I hate passwords

So how do people remember the 100 passwords that the average person has…(I can’t be average then!) as quoted, perhaps tongue in cheek, in the article.
But I do get stressed and lose count of the number of times I have to activate forgotten password…and password safes are a waste of time because if cracked it’s like having a parachute with a hole in !

1 Like

Use a password manager


Or keep a little notebook in your desk/cupboard. If anyone decides to burgle your house, they sure as heck won’t be looking for little notebooks…


Can you recommend it?
Isn’t there a risk if it gets hacked or a ner’ do well gets access then all the password are on a plate!

It’s why I don’t use one! Or rather I do but we wrote it ourselves and it’s on one of our servers…

Less risky than using weak or repetitive passwords and writing them down or storing them in unencrypted files on the cloud I reckon. Nothing is without risk.

What Happens if LastPass Gets Hacked | Our Security Model.


@strudball We use Bitwarden (after ditching LastPass) and have found it to be very useful. There is also Dropbox which provides a facility for storing (i think) 50 passwords free in the free version.
Link to https://bitwarden.com/
The password carry across to different devices seamlessly. The same passwords on your PC, laptop and mobile phone. They require a very strong password/passphrase to gain access - I use a passphrase which will be very difficult to hack and in line with their suggestions is something in my life only I would know.
Within the package, you can set random very strong passwords which will meet most (if not all) security requirements most individuals will ever need to consider.

1 Like

I struggled to come to terms with a password manager, so use phrases based on a fairly standard approach which includes words and numbers. Places I am not too keen on include words like moron and idiot, favorite ones have more positive ones.


Unless you are working in a public environment, writing things down is about as risk-free as you can get. Not something to do in a shared space with others though…

@graham I’m not tech savvy, but if a hacker can identify key-strokes, does it matter how complicated the password is?

Only if they have keylogging software installed covertly on your system often installed by clicking on links in suspect emails or websites.
Always keep your malware software up to date.

1 Like

Following advice on here, or perhaps elsewhere, I invented a common password based on a phrase very well known (but only to me) and then complicated it by altering it with numbers, capitals and symbols.

I then put it onto an external hard drive, which is only plugged in for a few minutes at a time when required, and copied and pasted it when needed. It differed for each application with a minor alteration based on the particular entity each time.

All was fine and I gradually introduced it to my system. Until I came upon a requirement which didn’t allow for copying and pasting. Then I had to write it out ‘longhand’ and the trouble began. Due to its length, a sometimes faulty keyboard and my hopelessly inaccurate arthritic fingers, I struggled to get it right and was in danger of being locked out completely.

So I have gone back for the most part to my unsafe system of obvious but numerous former passwords. :roll_eyes:

Entrusting my passwords to someone else is not an option.

They won’t be taking any of our rather old computers either.

+1 for Bitwarden here. It’s open source and works well.

Anyway, you should have a second factor of authentication on anything important like a password vault. Either with a phone app, such as Google Authenticator or, if you don’t mind spending a few quid on something really convenient, I have one of these which are quite widely supported now:

Keep it on your key ring, configure compatible apps (like Bitwarden) to accept it as a second proof and your process becomes enter your password, plugin your key and press the button. It’s an extra step, but a very easy extra step and somebody needs both your password AND your physical key to login, so it’s not the end of the world if you don’t have a silly long password.

1 Like

Another good password manager is Truekey - this does have a cost attached to it. Also keeps details of credit cards, licences of various sorts and “safe notes” which can contain anything you want.
If not using a password manager, then using pass phrases is probably the next best thing. A passphrase is exactly that - a phrase that is only known to you.

IMHO. there are two types of password …those in everyday use to have acsess to online accounts often for shopping…Tesco, Casino, Darty John Lewis, and general sites requiring you to “sign into an account” eg Confuse.com, where i’m not really bothered if somebody accessed using my password …and on these sites I never link them to a payment process so I use just a couple of standard passwords of letters, number and a sign. Then there are financial sites, banks, health insurance etc which normally now have two factor authentication so passwords are much more supplier site driven so intrinsically safer.

1 Like

Ha ha, in my shed I have about 4 desktop computers dating back years kept simply because I didn’t know how to remove the hard drives and smash them with a sledge hammer before soaking them for days in salty water. The advice I got from one computer expert. :roll_eyes: :laughing:

I suspect that there is a bit too much paranoia about erasing hard drives and that almost any one of the secure erase utilities that are kicking around are sufficient (I tend to use “dd” in Linux) for 99.99% of all users.

Yes, in olden days there was genuine concern that magnetic information could be recovered, even if overwritten by fresh data but modern drives have data crammed so tightly that a) there is barely a square nanometre of “wasted” disk surface b) the process of reading and writing data needs masses of error correction and detection magic under the hood to make it work at all even under ideal conditions - oh, and c) anyone with the resources to get data off a correctly wiped hard drive probably has more straightforward ways to eavesdrop on your computing activity.

That said there are some things to know

  • Just “reformatting” a drive or installing a fresh copy of the OS does NOT typically remove the old data, it just updates the housekeeping info on the disk which allows the OS to find files, which is why you need to write over the whole of the drive.
  • Modern hard drives and SSD/Flash storage typically reserves a small amount of capacity to allow for bad blocks to be “mapped out” - in theory it might be possible to recover data from old mapped out blocks.
  • SSD/Flash drives do something called “wear levelling” to use the drive evenly (each block has a fairly limited number of times it can be rewritten). This is transparent to the user and the OS and means that when you think that you are overwriting data it simply gets written to a new location on the drive and the old location marked as being available. Someone with the right tools could theoretically read this data - but that can still be mitigated by writing to the whole device.

Of course if you are really paranoid then the right thing to do is encrypt your disks and hire a steamroller when you need to upgrade to turn the old ones into pancakes :slight_smile:

Personally I write zeros to the whole drive, then random data, then partition and put a file system on it (usually NTFS) and leave it at that.

Our last computer went pfft, and we had to have the hard drive changed. Computer person gave us old one back, which of course we had done nothing to as wasn’t expecting it go pfft. So we now have a hard drive sitting looking at us that we don’t want just to put i to electrical recycling. We tried to smash it with sledgehammer, but sledgehammer head fell off and hard disc remains intact.


So, the hard drive went pfft?

I’m assuming no data which needs to be recovered.

If it were me I’d dismantle it (not difficult but you do need the right miniature, typically torx, screwdrivers) remove & break up the platters and tip the rest in the “computer” or “electrical” bin at the déchetterie.

I might be inclined to remove the neodymium magnets but if you do watch out - they are quite powerful and can easily nip a finger.