Where do you record your authentication information (urls/ips/usernames/passwords)?

Question

I'm wondering what people use for storing their username, passwords, urls, IPs, domains, and any other login information they need to both do their job and in general life. It might also store serial numbers or similar data.

I find that I'm registering for probably 5 sites a month, paying some piece of software, just setting up a new hosting account or ssh access to something. By the end of the month, I've both forgot what those sites were and what my username and/or password is--not that I use a completely different password every time. Next month when I go back, I end up using the forgot password and then changing the password to something that I'll forget.

I'm also thinking it needs to be mobile, probably browser based (not a USB key or other protable media) and very secure.

I'm thinking there are maybe 2 different solutions: one for a company where everyone in the company can access it and one where it's only you.

What does everyone else use to store their authentication information?

Edit: I'm looking for something to store more than just a username and password. It needs to store IPs or domains for example for SSH access. It also needs to have the ability to put some kind of comment in or other information because, for example, the site maybe limited to 1 IP.

Answer 1

I use a certain string of characters in all my passwords, then for each new site I register on I append another string of characters which can be determined by looking at the site's name or URL. All I have to remember is the base password and the algorithm for determining the rest of the password.

Answer 2

Try Password Gorilla and use GetDropBox.com to keep it synced across machines. I think it was recommended by the developers of this site.

Answer 3

I use KeePass. It has versions for various platforms (KeePassX for Linux, for example) and has been quite stable for me. No lost data yet, so I haven't had to resort to my backups :)

Answer 4

I use PasswordMaker and it's fantastic Mozilla Firefox add-on. All passwords are generated from a website URL and your username. You enter a master password which then essentially "unlocks" all your passwords so you really only have to remember one password but can have a unique password for each website you have an account on.

PasswordMaker was also recommended by Jim McKeeth in Stack Overflow Podcast #9.

Note also that there are many other ways to integrate with PasswordMaker besides the Firefox add-on. For example, they have an online version that can be used essentially anywhere as long.

Answer 5

Use the same password for everything. Give it out to strangers.

Just kidding. I use three tiers of passwords - the lowest one is really easy to remember, and applies to all accounts whose security I don't care about. I just use it for most things like this.

For the other stuff, I don't find it to be such sensitive information, so I'll store them in a large "info.txt" text file. I'll put a password hint next to it, such as "the bad one", or "double z" for example, if I have a password I use a lot that has two zs in it. I just use standard CTRL+F search to lookup the info.

Answer 6

I keep everything always with me on my Treo, with SplashId. (Handles custom fields, too)

Answer 7

I have two different solutions: For work related passwords (login to our webbservers and mysql users and logins), we use a shared google doc. It's not ideal, but it's better than having just one password (we did when I started), and it's better than being locked out if one guy gets run over by a bus.

My private solution is a variant of Jeremy Rutens solution, an algo that gives a couple of chars based on the url/hostname and another algo for the second half of the password (which usually gives me two or three choices when I've forgotten the pass - but that takes just a few minutes extra).

Answer 8

I store my passwords in text files on an encrypted partition.

Answer 9

Like claudiu I use a several tier system and my memory, I have a good handful of passwords that I know all from memory, and depending on what type of stuff I'm using depends on what passwords I use. Effectively I have two or three passwords for each of my "tier" catagories. Sometimes I have to try several of them if it's a site I don't use often until I get in. Though typically I'm very good at remembering which one's I uses on which sites.

Answer 10

Here's a simple solution that I think fits your requirements.

1. Store all your usernames, passwords, URLs, IPs, whatever in a plain text file. Yes, really. You may even want to have one text file for usernames & passwords, another for URLs, another for IPs ... whatever works for you.
   Alternatively, if you'll have MS Office, Open Office, Star Office, or some other compatible office program available at every site, a spreadsheet works splendidly for this type of thing.
2. Zip this (these) file(s) up and apply a good password.
3. Attach this zip file to an e-mail you keep in your favorite Web-based e-mail box. To keep it easy to find, you might want to create a separate folder, or just create a separate e-mail account just for this purpose.

That's it. Assuming you can rely on have a Web browser with access to your Web mail, an unzip utility, and a text file reader (or better yet, spreadsheet reader), you can access your information securely from anywhere.

Answer 11

I use Password Safe. You can store, organize and retrieve all the essentials in a snap. It also has a handy "generate random password" that I use more and more, especially for those once-in-a-while-never-worth-remembering-the-password sites.

http://passwordsafe.sourceforge.net/

Answer 12

Clipperz looks like a good solution. It allows you to store pretty much anything you want and encrypts all of your data with your password. It also includes an export feature and offline read-only version. And it's free!