I forgot my BPIExpresOnline password yesterday. I tried several passwords I frequently use and my account was eventually suspended.
This wasn’t the first time I forgot my account password. I have copies for most of them at home but because online banking requires you to change your passwords every 90 days or so, I seldom update my little post-it notes at home. And with the dozens and dozens of accounts to memorize, I wish there’s one online password vault I could store them all.
I would have used my phone to store the info but once you loose your phone, there it goes again. BPIExpressOnline does not have a Forgot Password feature and you need to call 89-100 to have it reset. However, you also need the 11 digit access number and the 4 digit phone ID. I’m stuck. :p
Now, I am in search of an online password storage secure enough to store them. Any suggestions out there would be great or experience from similar services you might wanna share.
“One site to visit… and one password to store them all.“
21 comments
Here’s a suggestion: http://www.just1key.com/.
Impractical. What if you lose the password to your online password vault?
I just use a couple of passwords. If there’s a requirement to change it every so often I’d just suffix 2 numbers and I just change the suffix numbers. It could be less safe though but you get the idea.
For 11 digit numbers, I would use the technique I learned from Harry Lorayne. Each number is assigned a consonant letter. Then form a phrase or sentence with the consonants in sequence as the numeric password. 1 = l, 2 = n, 3 = m … If I have a password 1232, I just think lineman.
My technique is I form the phrase first and work from there.
I dont think you’d like your passwords and important “numbers” on other people’s server.
Here’s an idea, you can save all your numbers on an excel sheet and password protect it. and sync that excel sheet with your USB Disk, PDA or Phone so you can carry it around.
If you are more paranoid than normal, you can further encrypt that excel file.
Now, you only have to remember your Window’s password and your excel file password 😉
@ Gabe
Thanks!
@ Krakista
I’m using the same technique for the longest time until a couple of days ago when it finally failed me.
@ Mark
I bought an Apacer USB drive months ago which has a built-in encryption system. I store the most important passwords there like my online banking passwords. The problem was, when it was time to change my online backing password, I forgot to update the one on my USB drive. 😀
I just use a simple script to generate all my passwords. I have one master password and generate a new one for each site.
You can get my script here:
http://netgarage.ne1.net/tools/passgen
HTH
handy tool. but what if the master passwd or the script is compromised?
Yuga, I will be downloading and trying out this new Konfabulator Widget. You might want to try it too.
http://www.widgetgallery.com/dl_r.php?widget=37131
yipes!
I don’t go through those lengths. I have a set of “SOP” passwords, some are a function of the URL of the website I’m on. But usually, I use the “forgot password” function when my SOP’s fail.
my passwords have worked since 1998, no breach so far. I’m happy and worry free … so far.
edwin
I just use gmail to store every information I might ever need. Then sometimes, I use my phone, and maybe paper, and maybe… there’s just too many places to store important info that you end up having them out of sync. 😉
But seriously, gmail works fine as a little PIM.
I think this discussion will slowly take us to 43folders and lifehacker. =D
http://www.onlinepwvault.com
This site is awesome, and very secure.
It uses security for usernames and passwords, and i heard it is getting ssl certificates soon with up to 128 or 256 bit encryption.
I disagree that onlinepwvault is good. My goodness, take a look at their privacy policy!
————-
Privacy Policy Currently Underdevelopment
Heavy Encryption is used on this site, and will soon be switched over to an SSL server
Your personall information can not be read by anyone because it is encrypted. Also, the employees here at Online Password Vault share any of the data in our database with anyone else.
Your information is safe with us.
———–
Wrong spelling. Plus “the employees share any on the data with anyone else?????”
it says underdevelopment, maybe its just a typo and the webmaster put the page up quickly
anyway, i have been using the site for a couple of weeks now and i have not had anything happen to any of my accounts that i put on their site
Very unprofessional. Looks like a phishing attempt. Strange. Right after this was posted the privacy policy changed.
Porto88, you probably own the site. And that is why nothing happens to YOUR accounts.
It doesn’t even have a qwerky Web 2.0-ish name! How old school. Hehe 😛
Best way to deal with passworeds, IMHO, is by inventing your own password mnemonic, like what Ka Edong and Krakista suggest (and as I wrote here on PTB).
I’ve been developing an open source, host-proof password solution. You can check it out and grab the code at http://www.blowpass.com/. Understand that there are still some major issues with authentication, IE your passwords can get overwritten by someone clever, but your passwords should be entirely safe in transit and in storage on the server. If you drop it in a directory with .htaccess on it, you should never have any problems. Thats not a solution though, just a work around.
Take a look, run your own copy, hack it, and always share 🙂