[ftwinnovations]

I use a secret scheme that only I know. It works like this - I have one single long complex "base" password, which is no problem for me to remember, which has letters, numbers, caps, and symbols so all password checkers are happy. Then, for every site I change that password using my secret scheme. I won't say what mine is, but an example is that I change the 3rd character to match the 3rd character of the URL, and I add a character to the end equal to the URL's first character, but shifted right one column on the keyboard (V becomes B for example).

Basically it's one base password and one repeating scheme, that gives me a unique complex password on every site, that's easy to remember, and doesn't require any special software to maintain!

[cgriswald]

An attacker who can get two of your passwords will basically have all of your passwords, because by knowing which characters can change, they only have to attack those changes (your effective password length becomes the number of those changes). Additionally the pattern may be discernable with only two passwords, and even if not, each additional brute forced password provides additional information.

Put another way, every time you sign up for a website with a derived password, you are giving out information about your base password.

Special software doesn't reveal any information about your base password and even if the base password is acquired, the attacker still needs access to your vault to do anything about it.

[henshao]

This is how I do it. The only problem is that I thought of doing this only a few years ago, so when I go access things I haven't been on in a few years, I have to try to remember if i already changed my password or not.

[fallinghawks]

I do something very similar - a base password made unique by the URL. The pain in the behind is when you're on a site that requires a password change every X days, and you have to make up something else.

[webhat]

For passwords that change I use something similar to the Dominic mnemonic system to add a suffix to the password, this is for passwords that I really need to remember myself.