Password puzzlers and other reader concers

By Rob Pegoraro
Washington Post Staff Writer
Saturday, November 20, 2010; 6:21 PM

Every two weeks - sometimes more often - I answer readers' questions on our site. The following exchanges, edited and revised for clarity, come from Friday's Web chat.

I've written before about the pain of having to memorize too many passwords, and that topic came up early on in the hour-and-a-half session:

Q. I use the same password, either with a 1 or without, at many sites. I do know how stupid that is, but I'm also terrified of trying to keep up with a boatload of passwords. Any ideas?

A. It's okay to use simple passwords on low-value registrations - where losing your account wouldn't threaten your money, your health or your privacy. For the rest: Sorry, you need strong passwords - not one, but many, because you don't want the compromise of one account to allow a crook to roll up the rest of them.

My favorite advice about memorizing passwords comes from security expert Bruce Schneier: Write them down on a piece of paper (without clearly labeling which site goes with which password) and put that in your wallet. You know how to keep your wallet safe, and if somebody does steal it, they'll likely take the money and the credit cards and toss the rest.

Later in the chat, a reader offered his suggestions for implementing the wallet idea:

"I don't label which password goes for where; I usually put them in alphabetical order or reverse alphabetical order of institution, but I also throw in the date I changed them (1119F would be a possibility if I changed them today [Friday, Nov. 19]) and the date I will change them again (M3FECGE - 3rd Monday in February I will change them)."

Another reader suggested two ways to generate new passwords that would be somewhat easy to remember - one of which can be called autobiographical:

"I have a base password (ex: WaPoSt) and just write down the variations for each site. Like "+ff" or "zero for o, 5 for s". The list is stored in a file on the computer. Eeven if someone gets the file, they still have to figure out the base password, which is not part of the password for the computer. For PINs at banks and such, I use the phone numbers of girlfriends from high school back in the early '80s."

A third had a software fix in mind:

"For passwords, you can also use software that stores your passwords in an encrypted database so you only have to remember the one to get into the database. I particularly like 1Password on the Mac and iPhone (on which you can set levels of protection - enter a PIN to see some passwords, but enter a master password to reveal others)."

Apple's iPad figured into multiple questions - not all of which I could easily answer.

Is Apple coming up with a new version of the iPad by the first of the year?

No. I don't expect a new iPad until next spring, maybe early winter. Remember, the first one didn't debut until Easter, and Apple doesn't update its iOS devices (iPhone, iPad, iPod touch) more than about once a year. Also, it would be a serious jerk move for Apple to introduce a new iPad right after the holidays.

Another chatter concurred with that estimate but suggested other changes might be afoot, to judge from the recent appearance of discounted iPads in some stores:

"I have trouble believing a new iPad will be out early in the new year, but I do wonder about midstream changes to the storage capacity. Given that TJ Maxx and Marshalls are both pushing 16-gigabyte WiFi iPads for $399, I can't help but wonder if they're clearing the 16-GB models from the channel."

Similar questions came up about another tablet computer, Samsung's Galaxy Tab.

Have you had a chance to check out the Samsung Galaxy Tab that goes on sale this week? Your initial take?

I've only spent a little time with it - thanks to Facebook and Apple eating up the first half of this week's news cycle - but I'm not liking the Sprint model I have. It's expensive for its size, and the browser can be inexplicably slow.

After a second reader asked about the odds of its price dropping, I suggested that it should: "You look at this thing, so much smaller than an iPad, and you think '$300 or $400' - not $500 just for WiFi-only version, which has apparently been punted until after the holidays anyway. That's a serious pricing fail."

Finally, my vaguest answer came in response to a query about Amazon's Kindle:

In a chat a while ago, you mentioned to hold off buying a Kindle because a new version will be coming out. Is one forthcoming?

There has to be a new model coming - the basic design hasn't changed in a while. But I can only guess that's not happening until later in the winter or the spring.

As a general rule, you're not going to see any major gadget introductions between now and the holidays. It's too late to get hardware into stores in sufficient quantities. Sometimes companies have enough trouble in development that they can't get the thing into stores until the last minute, but that should not be the case with refinements of existing designs.

In other words: Sometimes even a guy who reports on the tech industry for a living has to hope he's not buying at the wrong time.

© 2010 The Washington Post Company