242
submitted 1 year ago by [email protected] to c/[email protected]

Not a true greentext but I hope I have captured the spirit of it. (First time I wrote smth like this, don't be harsh on me. >w<)

you are viewing a single comment's thread
view the rest of the comments
[-] [email protected] 70 points 1 year ago

Use a password manager. Won't forget passwords anymore.

[-] [email protected] 52 points 1 year ago

proceeds to generate password for each service and forget the master password

[-] [email protected] 32 points 1 year ago* (last edited 1 year ago)

just use a password-manager-password password manager for the password manager password

[-] [email protected] 4 points 1 year ago

Or use a hardware key to unlock it. And then loose that hardware key. Does keepassxc support fingerprints yet?

[-] [email protected] 17 points 1 year ago

Write it down somewhere. Just do it by hand.

[-] [email protected] 17 points 1 year ago

Yes, and the master should be a paraphrase not a password.

[-] [email protected] 8 points 1 year ago

That's just recommended to emphasize length. If your password is as long as a passphrase it's likely more secure (harder to remember though).

[-] [email protected] 7 points 1 year ago

But if the point is to remember it, then you should use the security from length of series of 5+ random words. It’s easier to remember, write down, and type. All great characteristics of a master passphrase.

[-] [email protected] 8 points 1 year ago

I don't disagree, sorry if it sounded like I did.

There's just a theoretical weakness since the base word lists are usually public knowledge and bruteforcers could (and probably already have) optimize for that.

The advantages of a passphrase outweigh though as you mentioned. An attacker would first need your repo anyway.

[-] [email protected] 6 points 1 year ago

I'm adding obscure memes and anime references to my passphrases. Good luck bruteforcing that

[-] [email protected] 1 points 1 year ago

Separating some of the words with random symbols also isn't too hard to remember and no chance that can be bruteforced.

[-] [email protected] 4 points 1 year ago

Also, you don't need to write it down correctly, if you remember what's the missing or different or fake bit. And you can write down a few decoy ones next to it. Or have it in two different places. Lots of room for obfuscation along with some good old fashioned physical security on where you store the note. And the backup note off-site, if you're that kind of person.

Hell, just make some extra decoy ones just for fun and practice.

[-] [email protected] 9 points 1 year ago

just make the password a little story you can remember, e,g. "Carl+Lenny:go2a bar&spend$$$"

[-] [email protected] 7 points 1 year ago

Hell naw, my last password was: Xé7&//sgn385d$@+îñccv72RtY¾ff°¥∆§

[-] [email protected] 4 points 1 year ago

My strategy for this is to have a second password manager available on a couple old devices, accessed with biometrics (fingerprint in this case), and only the master password saved within it.

I considered saving it within the main manager itself, since I have devices where I can use biometrics rather than password, but that feels like a bad idea.

Has definitely been a life saver

[-] [email protected] 3 points 1 year ago

Print out your recovery kit or master password and put it with your other documents (like birth certificate).

load more comments (10 replies)
this post was submitted on 05 Jun 2024
242 points (95.5% liked)

Greentext

6444 readers
1272 users here now

This is a place to share greentexts and witness the confounding life of Anon. If you're new to the Greentext community, think of it as a sort of zoo with Anon as the main attraction.

Be warned:

If you find yourself getting angry (or god forbid, agreeing) with something Anon has said, you might be doing it wrong.

founded 2 years ago
MODERATORS