I did what you do until one of the accounts I had with a "shared" password actually got compromised, and then I switched to generating unique passwords for every site.
I actually have to think less about passwords now: instead of trying 1-3 passwords before figuring out which one it was I used at a particular site, I just generate using the site name, no thought involved.
Mainly, the reason for switching was the feeling of insecurity I experienced on discovering that someone else had accessed my account, even though it was an account on the non-essential list. I didn't even know what other sites were using that password, so I ended up deciding to switch passwords everywhere. A few accounts into that process, I just got fed up and decided to go back, switch strategies completely, and forget about passwords as much as I possibly could.
I wrote my generator both as a python script on the commandline and as a javascript web app I host on my domain, so I can generate passwords without access to my computer.
I actually have to think less about passwords now: instead of trying 1-3 passwords before figuring out which one it was I used at a particular site, I just generate using the site name, no thought involved.
Mainly, the reason for switching was the feeling of insecurity I experienced on discovering that someone else had accessed my account, even though it was an account on the non-essential list. I didn't even know what other sites were using that password, so I ended up deciding to switch passwords everywhere. A few accounts into that process, I just got fed up and decided to go back, switch strategies completely, and forget about passwords as much as I possibly could.
I wrote my generator both as a python script on the commandline and as a javascript web app I host on my domain, so I can generate passwords without access to my computer.