How to Remember 250 Passwords

Don't! Get KeePass (or KeePassX for Mac and Linux users).

On a daily basis, I have to provide credentials to maybe a dozen different authentication schemes. On a monthly basis, it's probably between 50 and 100. Overall, I've got more than 250 passwords that I've had to come up with. You've probably got a comparable number if you think of them all: your computer logins, websites, email acounts, instant messaging, online banking, PINs; if you're a programmer, you've got many more for databases, code repositories, servers, and the like.

What I used to do is keep a set of just a few passwords, maybe adding a number on the end to give some variety. One was my "weak" password that I pretended not to worry about, and the others were at best slightly stronger. Most websites got my weak password, and computer logins and banks got the stronger ones. Sound familiar?

Now they all get strong passwords—so strong that I don't know them and never want to have to type them. And I don't. KeePass remembers and types them for me. The only passwords I have to type are the one to log into my computer and the one to unlock the encrypted KeePass database. The computers I use often already have this secure database on them, and on other computers, I just run KeePass off a USB drive.

If you're still reading, you may be interested to know that KeePass has fairly sophisticated auto-type functionality. As an example, the standard UIUC web authenticator (Bluestem) uses a two-page system, where the first page takes your login and the second takes your password. For it, I define a simple auto-type sequence that enters my login, types enter to submit the first form, waits two seconds (or 2,000 milliseconds, ahem), types my password into the next page, then submits again. The auto-typer matches on window title, along with a (too-) simple * prefix or postfix globber. I have yet to find something it won't work with, and the default auto-type handles the vast majority of cases. I've even quit letting my browser store passwords, which makes me a little more comfortable.

I've also taken to storing my credit card numbers and other such data in KeePass. Just a few days ago, I was relieved to be able to pull my CVV out of the database for a purchase when I discovered that it had rubbed off the card. It's also nice to have your bank routing numbers and such handy when you don't happen to have a checkbook with you.

I hope I've convinced you. Give it a shot and let me know how it goes!

Tags: