I just made a comment in response to Nickie’s question about passpack.com. I feel it’s worth sharing it here, too.
OH YES, i have Geek Answer Syndrome! The topic of identity and authentication interests me a lot.
Here are three options that i use:
1. Use the same semi-random password, but adapt it for different sites.
Think of a two-syllable word, eg flo·wer – swap it around and put a number in the middle: wer6flo. Add two letters for whatever site you’re on. So on LiveJournal your password could be wer6flolj. It looks random enough that anyone who found it out probably wouldn’t guess your password at other sites.
2. Use PasswordMaker
This is absolute genius. You have a super password which never changes. You feed in the URL of the site you’re on plus your super password, and it does a one-way algorithm to hash the two together to form a completely unguessable password. So if my super password was wer6flopm and the URL was livejournal.com then the password would be NRfQ;MHq’K!0. It means you don’t even need to know your password – you generate it each time you need it. It doesn’t store anything on the server, but you can download a copy locally if you want to be extra security conscious.
3. Use OpenID as much as possible.
OpenID eliminates the need for multiple IDs and multiple passwords. As a LJ user you already have an OpenID; it is nitoda.livejournal.com. Enter that at any site that accepts OpenID, and it will briefly send you off to LiveJournal to confirm that you’re willing to share your identity with that site. I have recently enabled MyChores to accept OpenID.
Hope those ideas help!
Nickie, i hope you don’t mind my re-post. It was a public post, after all …