This used to be a real problem for me and have always been hesitant about using something that stores passwords on my computer. So I have been using Lock Box for about 3 years now.

I put it on a flash drive so when I’m not needing my important passwords I disconnect my flash drive from the computer. When I go to login I first have a master password for the flash drive and then I have another password to access lock box. Also lock box allows you to keep everything organized neatly in folders. For me it’s more than worth the 20 bucks, but they give you a free trial so you can check it out first.

I’ve tried at least a half dozen over the last 3 years, and this completely crushes them. (I have around 400 profiles/logins I manage online-and no, I’m not a spammer)

Here’s why I like it:
*freeeee!
*opensource so you know where the data goes
*password generator (customizable – length, characters, etc)
*auto-type
*one click to open webpage and login in many cases
*provides additional info box for notes,
*on and on and on….

I tend to create Passwords which are at least 12 char and must contain a special char.

- Your job is to make passwords unpredictable.

It is wrong to tell people that passwords can be broken without explaining the proper way to choose one that will be more difficult to break.

- Given enough time every password can be broken (it may take 8000 years, but it can be done).

You should choose a password that is nine or more characters long. Don’t use a word that is found in a dictionary – a program can be written to use every word in a dictionary.

Once you use a password that you consider good, don’t use a sequence of that password (Tolkien1, Tolkien2, Tolkien3)

Try making up an acronym – JDwfLTismf (“Jack Daniels whiskey from Lynchburg, Tennessee is my favorite”). Unless you know me well enough to know that I used to like Jack there would be no reason to consider that phrase. If you did know my like for Jack there is still no reason to consider this as a possible password.

Try and misspell a word using one or more special characters in the center of the word, like Disné#Land.

Since many passwords are case sensitive, use upper and lower case.

When it comes time to change passwords, I take the local newspaper and choose a word. The word for today is Doonesbury, which I modify to be D00n3sb_r. Or take the word lightbulb and spell it 1igh+b_1B. It is actually very simple, once you get the hang of it. Don’t forget that you can use your phone keypad to make lightbulb into 544482852. If you SMS a password, don’t use easy words like your name.

Take the word “automated” and on a US keyboard type one character to the right “siyp,syrf” and doing this means that you can use your family name if you want to.

For sites that do not have any money related information I use one password. I take an unnatural word combination, like an adverb and a noun (an adverb, broadly defined, is a word which modifies any word other than a nouns), combine them the make a word that does not exist in the dictionary. SlowlyTruck is a combined word that does not appear when searched on the internet. Slightly change the spelling and you really have a wonderful password – how about Sl0w1yTruck

I only use one password for sites like blogs. For sites that have money related things I use the ideas referenced above, but since I have a good memory I really screw the text up. I have also taken a text file and just typed a dozen or so characters, and whatever came out was a password.

Change your password at work every two months and personal passwords as often as you feel necessary.

Change your password now. Don’t wait for the prompt.

I’m a RoboForm fan, which works in Firefox & IE. Now that I’m migrating to Chrome, I’m lost if I encounter a site that requires a password. I have not heard of “password fatigue” before, but the term sure does explain the feeling.

So glad you take the time to evaluate these tools to share with us!