passwords

Ok, I’ve been having a debate in my head for about a week now, and so I figured I’d open it up for discussion:

Right now, I have three classifications of passwords:

"Secure" – A memorable, yet obscure base (would look random to most people) with host-specific unique data inserted within (via a mental hash function)
"Screen-door lock" – a simple mixed case alphanumeric password I reuse across multiple hosts. This is for hosts (typically, random Web sites) where it would be mildly irritating if someone had access to my account…
"Who cares" – This is for the hosts that I don’t care about yet require me to input a password. It is a completely insecure, throwaway password. It could probably be brute-forced in about 30 seconds.

I began thinking about whether or not it would be ultimately more secure to have one classification of password (really secure, pseudo random noise) and store those passwords in a single, encrypted password store behind a single "secure" password. This store would obviously be very backed up and treated as other personal data.

Clearly, this is a single point of failure, so if someone compromises my password store, everything is compromised. On the other hand, each individual password would be far less guessable…

Opinions?

grahams' completely normal random rantings

the number of the donkeys is two.

Nerdy Security Discussion