Write down your passwords, but do it securely

Password managers are practical. A while ago, Bruce also said that instead of using weak memorized passwords, it’s more reasonable to use strong ones, different ones for each service, and write them down SECURELY. There are a bunch of products around, both commercial and free, most of which are software on your PC. One great resource is a mobile phone — newer ones usually have a “password safe” function.

I have found that a TrueCrypt volume with a simple text file on it containing the passwords works well for me. Obviously, the password protecting the volume is critical — it’s a strong one and isn’t written down anywhere. But it’s the only one you really have to memorize, others you can just look up.

This is obviously only limited to one PC, but it’s not a good idea to use random PC-s for sensitive operations anyway — you can’t be too sure about what’s running on them.