Password Confessions of a Security Expert

The simple solution I use is this:

1. For non-important websites I use a single password. If it gets hacked it does not represent a threat to me. I don't care if someone hacks my account to some forum.

2. For secure websites I use a complex alpha-numeric password that includes symbols. They are completely non-sensical to look at.

3. I never keep secure passwords digitally stored on anything. No cookies, no "keychains", no password managers. I would not trust them, nor should you.

4. I periodically change secure passwords after a period of time or if there is a known threat.

5. Lastly, for secure passwords I will keep a written log in a small book. Ideally, a small address book would be a good mechanism. That way, finding a password is pretty simple.

When I change a password, I just update my logbook and post the date of change.

6. I almost exclusively do all my secure password accounts from my home internet. I will never use an open or public WiFi or even a hotel WiFi for any secure transactions. Open WiFis are a good way to get your information hacked.

There is widely available freeware that anyone can use to secretly eavesdrop on network users. It's easy and your personal data is an open book to any common thief.