1544
submitted 1 year ago by Kagathara@lemmy.ca to c/android@lemmy.world
you are viewing a single comment's thread
view the rest of the comments
[-] 001100010010@lemmy.dbzer0.com 5 points 1 year ago

I dont use password managers.

I just use a set of random words + random numbers, usually something related to the website, the time period (like major global events), maybe just the mood I'm in when I created the password.

Example: For Lemmy, I might use IslandMazeMouse0216 (I do not use the password btw, never used this before and now never will, don't try hacking me lol)

"Island" because the fediverse is like a bunch of islands, that formed together into one fediverse, "Maze" because this shit is confusing, and "Mouse" because the Lemmy logo looks like a mouse, 0216 because of June 12, the day the protest began, 0612, but reversed, but not reversing the 0, so 0 216.

Now I feel dumb for explaining, but also want to hear opinions.

But you see, it doesn't matter. Most websites have login limits so you can't really brute force the password. I just hate "password managers", if I were getting old, I'll probably just put my passwords inside a Standard Notes note, or just put it in a txt and use 7Z AES256 and upload it to a few cloud services.

For offline passwords, like a Windows Veracrypt encryption password, I use 5-8 random words with 5-7 random numbers and increasing the PIM.

For mobile, I use like 16-25 digits numerical pin, alphanumeric passwords are just too hard to type. I've been experimenting with long alphanumeric password + biometric, or a pin, and honestly idk which is better. I don't want someone accessing my phone while I'm sleeping, I might forget to turn off biometrics before I sleep.

I'm not gonna encourage everyone to do what I do, I am not a security expert, just some dude on the internet, but I just want to share how I deal with passwords. Feel free to criticize any flaws. ๐Ÿ˜…

[-] hyorvenn@lemmy.world 3 points 1 year ago

You didn't give your password but you gave your method for creating them which is not the best idea you know

[-] soloner@lemmy.world 3 points 1 year ago* (last edited 1 year ago)

I don't use the random generated passwords cuz they're hard to read. And some dumb forms disable copy/paste stuff.

I get all my passwords from usapassphrase.net, and then usually capitalize the words, separated by periods, with 69 appended to the end.

It's easy to remember or type, and it also typically works for password rules around casing, numbers, and special character inclusion. Plus 4 word passphrases tend to be a lot of characters, providing a nice long password which is good for security.

[-] ward2k@lemmy.world 2 points 1 year ago

Few critiques, not personally towards you at all but I really don't think people should follow this approach

People can have hundreds of different passwords across various sites this really isn't achievable

Human memory is terrible as well, it's not a matter of if you forget it's when

Storing in a standard notes file is absolutely terrible security, it's also extremely unusable once you have more than a couple passwords

I really suggest to people using a password manager, most of them have apps for your phone and plugins for your web browser to allow you to autofill. They also allow you to randomly generate passphrases/codes for different sites and the autofill means you never have to remember a single one whilst having extremely strong passwords

I'd recommend looking into either Bitwarden or 1Password

this post was submitted on 05 Jul 2023
1544 points (100.0% liked)

Android

28045 readers
284 users here now

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules


1. All posts must be relevant to Android devices/operating system.


2. Posts cannot be illegal or NSFW material.


3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.


4. Non-whitelisted bots will be banned.


5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.


6. Memes are not allowed to be posts, but are allowed in the comments.


7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.


8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.


Community Resources:


We are Android girls*,

In our Lemmy.world.

The back is plastic,

It's fantastic.

*Well, not just girls: people of all gender identities are welcomed here.


Our Partner Communities:

!android@lemmy.ml


founded 1 year ago
MODERATORS