So, some password expirations along with the revelation that one of the more sizeable forums had been hacked and all their usernames and passwords stolen made me finally get do what I’d meant to for a while and start using KeePass.
KeePass is a free/multi-operating system/open source program with encrypted database to maintain your passwords, and includes a password generator. Now, instead of having my three passwords (one throw away, one root, one financials) I’m basically generating a unique 20 character value for each and every site. It’s certainly more of a pain in the ass – I’ll need to start using some scripts on things instead of manually looking up and typing a password every time – but in the long term, it’s the only way to eliminate the potential of compromise between different sites.
I know some people are already better at this than me – what do you use?