What's your preferred password manager?
The one inbuilt in Firefox
I'm a iCloud Keychain user.
Trying to migrate to enPass. But don't really getting it.
>>54759910
pen and paper
KeePassX 2
>>54759910
i just use the same password for everything and tell it to my friends in case i forget it
>>54761439
I thought that was a Logitech mouse.
>>54761851
quality post famalam
That's garbage truck you dingle berry!
>>54761439
Good luck remembering secure passwords for each and every website you use without reusing any of them.
>>54759910
My brain.
My passwords consist of 4 base key words that I made up, combined randomly with 3 other sets of numbers. I use random combinations of these to form a password depending upon complexity requirements.
I often forget passwords and have to guess or reset them if there are limited attempts, but ive never had an account compromised in any way. Better than storing all my passwords and accounts in one place.
The one built into Opera.
>>54762187
good luck being a retard in life don't forget to wear your necklace with your name on it in case you forget it
>>54759910
OSX + iCloud keychain
slick as fuck
>>54759910
Why not just use one password for everything? I do this for 10 years already, works fine.
Keepass
The KDE Wallet Manager.
Dashlane
>>54759910
password1
I try to use this for as many accounts as I can
>>54759910
KeePass
>>54759910
My brain.
I use 17 different passwords of varrying degrees of security.
LastPass
>>54761362
/thread
Literally the only good one.
KeePassX.
>Doesn't use .NET shit.
>Can autotype on the browser.
>Safest database for passwords out there.
>GPL.
>>54761362
>>54761439
These are really the only options I trust.
>>54762187
It is not crucial that every last password you use be unique, so long as you are careful about WHICH passwords you reuse.
Don't reuse your banking passwords, obviously. E-mail passwords, ditto. OTOH, if, for instance, you do all of your online shopping on the same credit/debit card, you can probably get away with using the same password for all shopping sites, since having one of those cracked has the same effect as having them all cracked anyway. A better safeguard there is to not store your card data in the first place.
"Never reuse passwords" is a simplified (and simplistic) mantra created for the sake of people too thick to figure out not to reuse their bank password all over the net.
>taleo & brassring hiring sites require a different account for each employer you apply to
its like they purposely make these things as shitty as possible
KeepAssXXX for all my porn passwords, brain for everything else
>>54763054
>porn passwords
WHY.tiff
>>54762187
Haven't had a issue doing that so far... just because you can't perform a function doesn't mean others can't.
>>54759910
Keepass and it's forks (KeepassX, MacPass, the android versions etc.).
my head.
I just use phrases translated to r'lyehian
>>54762187
it's no surprise that people who outright dismiss their brain as being unable to do something like this are the same people who don't realise that the solution is actually quite simple. how about this:
1. memorise a string of required length (you can make it as complicated as possible but i'd say 10 chars min) which is either randomly generated or appears as such to anyone other than yourself. i, for one, use a few pinyin chinese words with random characters capitalised and swapped for numbers. this makes a password quite secure.
2. but what about the uniqueness? well, why not use some characters from the URL? better yet, why not take at least 2 of them, shift the alphabet independently for each one and add them randomly in your password? again, you can make this as complex as you wish.
3. ????
4. profit from your password being both secure and unique for each website/app/service you use
>password manager
Kek
Just put all your passwords on an encrypted document which is kept in an encrypted container
Alternatively just put all your passwords on an encrypted usb (make backups)
And create a super long hash write that hash on paper and there you go
>using different passwords everywhere
normal people don't do that. I understand that you would use complex and different passwords for your email account and other private services, but why would you do that on websites ?
I've been using the same password on every websites/forums I've registered in since I was 11, it's a 6-characters long password with 2 digits and no cap, I've never had a problem, and even if someone was to hack me on such a platform ... what the fuck do I care ?
>>54765450
>we're sorry, our programmer doesn't know how to use prepared statements, so your password must contain at least one capital letter, number and symbol, but only this arbitrary list of symbols, and must be between 6-10 characters
>>54765739
I hope you're not using encrypted zip files or something, because that extracts the file to plain text in your temp folder when you open it.
>>54765450
And now remember 40 of these
>>54765739
>Just put all your passwords on an encrypted document
This is literally what a password manager does, dipshit. At least a local one like keypassX.
With the upside of being quicker to use since it's got a logically ordered database instead of a .txt file or whatever.
