On Apr 19, 12:40*pm, 5Z wrote:
I hope it's not a password you use at multiple websites. *One gets
broken in to and the bad guys now have all your passwords.

On comparing notes with other long time net users and programmers and
sysadmins I've found a lot of us use the same small set of passwords
everywhere.

I have a set as follows:

1) minimum security for throwaway things that shouldn't have a
password at all. You want to break into my pizza chain account, put in
your own credit card number, and have a pizza delivered to my house?
Be my guest. The same goes for internet mailing lists that send you a
reminder every month with your password in plain text.

2) normal security. If you take over this you could get my files,
corrupt them, and I'd have to restore from backup. My work computers
are backed up hourly.

3) medium security. You could spend smallish amounts of money (a few
hundred dollars maybe) that I might be able to get back anyway.
Basically mail-order sites that know my credit card details.

4) high security. If you hack into this then you can take over my
entire identity online, reset my passwords on other sites etc.
Basically this is my email password, and 1 or two others.

5) online banking. If you hack into this you can take ALL of my money,
with pretty much no recourse.

This method has served us well online for 15 or 20 years. Now there
are some other options (1password, lastpass etc), but ours works well
enough.