Passwords and Old People

Buadhai
Buadhai
Community Member

With 1Password 6 I had an easy-to-remember and easy-to-type 8 character password that would be very hard to guess.

When I subscribed to 1Password I was required to use a Master Password that had at least ten characters. I let the software choose one for me. It's long, but reasonable. Four English words/abbreviations with a common separator.

Trouble is, I can't remember it. I'm old now and my brain, especially the memory part, doesn't work as well as it once did. I just can't remember that Master Password. For a while I was retrieving my 1Password Emergency Kit from its safe location. But that was a time-consuming PITA.

Now I have done the stupidest thing of all: I have my Master Password written down on a sheet of paper sitting on the desk in front of me.

There must be a better way.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • danco
    danco
    Volunteer Moderator

    One thing is that you are a subscriber, which means that you have a secret key that you don't need to remember but that makes weak passwords not as bad as they would otherwise be.

    Partly the solution depends on what your memory is like and who else has access to your computer, if anyone. "To be or not to be, that is the question" would not be a good password, nor would tbontbtitiq. But there might be a very obscure quotation that you could easily remember. And perhaps you could add your mother's date of birth to such a quotation.

    Really, the best thing is to have a fairly long master password that you can easily remember, and what you can easily remember is up to you.

    I'm probably older than you, but currently don't have memory problems.

  • Buadhai
    Buadhai
    Community Member

    Thank you.

    I have several passwords that I can remember and which 1Password seems to think are pretty good. Combining two of them should result in a long-enough Master Password.

    Memory is a weird thing....

  • danco
    danco
    Volunteer Moderator

    That sounds a good way to go.

  • Hi @Buadhai,

    The Master Password generator can be useful for some people, but I myself have trouble using a generated password as my Master Password. For those people that can handle that, it gives them an incredibly strong password. For the rest of us, we need to use something that's less strong but as strong as we can muster. I'd be careful about Danco's "makes weak passwords not as bad as they would otherwise be" statement though. Weak passwords are always a bad idea, and our Secret Key only ensures the security of your data when on our servers. It doesn't add security to your data on your own device, so having a weak password there is a very bad idea.

    I think your current strategy is an OK one. I myself like to use pass phrases: a series of words of my choosing.

    Rick

  • MrC
    MrC
    Volunteer Moderator
    edited June 2018

    Indeed as we age, our short term memory can diminish. At least I feel it at times, and it sounds like you do to. If I remember correctly.

    One trick I use routinely is to utilize additional out-of-context cues, as reminders or triggers. For example, I know I need to take out the trash later in the day, so I place so odd object in a place I'll walk by, as a reminder trigger. Every time I walk by it, I'm reminded, and this reinforces my memory. I could just write a note and use that, but that fortunately is not (yet) a requirement. :-)

    And we can employ similar nearby visual cues as mnemonics for passwords. For example, I just created an Excellent strength 14-character master password, by looking at the artwork on my wall, and picking the first character of each word/number, from top to bottom, left to right. I could have equally used the 3rd or last characters, or used some characters from the various products on my desk (vendor, model, color, whatever), in any order I choose.

    1Password makes it pretty easy to test the strength of your concocted passwords, so this reduces the risk of our inherent over-confidence in our ability to create strong passwords.

    nb. I'm sure @rickfillion could come into my office and crack my master password, like any worthy movie or TV series hacker, within seconds, by quickly glancing at my screen, breathing out I can crack this, barely audible, tap out two or three keys, the system bleats to life, with the sundry computer codes, characters, and other hieroglyphics scrolling frenetically in the background windows. Evil snickers and the exaltation of noob dominance follow.

  • It's a UNIX system! I know this!

    :P

  • Buadhai
    Buadhai
    Community Member

    I finally decided that the generated password was just too long to have to input every time I need a look at my vault.

    I mean, really, type in almost 30 characters to retrieve the cvv code on a credit card? Too time consuming and too much room for typo error.

    The generated Master Password was very much like this:

    sw-runway-temporary-stockholm

    I could never remember if the first two characters were se, or nw or ne or whatever. I also had trouble remember if temporary came before or after runway.

    In the end, I went back to my original master password. (Apple's Password Assistant rates it as "fair".) But, it's easy to remember and easy to type. A risk, I know. But life is full of balancing risks. (Shall I have another beer?)

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Buadhai: That seems perfectly reasonable. Three words, if chosen randomly, are fairly strong. As far as I know, we're still waiting for someone to crack one of these for a contest we've been running.

    But I'll tell you the trick I use in case it helps: I save a copy of my 1Password.com Emergency Kit, and I've got family members that can help me recover my account. Okay, that seems like a bit of a cheat since we're talking about remembering things...but so long as I can remember "emergency" and "family" I'm covered. :)

    P.S: Cheers! 🍺😉

This discussion has been closed.