2022-11-03 at 1:41 AM UTC
AngryOnion
Big Wig
[the nightly self-effacing broadsheet]
Who uses them and why?
I believe I need one at this point- this shit is just out of FUCKING control.
16 digit bullshit and special upper and lower case letters and numbers fuck this shit I'm out.
Next thing you know they will want a personal NFT or some shit.
2022-11-03 at 1:57 AM UTC
16 digit upper/lower case plus special character, preferably scrambled as in randomized is pretty good password policy. If i ran systems in an enterprise setting i would force workstation level users to use a similar policy just to get permission jailed user session going. Gotta log into anything else? 2 factor auth with a time based/HMAC one time key, every time.
An inescapable problem with saving passwords even in encrypted form is that when your master password gets popped you're basically fucked.
Password managers automate password generation, and will remember the passwords for you and even store them securely. But you'll probably have a master password you ought to make hard to crack and that one you need to store in your brain.
The following users say it would be alright if the author of this
post didn't die in a fire!
2022-11-03 at 2:08 AM UTC
AngryOnion
Big Wig
[the nightly self-effacing broadsheet]
Ya I know tonight I had to come up with three passwords for one company log in bullshit.
One for punching in one for training and one for workday bullshit.
This shit is just not manageable.
And this was just for a new part time job WTF?
I also have to keep track of my other jobs login bullshit to.
2022-11-03 at 2:16 AM UTC
I keep mine in a little lamb notebook and pick things from random books I read a decade ago or quirky things my hs teachers used to say.
2022-11-03 at 2:26 AM UTC
aldra
JIDF Controlled Opposition
I don't really like them but in practical terms there's really no reason not to use one.
For personal use I don't like the idea of having to rely on a device, but given how many secure passwords you have to remember (especially if you work in IT or run services) it becomes necessary to store them somehow.
As a sysadmin it beats having retards write them down and stick them to the monitor or some shit... in theory... but they often just end up writing the password manager's key down and stocking it to their monitor
2022-11-03 at 2:27 AM UTC
Originally posted by Kafka
I keep mine
As a rule you don't want to share how you do passwords. All the information about how you structure passwords can be used to configure something called a mutator. A mutator will take a long list of words and change each word according to a set of rules/patterns i give it. The more i know about your passwords the better the rules will be; increasing my chances of cracking your password.
The following users say it would be alright if the author of this
post didn't die in a fire!
2022-11-03 at 2:34 AM UTC
You need to have it hashed and salted at the very least.
2022-11-03 at 2:40 AM UTC
aldra
JIDF Controlled Opposition
yeah, but when you're using keys to protect keys one of them will eventually have to be stored plain and I couldn't memorize a 32 char mix of upper, lower, symbols and numbers.
I guess I could've stored it on a usb stick or something but didn't want to risk losing it
2022-11-03 at 2:40 AM UTC
The best way is don't log in at all. Click "Reset My Password" instead, you receive a temp password. Then you log in with the temp password. Then the next time you come, click the "Reset My Password" button again. Repeat as required. You never have to remember your password.
2022-11-03 at 2:44 AM UTC
It’s actually the simpler passwords I forget, I’d make more of an effort to remember the long ones.
2022-11-03 at 2:49 AM UTC
I remember those Totse threads where someone would make a thread with the title POST YOUR PASSWORD AND IT WILL DISAPPEAR, then people would post their password to try it and get their account pinched. Pretty funny that people are that stupid.
