68

My favorite password manager is KeypassDx. I also use proton pass. What do you use and why?

you are viewing a single comment's thread
view the rest of the comments
[-] leftzero@lemmynsfw.com -3 points 2 weeks ago

vastly more complex passwords

Complexity is practically irrelevant when compared to length when it comes to passwords. That's the point of passphrases.

do you actually expect people to remember 100+ unique phrases

You can have a small number of passphrases and simply choose one and add a word or two based on the site. It's trivial to “remember” an infinite number of unique passphrases if you've got an algorithm. 🤷‍♂️

[-] communist@lemmy.frozeninferno.xyz 3 points 2 weeks ago* (last edited 2 weeks ago)

Complexity is practically irrelevant when compared to length when it comes to passwords. That’s the point of passphrases.

are you trolling me? I can have 20,000 character long passwords with a password manager. Length is just an aspect of complexity...

You can have a small number of passphrases and simply choose one and add a word or two based on the site. It’s trivial to “remember” an infinite number of unique passphrases if you’ve got an algorithm. 🤷‍♂️

...that makes it significantly less secure and almost defeats the purpose of unique passwords, I could have 20,000 character completely unique passwords with a password manager.

[-] leftzero@lemmynsfw.com -3 points 2 weeks ago

I can have 20,000 character long passwords with a password manager

Sure. Most websites will either truncate them or outright reject them due to being too long, but sure.

Most users, however, will use the 12 to 16 characters auto-generated ones, though, which are sufficiently hard to crack (though not as much as an easy to remember passphrase, not that it matters; the easy to remember part is what matters about passphrases).

that makes it significantly less secure

No it doesn't. Even if a few of the passphrases leak, your algorithm, if well chosen, shouldn't be easy to reverse engineer... and unless someone is specifically targeting you (and has access to enough of your passphrases) there's much easier fish to catch; if a leaked passphrase doesn't work in other sites, no one will waste time trying to figure out if it has some logic to it.

I could have 20,000 character completely unique passwords with a password manager

No you couldn't. You'd have one password and one password manager (which would have all “your” other passwords; as would anyone else with access to your password manager).

Until you lose access to your password manager, of course... which is bound to eventually happen, due to hardware or software issues or loss of the device if it's local, or due to network issues, the provider discontinuing the service, or inevitable enshittification if it's online.

And, of course, you'll have a single point of attack from which your password can be leaked (or sold, if it's an online service) or stolen.

[-] communist@lemmy.frozeninferno.xyz 3 points 2 weeks ago* (last edited 2 weeks ago)

Until you lose access to your password manager, of course… which is bound to eventually happen, due to hardware or software issues or loss of the device if it’s local, or due to network issues, the provider discontinuing the service, or inevitable enshittification if it’s online.

It has never happened to me and is absolutely not bound to happen, especially if it's local and backed up...

I'd rather remember one REALLY secure password than 100+ bad ones.

this post was submitted on 16 Oct 2024
68 points (95.9% liked)

Android

27842 readers
299 users here now

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules


1. All posts must be relevant to Android devices/operating system.


2. Posts cannot be illegal or NSFW material.


3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.


4. Non-whitelisted bots will be banned.


5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.


6. Memes are not allowed to be posts, but are allowed in the comments.


7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.


8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.


Community Resources:


We are Android girls*,

In our Lemmy.world.

The back is plastic,

It's fantastic.

*Well, not just girls: people of all gender identities are welcomed here.


Our Partner Communities:

!android@lemmy.ml


founded 1 year ago
MODERATORS