There is one basic premise to password security:
The longer the better. Mix in upper-case and lower-case letters, some numbers, and some special characters (!, @, $, etc.) and you’re talking about a secure password. Unfortunately, a secure password is usually not memorable. This leads to people writing it down somewhere or heaven-forbid taping it to the bottom of their keyboard. This undoes all of your security! You are better off having a shorter, less complex password that you can memorize. This compromise is the current state of password security; memory and random characters don’t mix well. A few programs seek to change all that.
There are a number of applications that provide a secure database to store your passwords, so you’ll have your pick of the litter just searching for password database. Some commercial applications are out there amongst the freeware and open-source ones. I have been using KeePass but also tried out some others including the Pro version of PasswordVault. Despite the commercial value of PasswordVault, I did not like the interface and ran into some bugs (or bad ways of doing things) when categorizing passwords.
Simplicity in the interface is a good quality, but it detracted from the functionality and ease-of-use of the program. Instead, I prefer the KeePass interface. It is intuitive and straight-forward while all the options and relevant information that you want to enter about a password is there. You can list when the password expires, make notes, record the URL, username, and password. You can also use a great little function called Auto-Type. You can use a global keyboard shortcut or switch back to the KeePass interface, right-click and tell it to auto-type. You can configure the way it automatically enters this information by inserting more tabs, enters, or other keystrokes if they are neccesary instead of the default [username]{tab}[password]{Enter}. A big bonus of the auto-type function is that it can defeat keyloggers by not using any keystrokes. If you prefer to not use auto-type, you can also just have KeePass send the username or password to the clipboard. You then have a short amount of time to paste the entry into the form as KeePass will automatically clear the clipboard after that time passes (12 seconds, by default).
With KeePass, you only need to memorize two passwords; one to get into a computer to use KeePass and a second one to be the master password of your KeePass database. Since you no longer need to memorize the other passwords, you can use longer, more complex passwords. You can click on the little key button next to the ‘Repeat Password’ entry to get into a convenient Password Generator. Here you can set specifics about your desired password like how many characters, what letters, numbers, and special characters to use, and other details to make a very random password. You can see the exact form in the screenshot below. This will make for a very secure account. If you ever need to see a password, you can click the 000 button on the password entry to view the password in plain text for a short amount of time before it automatically obfuscates it again.
When you don’t need KeePass anymore you can lock the workspace, meaning the program is still running but the master password will need to be entered before it can be opened again. All of your password database info is stored in a single database, making it very convenient to transfer between computers or make portable using the portable version of KeePass. You can just throw the portable app and the database (*.kdbx) on a jump drive and take it with you. KeePass also has a list of plug-ins so that it can import from other password databases and other functionality like online synchronization and lots more.
KeePass might be a great solution to shared passwords. Passwords you can’t make very complex because more people need to know it are a weak point of any organization. If you set up KeePass databases with the need to know passwords and only one complex password to memorize, you would be better off. Create a USB memory stick and keep it in a secure location. Of course, the usefulness of this would depend on your organization.
Check out the open-source KeePass and see if it can make your passwords a little more secure and your memory filled with a few less random characters.