Re: @codysydney: Because, Dear Commentard.
It's basically impossible to implement the best practices with passwords without electronic assistance. We're supposed to use long passwords that don't spell anything, that are not in repeatable patterns like "qwerty," that contain upper and lowercase letters, numbers, and symbols, and are unique per site. No one short of a savant could possibly remember hundreds of strings of gobbledygook and also which sites with which each is matched.
Remembering one strong master password is a lot easier.
I use a password generator to automatically create strong passwords , which are then remembered by Firefox's password manager when I log in. If I change the password, the manager asks if I wish to update the login in the store, so changes are relatively painless. It's encrypted on the disk, so the password store is as secure as the master password. It's not perfect, but there's really no better way that I can think of. It's better than using an easily-guessed password or the same one on every site, or keeping it written down on a post-it or in plain-text in a file somewhere.
Biting the hand that feeds IT
