How many passwords do you have to remember?

stimpson wrote: »

Not really true anymore https://diogomonica.com/2014/10/11/password-security-why-the-horse-battery-staple-is-not-correct/

If it hasn't been posted yet, this is an excellent resource https://haveibeenpwned.com/

I have a few email addresses that have different passwords.

One for Xbox
One for personal use
One for online sensitive use
One for online sign ups

Deise Vu wrote: »

I don't really understand the question. My email user name, as an example, would be contained within the excel file which is password protected but it obviously wouldn't appear in the excel file name. Is it the case that forensic searches can bypass file encryption and drill into the files? (Genuine question again!). My email user name will also appear on a million emails going in and out but very few excel files I suppose.

Thought I'd edited that in time :P Sorry, I didn't fully read your post and didn't realize your file was encrypted. If it wasn't though, storing account names with passwords somewhere searchable is a bad idea. Search for the account name is a very easy, lazy way of trying to find account details on a site, hard drive etc. etc.

Don't understand password managers, you've one password then for all your passwords. What if someone looks over your shoulder and sees it, or puts a key logger on your machine? Just never understood it.

I've between 6-10 passwords. Only the weakest couple that I've been using since I was a kid contain a dictionary word, these are only used for sites i don't care about. I've a complex one that I use for my important secure sites (online banking, secure payment authentication, main email etc). I've lesser complex ones I use for sites that I'm not too bothered by (social media) and then I've a few for work related items.

The companys or services I use my main/important password with would never ever be saving my password in plain text. It's been encrypted since the day I registered. Even if they were to fall victim of a hack where the passwords are leaked, the likelihood of them encrypting my password is nil.

Would probably be the same sort of security on social media/boards but I use a couple of passwords for those accounts because there's a greater chance they'll fall victim to a security flaw or hack.

Deise Vu wrote: »

Office 2010. Version 14.0.7128.500 (32Bit) I got fed up with the constant change for the sake of it and never upgraded since. Don't tell me I have to cave in now?

2010 passwords are fairly easy to crack iirc. Seriously, get a password manager and turn on 2 factor authentication and stop stressing over it all.

Deise Vu wrote: »

Thanks for all the suggestions guys but at the end of the day, I am not looking for security solutions, my point is that for ordinary, every day people e-commerce in all it's various forms will collapse unless someone comes up with something unique and, preferably, biometric, that can be transferred across all technologies. Looking back on the thread I think it would be fair to say that Joe Soap has too many simple and exposed passwords while Joe Hacker is getting ever more sophisticated. That can only end one way and that's very, very badly.

2FA is robust (if someone has your password it's no use to them) and fairly easy to use. LastPass will use the fingerprint scanner on an iPhone so for that use case there is already a biometric solution. It will even scan your passwords to ensure you haven't reused them and that they are hard to guess.

Solutions are there but you choose not to use them.

I have 5 complex passwords that I use for my most important sites. Then I use one password for about 7 or 8 unimportant sites or sites I don't use very often.