196

17504 readers

511 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

Other rules

Behavior rules:

No bigotry (transphobia, racism, etc…)
No genocide denial
No support for authoritarian behaviour (incl. Tankies)
No namecalling
Accounts from lemmygrad.ml, threads.net, or hexbear.net are held to higher standards
Other things seen as cleary bad

Posting rules:

No AI generated content (DALL-E etc…)
No advertisements
No gore / violence
Mutual aid posts are not allowed

NSFW: NSFW content is permitted but it must be tagged and have content warnings. Anything that doesn't adhere to this will be removed. Content warnings should be added like: [penis], [explicit description of sex]. Non-sexualized breasts of any gender are not considered inappropriate and therefore do not need to be blurred/tagged.

If you have any questions, feel free to contact us on our matrix channel or email.

Other 196's:

founded 2 years ago

MODERATORS

[email protected]

strong password rule (sopuli.xyz)

submitted 7 months ago by [email protected] to c/[email protected]

6 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 7 months ago* (last edited 7 months ago) (1 children)

Until you get hit with a dictionary attack.

As I explained to the other one, no dictionary attack will happen upon that exact combination of words any faster than the keyboard mashing preceding it.

Using a COMMON word or a COMMON phrase would leave you vulnerable, sure, but no prediction process is going to happen on the exact combination.

Hell, add a word or two to "SaltyIceteaMaker" and it would make an extremely secure pass phrase. For something without that string in the user id, of course 😁

[–] [email protected] 1 points 7 months ago (1 children)

The main advantage of a password manager is that you can have a different password for each account. Which means in case of a leak you won't be in risk of losing other accounts.

And I don't think I want to remember 300 pass phrases with different words.

[–] [email protected] 0 points 7 months ago* (last edited 7 months ago) (1 children)

The main advantage of a password manager is that you can have a different password for each account. Which means in case of a leak you won't be in risk of losing other accounts

Except it's the opposite: if someone gets the master password for your password manager, that's all of them.

And I don't think I want to remember 300 pass phrases with different words.

~~That's another advantage of the pass phrase over the easily remembered password: repeating an uncrackable passphrase doesn't pose the risk that repeating a guessable password.~~

~~You can use RentMauriceHouseHurryNow for all your accounts and they'll all be safer than a billion different strings protected by a single guessable master password.~~

Especially if you're not in the tiny minority of people who actually knows a Maurice who isn't called The Space Cowboy by some people.

[–] [email protected] 1 points 7 months ago

Using the same password (no matter how secure it is) for all accounts is a bad idea.

Assuming you have at least 20 accounts with sensible data, and you don't even remember that 5 of them exist.

Now shittywebsite.xy gets hacked and all data is unencrypted and unhashed.

So now [email protected] with yourSecu4ePassPhrase is leaked.

You now quickly try to change the password on 15 accounts with the same email and password. But you forgot the 5 accounts you made years ago. Now after some time hackers login into the the old accounts and get your credit card info or whatever.

Great idea!

Yes my password manager is a single point of failure, but it is one I personally control and have the view over.