I'm starting to think it might be wise, if you intend to reuse your password on multiple sites, to salt it yourself. By using a form like "<site name><user name><reused password", you protect yourself from rainbow tables without making your username harder to remember.
And yes, yes, I know you shouldn't be reusing your password across different sites, or using a dictionary word anyway. And teenagers also shouldn't be drinking, doing drugs and having sex. It doesn't help anything to pretend that people are going to behave optimally.
Of course, the preposterous restrictions that websites put on passwords, like maximum password length, will make this idea harder to put into practice.
I've been doing this myself and it has worked out pretty well so far. My password is in the list of passwords released, but is uncracked and I can rest assured knowing that I did not use the same password on any other website.
A couple things to keep in mind:
1) The salt you generate should be put at the front in case the website is silently truncating the password to a certain length
2) The salt can be something more complicated than site name. I mentally calculate a fixed length salt based on the site name
3) You may want to still keep two separate "base" passwords, one for high value sites (banks, email) and one for low value sites (everything else).
And yes, yes, I know you shouldn't be reusing your password across different sites, or using a dictionary word anyway. And teenagers also shouldn't be drinking, doing drugs and having sex. It doesn't help anything to pretend that people are going to behave optimally.
Of course, the preposterous restrictions that websites put on passwords, like maximum password length, will make this idea harder to put into practice.