I've been thinking about and investigating the issue of password management. Passwords are the weak link in any computer security system. The problem is that following the standard recommendations -- choose long, random passwords, and never recycle them for use with multiple accounts -- quickly overloads the memory capacity of all but the most dedicated. Here are some solutions that I've been investigating, intended to be practical for unsophisticated computer users. I'd like your comments. 1. Use Diceware (www.diceware.com) to generate passphrases. The way it works is that you use physical randomness (rolling dice) to generate groups of five numbers in the range 1-6. For each group of five numbers you then look up the corresponding word in a list of 7000+ of the shortest English words. Your passphrase is the sequence of words thus generated, separated by spaces. I have found that the passphrases generated using this method are much easier to memorize than random alphanumeric strings of equal entropy. You get a shorter sequence of symbols by choosing from a larger -- and semantically rich -- "alphabet" (the list of 7000+ words). 2. Use something like Bruce Schneier's Password Safe (now an open source project at http://passwordsafe.sourceforge.net) to keep track of your passwords, so that you only absolutely, positively have to remember one. 3. The problem now is that Password Safe only runs on the notoriously insecure Windows operating systems. Even if it were to be ported to something more secure (Linux, *BSD), there are still plenty of security bugs found every day even on these systems, and it's not inconceivable that someone hacking into your system could catch your master password as you type it into Password Safe. I'm very uncomfortable with the idea of leaving my password database on any network-connected machine. This leaves two possibilities: 3a. Keep your "password database" as a handwritten list on physical paper. This is secure from network attacks, but physical security is minimal. 3b. Use a Palm OS-based PDA with PDA Defense (www.pdadefense.com) installed to store your password database. I'm not sure yet if you can use that to encrypt important databases, or if it's aimed more at securing the entire device. If the latter, use a Palm OS port of Password Safe (doesn't yet exist :-( ), or use one of the encrypted PDA password managers at Tucows.com. Backup the encrypted password database onto a removable expansion card, NOT on your PC. What are your thoughts? Am I off-base here? Are there better solutions I've missed? -- Martin Crandall