Having different passwords for different sites is impossible to remember. One password for all site is a security nightmare. Here is my solution to this.

I use SuperGenPass. This cool little javascript is a bookmarklet that can be run on any site you visit to generate a unique password. It uses a combination of a user provided password and the site domain name to generate a strong unique password.

One advantage is that I only need to remember one password to generate unique passwords for any site. Also, the unique password is the same throughout the domain. Another advantage is that I don’t need internet access to generate the password since the javascript is run locally rather than remotely. So I have access to my passwords even if I am not online.

There are some shortcomings as well. One quite serious issue is that it currently does not use special characters to generate passwords. Special characters in passwords make it exponentially harder to break rather than just using letters and numbers. Another problem is that certain sites have limitation on passwords; ie. no longer than 8 characters or disallow certain characters etc. This means that the generated password will need to be modified to work for the site which makes it harder for you the remember it when you revisit. This really is a site issue and not a supergenpass issue. Sites should not restrict passwords, especially strong passwords. It also seems like it is possible for a site to get access to your private password even though the javascript is run locally. You can read about that particular issue here

A combination of SuperGenPass and Lastpass is possibly the ideal solution. Run supergenpass on a site you trust to generate your password. Enter the password on the desired site and sign up. Let lastpass remember that password for future use.