Being former spies and everything (NOW CUT THAT OUT!), we're highly adept at managing passwords. Passwords are really a poor way of securing access to a website, but until the cost of moving to something more secure is outweighed by the cost of theft, not much is going to happen. So what to do?
Here are some triple top secret ways of managing passwords on the interwebs:
Use a gadget. We like Keypass, which you can download here. It runs on Windows, Mac, Unix and pretty much anything else except your microwave oven. Keypass is a password database that lets you store lots of information about a website beyond just the password. It's portable, meaning it will run on a USB stick, so you can carry it around with you and run it on a windows machine without having to install it.
Use the browser. Not nearly as secure, but very easy to use. Most current versions of all browsers support remembering user IDs and passwords. As long as you're the only one with physical access to your machine, this is ok. Never use this method on a laptop, for obvious reasons.
Use yellow sticky notes. Write down all of your user IDs and passwords on sticky notes and attach them to your monitor. Then take a very high resolution picture of your monitor and email it to me. I'll take really good care of them. Promise.
Make a hard to guess but easy to remember password. Here's a good trick - choose a memorable date - graduation, wedding, birthday, zombie apocalypse, etc. Then make a simple statement about that date. For example, "I moved into the Sea Breeze apartment on June 12, 2002." Now take the first letters of the phrase, the numbers, and the punctuation, and turn it into something like this: "ImitSBaoJun12,2002." Easy to remember and rock solid.
Finally, if you want to have some fun with secret passwords and codes, try this. It's a web-based re-creation of the German Enigma machine. Set the rotors, type in a message, and out comes gobbletygook. Reset the rotors, paste the gobbletygook into the message line, and wa la! Why would you use this? Well, we use it as a verification code for gift certificates. When we print one, we encode the recipients name and print it on the certificate. That way, only they can use it.
We used a similar technique to communicate with our secret spy handlers back when we were in Jaka
THE REMAINDER OF THIS MESSAGE HAS BEEN REDACTED BY THE FEDERAL WITNESS PROTECTION PROGRAM. GEEZ, GUYS - WILL YOU CUT IT OUT ALREADY? FRANK ALMOST HAD A HEART ATTACK WHEN HE READ THIS POST AND JUST BARELY GOT IT REDACTED IN TIME. HELP A FEDERAL AGENT OUT, OK?