Re: Choosing unique passwords - how paranoid is too paranoid?

[Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>]

On 2008-06-25 Orlin Gueorguiev wrote:
> On Wednesday 25 June 2008 05:27:37 Johann MacDonagh wrote:
> > This has worked out better. I've started using mnemonics to remember
> > each system's unique part. Muscle memory!
>
> I have 3 passwords. One for no security(like the password for the
> quest account), one for forums or minimal security, one for secured
> stuff(everything with money). Now... I think I got a little inspired
> from your post and I might actually start generating passwords for
> each different domain, based on a password mixed in some way with the
> domain name. For example password is password, domain is eBay (make a
> mnemonic buysellbuy), mixes password: buypasssellwordbuy /*will have
> to think about something better*/ (and then 1337 it), final
> B@iPazZC3llw0R7bA1. because I have a general password combined with
> something easy to remember, and leeting it, I believe it would be hard
> for someone to find it, especially because different people have
> different expirience and will probably have different mnemonic.

google://kerckhoff+principle

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq