this post was submitted on 27 Oct 2023
1302 points (98.0% liked)
Memes
45666 readers
880 users here now
Rules:
- Be civil and nice.
- Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The only good passwords are those you don't know yourself because they are randomly generated and all stored in your password manager of choice.
depends on the password manager....
also, the length of the password is WAY more important than it being randomly generated as long as it's not in a password dictionary somewhere. I use 20+ character passphrases that i can easily remember everywhere for instance
My strategy is to have a persistent short passphrase that's within every password I use, and pair it with a silly bastardization of the service I have an account for. So, for example, if my passphrase were hunter2 (lol) and I had an account on Netflix, my password for Netflix might be something like hunter2NutFlex. Because of this, I can manage my own passwords in basic text as "code NutFlex" because the "code" portion is encrypted in my own fucking brain. If Netflix gets hacked, somebody has a password that only works with Netflix, and they'd need my text file as a Rosetta Stone to acquire my other passwords. Not impossible, but who the fuck am I and why would anybody dig that deep to do that to me?
I'm no IT expert, so somebody tell me if this is a stupid and overly vulnerable strategy. I thought I was pretty brilliant for coming up with this and rolling it out several years ago.
i am an IT person (wouldnt say expert) and i do this. password cracking time is based on the number of characters, not the type of char so you can do "abcdefghijk" and it will be more secure than "_a;" (both are still weak but my point stands)
all of this can be broken if you just use common passwords or plain english words since those are broken with dictionary attacks