers to very personal questions. Basically a puzzle that you have to solve in certain order. Yes, it's a big hassle to retrieve it. On the other hand, yes it's a big hassle to retrieve it. lol, big paswords wont matter if you've got a keylogger though . If you're incompetent enough to have a keylogger on your system and not understand why you should be regularly scrubbing your "run on start" programs (hijackthis! generally is my tool of choice) then you have bigger issues than keyloggers I reckon. That's true. I prefer to use linux anyway.
|
|
|
|
BadBitcoin (James Sutton)
Donator
Sr. Member
Offline
Activity: 452
Merit: 252
|
|
January 14, 2014, 04:27:22 PM |
|
My password(s) is a 256 bit hash of several answers to very personal questions. Basically a puzzle that you have to solve in certain order. Yes, it's a big hassle to retrieve it. On the other hand, yes it's a big hassle to retrieve it. lol, big paswords wont matter if you've got a keylogger though . If you're incompetent enough to have a keylogger on your system and not understand why you should be regularly scrubbing your "run on start" programs (hijackthis! generally is my tool of choice) then you have bigger issues than keyloggers I reckon. That's true. I prefer to use linux anyway. Just because you're using linux doesn't mean your keylogger proof https://code.google.com/p/logkeys/
|
|
|
|
JohanM
Member
Offline
Activity: 144
Merit: 38
|
|
January 14, 2014, 04:33:04 PM |
|
- pfsense firewall - main wallet is on fully encrypted ubuntu pc, wallet again encrypted - password storage is in text file within triple encrypted truecrypt container
|
|
|
|
guybrushthreepwood
Legendary
Offline
Activity: 1232
Merit: 1195
|
|
January 14, 2014, 04:34:31 PM |
|
My password(s) is a 256 bit hash of several answers to very personal questions. Basically a puzzle that you have to solve in certain order. Yes, it's a big hassle to retrieve it. On the other hand, yes it's a big hassle to retrieve it. lol, big paswords wont matter if you've got a keylogger though . If you're incompetent enough to have a keylogger on your system and not understand why you should be regularly scrubbing your "run on start" programs (hijackthis! generally is my tool of choice) then you have bigger issues than keyloggers I reckon. That's true. I prefer to use linux anyway. Just because you're using linux doesn't mean your keylogger proof https://code.google.com/p/logkeys/Even booting from a cd?
|
|
|
|
RodeoX
Legendary
Offline
Activity: 3066
Merit: 1147
The revolution will be monetized!
|
|
January 14, 2014, 04:37:56 PM |
|
My password(s) is a 256 bit hash of several answers to very personal questions. Basically a puzzle that you have to solve in certain order. Yes, it's a big hassle to retrieve it. On the other hand, yes it's a big hassle to retrieve it. lol, big paswords wont matter if you've got a keylogger though . If you're incompetent enough to have a keylogger on your system and not understand why you should be regularly scrubbing your "run on start" programs (hijackthis! generally is my tool of choice) then you have bigger issues than keyloggers I reckon. That's true. I prefer to use linux anyway. Just because you're using linux doesn't mean your keylogger proof https://code.google.com/p/logkeys/Even booting from a cd? I think your good with a live CD. Unless it included a keylogger, which is unlikely.
|
|
|
|
BadBitcoin (James Sutton)
Donator
Sr. Member
Offline
Activity: 452
Merit: 252
|
|
January 14, 2014, 04:39:42 PM |
|
Even booting from a cd?
depends on the source of your CD .iso, it's definitely possible (although highly improbable) that you could download a dirty .iso from a backdoored or bitsquatted download page, you wouldn't even notice the ~2mb required for an attacker to have complete access to your computer.
|
|
|
|
johnyj
Legendary
Offline
Activity: 1988
Merit: 1012
Beyond Imagination
|
|
January 14, 2014, 09:39:33 PM |
|
One of the nice method I heard about, not tried yet: Remember the number of a block and select a transaction that include multiple receiving adresses. Remember a special string in this transaction For example: Select the first transaction with 12+ receiving adresses in this block, and compose a 12 letters string using the first letter of the first receiving adress, second letter of second receiving adress, third letter of third receiving adress, etc... As long as blockchain lives, the password is safe, and it is enough random
|
|
|
|
keithers
Legendary
Offline
Activity: 1456
Merit: 1001
This is the land of wolves now & you're not a wolf
|
|
January 14, 2014, 10:46:00 PM |
|
1password works pretty well as well
|
|
|
|
miaviator
Donator
Hero Member
Offline
Activity: 686
Merit: 519
It's for the children!
|
|
January 14, 2014, 10:49:51 PM |
|
I have found that the letter "a" lowercase, by itself is a very easy password to remember. Once a website's database is hacked or for those that store in plaintext all of your complex passwords are just as easy to grab
|
|
|
|
SirBitsalot
Newbie
Offline
Activity: 42
Merit: 0
|
|
January 14, 2014, 10:52:20 PM |
|
I just keep them on pendrive in an ordinary txt file. I don't use all this sneaky renaming, noone touches my stuff anyway Lol that's the same way I am! They would have to scan through all the porn anyways (totally kidding)
|
|
|
|
CRkfx1
Newbie
Offline
Activity: 39
Merit: 0
|
|
January 14, 2014, 10:53:19 PM |
|
Keepass, the only password manager I trust. Lastpass and the like just give my a bad vibe, gotta be online to use them.
My primary .kdb file is sync'd across all my devices/pcs using a 2FA google drive.
|
|
|
|
|
frank754
Member
Offline
Activity: 84
Merit: 10
|
|
January 15, 2014, 05:02:14 AM |
|
I use multiples of pi to 5 digits, and insert them periodically into a different spot inside my passwords, and keep a log of the way I do it as a system.
|
|
|
|
zeetubes
|
|
January 15, 2014, 05:18:32 AM |
|
Complex passwords are a bit of a joke imo. Anything more than a few characters becomes impossible to crack if there are lockouts after "x" failed login attempts. And as someone pointed out, 99.9999% of password cracks are from sniffing the password, which means it doesn't matter how long it is. The apps that I would be most suspicious about collecting your data and especially logging keystrokes are firewalls and antivirus/antimalware - we all just seem to trust them without any real good reason. I like the way Kryptokit allows an onscreen virtual keyboard. Pen and paper is still the best option.
Funny, I've been testing lastpass for the past day and now it only gives me grief on one site. You guessed it: bitcointalk.org. It will not let me login from chrome. every other browser and on my phone are all ok. Wonder what's going on there? Probably some malware or the nsa. I love the functionality of lastpass. Hopefully the security is ok too.
|
|
|
|
|