1503
submitted 1 year ago by Kagathara@lemmy.ca to c/android@lemmy.world
you are viewing a single comment's thread
view the rest of the comments
[-] FatherOfHoodoo@lemmy.world 13 points 1 year ago

I don't like to keep any security stuff in "the cloud", written down anywhere, or even on my own devices. It's too easy to lose everything after one security breach.

Instead, I use password algorithms seeded from both the service name/identifier and one or more private passwords. This lets me keep thousands of service/site unique passwords in my head just by memorizing twenty or so words.

[-] thorbot@lemmy.world 3 points 1 year ago

I thought I was the only one who did this! Most people I explain it to say I am insane, but it doesn't take that much training to get down, and I know 100% that nobody can steal my credentials unless they drill into my head.

[-] FatherOfHoodoo@lemmy.world 0 points 1 year ago

I have regular nerd-arguments about it:

"All they have to do is break two of your passwords, and they can reverse-engineer your passwords!" - Maybe, if they have a super-computer... "It's so much work" - Once. It's so much work once. Then, it's much easier than loading software or digging out a dongle every time you log into anything up until you decide to change all your algorithms... "What happens if you forget?" - What happens if you forget?

[-] M0oP0o@mander.xyz 1 points 1 year ago

For my old job I used to have to manage about 60 passwords that all had different time limits on when they needed to be changed (one was every 3 weeks and some lasted a year for example). I never used a manager because of 2 reasons; insuring my passwords on someone else's computer (aka the "cloud") is fundamentally insane and maybe more importantly the passwords are not used all on the same machine (end users server, phone, laptop, on the phone etc.).

If I did not use a similar system of "algorithms" I would go insane. Although this was on paper or in my head. I would normally use the month changed, and a cycling root password with the needed special characters in between. For example for a password changed today that required a min of 8 characters and at least one cap and special it would be "Jun" + "!&@" + "1Firstoflistpassword" if there was a limit of say max of 8 then it would not use more then the first 2 letters of the password and if no special characters permitted then the center was dropped.

[-] FatherOfHoodoo@lemmy.world 3 points 1 year ago

This is the situation I'm in. Half-a-dozen clients in the energy and automotive industries, each with multiple security regimes and short timeouts. Passwords mutate with time and I stay sane...

[-] M0oP0o@mander.xyz 2 points 1 year ago

I hated one NOC that required a 6 digit numbers only password that needed changing every month. It also could not be one used in the last year. Most pointless password ever. Keep in mind this was to reach lvl 2 to say reset a switch or whatever so I would think that there was so many people with passwords that you would have a hard time not entering a valid password.

this post was submitted on 05 Jul 2023
1503 points (98.5% liked)

Android

27907 readers
87 users here now

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules


1. All posts must be relevant to Android devices/operating system.


2. Posts cannot be illegal or NSFW material.


3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.


4. Non-whitelisted bots will be banned.


5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.


6. Memes are not allowed to be posts, but are allowed in the comments.


7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.


8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.


Community Resources:


We are Android girls*,

In our Lemmy.world.

The back is plastic,

It's fantastic.

*Well, not just girls: people of all gender identities are welcomed here.


Our Partner Communities:

!android@lemmy.ml


founded 1 year ago
MODERATORS