RE: How to avoid the '500 worst passwords of all time'
I have used AnyPass Pro for several years for all my contact info: passwords, telephone numbers, etc. I have [probably] 150 passwords. The software can be password protected, so I feel reasonably safe. In addition to my computer, the software can be run on a flash drive without any special tricks needed.
For a password, I usually use two words with a numeral between them, and I change every password annually - as I encounter it after the new year. I usually use a string of 7-9 characters in a password. Sometimes, I use the "=" or "+" or another symbol as well as a numeral.
I also have a collection of logon IDs that I use, switching them around irregularly. I keep a list of these logons in AnyPass, so that I don't repeat a logon closer than three years. I make sure to never use a logon as a password [or vice versa].
