My CMSMS was hacked yesterday :(

[Hare]

I use good old fashioned pen and paper to store passwords! I know, that sounds very old fashioned but it works for me  I use names that mean something for me that others won't recognize if they found the paper eg instead of writing "CMSMS admin" I might put "Holiday"

Regular words are not a good choice since those are easily guessable via brute force dictionary attacks. Username doesn't matter too much but basically for maximum security it would be good to use something a bit more complex.

I personally always change the admin directory to something else and use some other account name instead of "admin".

I wish there was something as elegant as Apple's keychain for XP/Vista.

[pgoneill]

I use "Keepass" to store my logins, it runs on a memory-stick as well, so no need for installation, just extract it in a folder on the stick.

Ronny

I do something similar with "Password Safe" - http://passwordsafe.sourceforge.net/

I keep a database on my memory stick (up to date) and back it up to both my work laptop and home machine regularly.

And each and every password I have is unique - generated by http://www.pctools.com/guides/password/ - so something like "BrE2Echa".

Of course, the downside of this is I don't know any of my passwords - except the one to open the database!