So, over the past month or two, I have taken to using a password manager. Right now, I’m using one called LastPass. It’s a client-side encrypted repository that stores not only passwords, but also notes and other important information.
I’ve been beefing up my passwords, making them 50 characters where possible and putting them in the form that’s current DoD standard. Some websites won’t take such passwords, unfortunately, and I’ve had to compromise there. But, even so, if I have to fashion a simple 8-16 character (no special character) password, I do so pseudo-randomly.
FWIW, LastPass has a security challenge where it examines your passwords and attributes a score accordingly. This is probably as good as I’m going to get it, given those limitations of certain websites (I really should give the offenders a talking to so I can get my overall score above 99%…it’s giving my OCD eyes the twitch).