I recently finished a huge revamp of my password management system by moving to a one-password-per-site model. Here’s why I decided on this model and how I implemented it.

I was using a base password system to generate passwords I could memorize. The recent breaches at high-profile sites like Zappos, Last.fm and LinkedIn made me rethink this strategy. Remembering passwords doesn’t scale with the growing number of online services we use. One-password-per-site is perhaps the best model (and maybe even a bit overkill), but I was nervous about trusting my passwords to a password manager. But a few realizations made me more comfortable:

  • I do a horrible job of remembering usernames and passwords anyway. Every time I’m faced with a login form, I sit there staring blankly trying to remember how to get in. I had a handful of passwords and usernames I would cycle through, but trying to remember the right combination was often futile (at worst, I’d get locked out before I hit the right combo). I found myself using the “reset password” link out of convenience. I don’t want these various username/password combinations taking up space in my head. I want to fill those nooks and crannies of my brain with more useful bits of information. Because...
  • Passwords are just a means to an end. It’s a subtle point, but there’s nothing intrinsic in a password that makes it a necessary part of accessing your data. Passwords are merely the inconvenient price we pay for online convenience. If I lost online access tomorrow, I could still call customer service in order to manage my bank account. I can always request a new password if I absolutely need to access a site but don’t know my password. Forgetting a password is not the end of the world: just get a new one.
  • Device consolidation. Even when memorizing passwords, the only devices I trust with my passwords are my laptop and the phone. Once I’ve logged into these devices, I seldom need to log back in again (especially thanks to Chrome sync). I avoid logging in from public computers, and can’t imagine a critical situation where I couldn’t wait to log in from one of my devices.

Once I was comfortable with the idea of one-password-per-site, here’s how I implemented it:

  • All passwords are stored in KeePass. I only need KeePass for a Mac (via KeePassX) and an Android phone (via KeePassDroid), but it is also available on various platforms if necessary. I like KeePass because its free, open-source, and not cloud-based. I’ve heard a lot of great things about LastPass, but I’m still not comfortable with the idea of a third-party managing my passwords. The system I describe here has many of the benefits of a cloud password manager without introducing a third-party player.
  • Each site gets its own unique password generated by KeePass. I generate a 25 character password with letters, numbers and symbols (unless the site has its own restrictions).
  • There are certain passwords I still need to memorize, such as the password to the KeePass database itself (of course), passwords to apps I share with my wife (such as Hulu+ and Rdio), passwords to anything work-related and various odds and ends (like my router password).
  • I also memorize the password to my Google account. This is important because my email is on Gmail, and email is the proxy for identity on most services.
  • The KeePass database is stored in Google Drive. This allows me to access the database from any computer I trust.
  • Two-factor auth is enabled on my Google account.
  • I have a printed copy of my passwords that I keep with my other important documents (such as passports). This is stored somewhere only my wife and I know how to access.
  • The flow for logging into a site goes like this:
    • Open up KeePassX.
    • Find the site I want to log into to
    • Hit Ctrl-U to navigate to the site
    • Hit Ctrl-B to copy the username, paste that into the site
    • Hit Ctrl-C to copy the password, paste that into the site
    There are probably browser plugins that would make this process easier, but I’m happy with it for now. The flow in Android is similar, except KeePassDroid provides a handy shortcut to copy the username/password from the notification bar.

I’ve been migrating sites to this scheme over the past month, and I’m happy with the results. I don’t waste time staring blankly at a login screen anymore. I just hit a few keys and keep moving forward.