I have some advice – I don’t give advice very often, but this one is important, so listen up.
When I was younger, I had a near perfect memory. I could remember 62 character random passwords fairly easily, I could remember passwords from years earlier and having a head filled with god knows how many passphrases seemed to be a fairly normal thing. I didn’t forget them, I didn’t need to keep a note of them.
Then I got ancient, and senile.
I found today that I can’t remember passphrases I set 10 years ago even though oddly, I can still remember passwords I had 25 years ago. The problem is that sometimes I need passwords I set 10 years ago. It’s not that I completely forgot them, I remember it is a passphrase about a sheep and a thunderstorm and I remember some of the words, but I can’t remember the capitalisation nor the punctuation, nor even really the word order. It’s useless, I doubt I will ever actually get it. I also have endless boxes of tape archive that when I contemplate it, I know I don’t actually know the passwords to any more (even if I can find the software).
The point is, I never thought I would forget them so I never thought of making a note of them.
So my advice? Despite everything that grown ups will tell you, and despite everything I tend to teach normally, start making a note of your passwords. Keep them in a heavily protected storage device, and use a passphrase that you will certainly remember and use it every few days to make sure you do remember it. Make it a good one, and you’ll be fine.
Whilst you are keeping the passwords, you may as well keep copies of the software that will allow you to use the encrypted thing, the backup program you used, the weird mailer, the weird key storage utility or ssh program. In 20 or 30 years when you want to read your old mail, you may be glad of it.
Pop to http://www.truecrypt.org/ – Install that and make yourself a disk that you can keep all this stuff on, without having to worry about extra security. Hell on an encrypted disk you can even store your passwords in plain text in a text file. Keep a backup copy of that password file on another encrypted disk and tell a close friend the password to it – Don’t give them the disk but ask them to keep the password safe, this’ll cover you in the event of complete senility too as long as you remember how to use a computer. That’s all, nothing complicated, just do it, and you will thank me one day.
Now, with all that said and done – If anyone remembers the sodding password to my PGP keys, and what on earth those sheep were doing in that thunderstorm, can they please tell me? Quickly? Before I go even more mad?