1. Be civil
No trolling, bigotry or other insulting / annoying behaviour
2. No politics
This is non-politics community. For political memes please go to !politicalmemes@lemmy.world
3. No recent reposts
Check for reposts when posting a meme, you can only repost after 1 month
4. No bots
No bots without the express approval of the mods or the admins
5. No Spam/Ads
No advertisements or spam. This is an instance rule and the only way to live.
A collection of some classic Lemmy memes for your enjoyment
Here's what you do: Generate long random string, for example: P5edM5Ce0SGE0rOr9k&#T*wG@d$og^qyBTk2@%dmO@2akbm!b^5^p!bH8w7Ei7gPSIR^1Er&hab3ae@0odk3h76Ka48kYtXrsburM$7rf^vPRwXz1s5guO&$PZz3@w
Memorize it.
For each site just choose a number and select 16 characters starting at this number.
Remember which page users what number. E.g. google = 32 -> &#T*wG@d$og^qyBTk2
Done. You don't have to remember any more passwords for the rest of your life.
I just started merging 3 common passwords I use through my life in chronological order. It's a 32 letter behemoth with lowercase, uppercase, numbers, and symbols. All in random patterns.
The middle password is one that I started using 2 years ago when I wanted a new password for my new OS installation called FreeBSD at the time. It had numbers and symbols but also "Frbsd" to stand for that name.
Now when I am signing up to a new service I change that portion in the middle of the 32 letter password so "...Frbsd..." becomes "...Gthb..." or "...Dscrd..." etc.
This way even if someone finds my password for gml it won't work for others either.
Who TF isn’t using a password manager in 2025? Like how would you even function?
My employer, a fortune 500, blocks password managers and all other add-ons.
When will he be hacked.... Let's place bets everyone!
Federal and State jobs you can’t use password managers.
Yeah idk about that. I've worked in state govt for a very long time and our cybersecurity controls essentially mandates we use one. I'm also in our security audit team and have to talk to state offices about our NIST controls regularly. And the NIST DOD controls are even more stringent than ours. Something sounds off.
My federal job came with one pre-installed.
Depends on your clearance level/what you have access to.
Okay so remember the one or two ones you need there (try a passphrase!)
For everything else - password manager.
Federal I had about 15 passwords. The State job I had about half that.
Yep.
I use pass phrases filtered through a mess of cyber chef.
Get a password manager. It's a lot more secure and easier to only have to remember one strong main password and have the rest randomly generated
^ I love Bitwarden
I enjoy self hosting it
(Rather vaultwarden)
KeePassXC, donor, and I sync it with my (self-hosted) SyncThing server.
FWIW, LastPass is bullshit. DYOR, and stay safe, citizens!
Also, it could be taken as a positive that BitWarden is the example Wikipedia uses to define password strength. 🤌🏼
Randomly generate your master password too. It takes a bit to memorize, but becomes muscle memory pretty quickly. And since random passwords have the highest possible entropy per character you can use a shortish one, which allows for fast typing while still being impossible to brute force (I use 16 chars).
There's a xkcd for that of course! Linking directly to the explain as it has more info but the important thing is: password guidelines tricked humans into thinking in a machine way about safe passwords but long pass phrases are more secure from an entropy point of view and way easier to remember!
https://www.explainxkcd.com/wiki/index.php/936:_Password_Strength
Once you forget it, you lose everything
TheDoctor&CaptainJack
16 characters and a cap
Huh, I only see ****************
BatmanSupermanSpidermanCaptainAmerica@2025
Just 4 characters are enough. And it includes Cap.
i just use hunter2 for everything
Why would your password be *******? That seems terribly insecure.
nobody else can see it when I type it.
God, the tears rolling down my face laughing the first time I read that.
I just checked my password manager vault and I currently have 311 passwords stored there.
594 for me
I have nearly 800. I think I need to do some cleaning.
I have 401 entries, but only 384 unique passwords.
Hmm. Most of these are junk from job applications that I really should put in a trash category. I'm so glad all those places don't share a password with something important. I think.
It's not so bad once you develop a system.
And as a bonus, when a few of them leak, hackers will have a little puzzle to solve. Hackers love puzzles.
Buttliquor007!
Done.
Haha! Now I have access to your blockbuster account! You Fool!
Why do you owe $322 in late fees for the movie Waterworld with Kevin Costner?
I...admitted I had a Costner addiction in the mid 90s...but these "Block Busters" kept me locked up for years! Is it all water out there?!
Why not??
We upped our passwords to sixteen chars last fall. Also, it’s UPPER lower digit and special-char. And we only require changing every twelve months when it used to be much more.
Only 16 characters?
I was on the internet early enough that I had a four character, all lower case password to my emails and it never complained once.
What? No punctuation marks? Special characters like !@#$%^&*()_+?
I got a "we've had customers accounts breached, please update your password" email the other day.
They specifically called out you can't use # in your password, and it's been bugging me why that is. What part if their system let's in other special characters but # is off limits?
Now that I’m thinking about this it’s bugging me too. If they are passing it to shell scripts maybe it’s interpreted as a comment? Some databases like Oracle use # to separate schema prefix from schema user and table name in a query? But none of those would really make sense here 🤷
EDIT they are storing it in plain text, with other values using # as a delimiter? lol
I considered database stuff, but my password shouldn't go anywhere near the database!
If they are storing it as plain text in this day and age, then there is no hope for the human race 🤦
"Shouldn't" and "won't" are too very different words. There are plenty of shitty programmers out there, and they tend to band together. And now you have vibe coders on top.