The quoted passwords are md5 sums of paypalformyusername and googleformyusername
Easy to remember, and you'd have to be very determined to get the link between them even if both were compromised, but if the plain text version was compromised then it would compromise the entire system
That's the most secure system I can think of which doesn't involve remembering thousands of complex random passwords. Sure I can remember "correcthorsebatterystaple", but can I remember which 4 words for which specific site?
I have c.600 passwords in one manager. That's not even all of them - some I'm required not to write down, some I keep offline, some I choose to keep as memorable phrases. All those directly connected to ability to spend any money I keep offline (memory or paper).
I'll admit I'm probably an exceptional case but regular users must have 100 or more password after a couple of years online.
Easy to remember, and you'd have to be very determined to get the link between them even if both were compromised, but if the plain text version was compromised then it would compromise the entire system
That's the most secure system I can think of which doesn't involve remembering thousands of complex random passwords. Sure I can remember "correcthorsebatterystaple", but can I remember which 4 words for which specific site?