The Only! time my password is insecure is when i can't remember it, and the Only time that happens is when businesses interfere by prioritizing their own arbitrary rules for their own security priorities; primarily having requirements for specific characters, secondarily requiring a password change. If a password has to be written down, it's not secure and that totally defeats the purpose. I have hundreds of accounts all over the internet. Having a Memorable password creation scheme is essential, and i do have one.
If you can't choose your own password, it's not your password and you aren't being allowed to choose the level of security that actually matches or meets your needs.
the inherent dangers of security theater
Re: the inherent dangers of security theater
It's also insecure if I can guess it in a few days by a dictionary; or a brute force attack.
Use a password manager to generate unique, difficult-to-remember passwords for each website/platform.
Use your own, memorable password to protect your password manager.
This way you don't have to remember stupid passwords; and you won't re-use your passwords anywhere.
Winning all around.
KeePass is free. https://keepass.info/
-
Impenitent
- Posts: 4369
- Joined: Wed Feb 10, 2010 2:04 pm
Re: the inherent dangers of security theater
to say nothing of the y2k problem
-Imp
-Imp
Re: the inherent dangers of security theater
[quote=Skepdick post_id=582731 time=1657564704 user_id=17350]
[quote=Advocate post_id=582704 time=1657554670 user_id=15238]
The Only! time my password is insecure is when i can't remember it.
[/quote]
It's also insecure if I can guess it in a few days by a dictionary; or a brute force attack.
Use a password manager to generate unique, difficult-to-remember passwords for each website/platform.
Use your own, memorable password to protect your password manager.
This way you don't have to remember stupid passwords; and you won't re-use your passwords anywhere.
Winning all around.
KeePass is free. https://keepass.info/
[img]https://imgs.xkcd.com/comics/password_strength.png[/img]
[/quote]
Then all your security is tied up in one program that must be trusted. That's a single point of failure and doesn't solve keeping everything in your head where it's secure. The first two letters of the website name + your cat's middle initial + the number of drinks you had that one Friday = secure, without trust.
[quote=Advocate post_id=582704 time=1657554670 user_id=15238]
The Only! time my password is insecure is when i can't remember it.
[/quote]
It's also insecure if I can guess it in a few days by a dictionary; or a brute force attack.
Use a password manager to generate unique, difficult-to-remember passwords for each website/platform.
Use your own, memorable password to protect your password manager.
This way you don't have to remember stupid passwords; and you won't re-use your passwords anywhere.
Winning all around.
KeePass is free. https://keepass.info/
[img]https://imgs.xkcd.com/comics/password_strength.png[/img]
[/quote]
Then all your security is tied up in one program that must be trusted. That's a single point of failure and doesn't solve keeping everything in your head where it's secure. The first two letters of the website name + your cat's middle initial + the number of drinks you had that one Friday = secure, without trust.