The best way of creating and hiding a password I have thought of so far:
- Take a book. Not just any book, but a book you actually own and will own until the end of your days. Like Lord of the Rings.
- Install some PGP software like GnuPG on your home-computer.
- Now open the book on a totally random page. You will find many sentences there.
- Close your eyes and use your finger to select a word.
- There are some words surrounding the word you chose. Remember these words, or go back to step 3 if they are too hard to remember.
- Take the ISBN number from the book and write it down. Also write down the number of the line you picked, the start of the first word and how many words you used. Be careful not give any indication that you are talking about a book!
- Now generate a key-pair with your PGP software. Use the words you obtained before as a passphrase.
- Take out your wallet. Pick a few random credit-cards, bank-cards, or passports.
- These will have numbers and characters on them. Pick a few numbers and characters from each card and write them down. Open a text file on you computer and think of some cryptic way to tell yourself which numbers you picked. (e.g. MC: 3-5,8 to indicate the third, fourth, fifth and eigth number on your Mastercard.)
- Now encrypt this file to yourself, and destroy the original
- Use the sequence of numbers and characters you wrote down as your password. Now burn the paper.
- Strap the piece of paper you wrote down the ISBN number for the book and all somewhere no one would look (except you, of course).
You are done. Now what if you forget the password?
No problem. Find the paper you wrote the ISBN number, line number, and word number on. Find the corresponding book. Find the words. Decrypt the file on your harddrive. Take out your wallet. Reassemble your password.
Make sure you chmod the encrypted file and your secret key properly!