AES-256 nigger
Encrypted something with AES-256 twice just shows how little you understand encryption
>>54762855
Fucking this.
I can't even fathom how some faggots can trust proprietary shitware like LastPass.
>>54765817
>normal people don't do that.
So? Normal people do a lot of dumb things.
>>54765964
Except you have control over its contents you dumb fuck
>>54765939
>encrypted container
>inb4 muh open sores password manager that I personally have not audited
>>54766183
>Except you have control over its contents you dumb fuck
It bewilders me how you think this isn't also true for KeypassX archives.
Here's where you say something like: Hurpadurp you haven't audited keypassX
Well have you audited the encryption software you use to encrypt your txt files? Or open them? For all you know your txt file reader might be storing all your passwords in plaintext somewhere just as a cache.
>>54761362
Pencil and paper is more practical, given how often I have to change some passwords.
>>54766183
>muh open sores password manager that I personally have not audited
who tells I haven't? keepassx core and crypto are all in all 5k lines
>>54759910
My GPG Keys + My encripted partition and the script that bings all that together.
>>54759910
My brain.
>>54762540
And that's why I got access to all your furry yiffing forums at once.
Jokes on you, I changed favourite species on your profiles to sheep
>>54762187
It's easy if you do pic related. If you need to use anything so shitty that it imposes a limit on how many characters your passphrase can have, then reevaluate your life.
>>54762881
this.
Just have a couple of randomly generated strings ( I have 8 of them) of 12 characters for each use.
You can then use whatever algo that you wish for the uniqueness.
Add to do list some small passwords, who are also random, but very easy to remember and very fast to type for things you use a lot, that don't use internet and that are there mostly to dissuade trolls with physical access to your device.
>>54767487
>Add to do list some small passwords
add to the list*
rate my password:
옹獱醨冠낛䁜ૐ痦픇蝷吺츒⿹튵琌ᚷ估寍톲ᑪ껺粗�厓鹶혖
my memory
all the cucks itt using poople.passwords, lastshit, pooppassX etc, i bet you fags leave your door unlocked too
>>54766220
Would be cracked immediately/10
Easy.
Use complicated password generated in password manager [KeyPassX not LastPass you faggot] for every "important" website (mail, bank...), which you encrypt with a unique good password made by a diceware.
Use the name of the website as password for entertainment/useless website.
So you have only one password to remember, the diceware one.
>>54767667
Enjoy the day when you forgot your password because X. You can't even audit an open-source code, faggot.
>>54767393
Dictionary attacks will render this pointless
>>54759910
https://www.passwordstore.org/
The only real patrician password manager
>>54762855
>Safest database for passwords out there.
[citation needed]
All I know about their database is that it's full of bullshit home-made crypto, rather than using something well-established like GnuPG.
>>54768112
Obviously he's suggesting to pick your own words, not use the exact phrase “correct horse battery staple” from the comic...
>>54767667
Are you fucking 12?
Remember kids, the strength of a password comes solely from the unpredictability of it.
The length is irrelevant, the alphabet is irrelevant, the language is irrelevant. In general, the password *schema* is irrelevant.
The only thing that matters is: When generating it, how many bits of random entropy were required to decide on the exact form?
Also remember that passwords need to be designed to be unpredictable on the assumption that an attacker knows your other passwords.
>>54765951
you must have missed the whole of "part 2" where i explained that you don't need to remember 40 of these, just 1. the uniqueness comes from you adding a few characters from the URL/name of the site to the ONE string that you've already memorised. take the last and first characters from WebsitE.com, shift the first back in the alphabet to V, shift the last forward to F, then your password becomes vrandomstringF. amazon.com becomes zrandomstringO. how cryptical you want to be about it is completely up to you. but surely the basic concept can't be that difficult to understand?
>>54759910
KeePass
My fucking brain; I remember all 47 passwords I have to use.
>>54761439
>>54762187
"How!m"I§supposed$To%remember&T"
pretty easy to remember(my password btw)
>>54768112
dictionary attacks work well against passwords consisting of one word and a few numbers/special characters here and there. A pass sentence with 4 words like in the comic has a complexity of (dictionary attack patterns included) [dictionary size]^4. That's an extraordinarily high number for most dictionaries, as even a small one of 1000 words will reach 1 trillion possible passwords you have to iterate over.
>>54765450
Muh nigga
All my passwords are different too
Although i didn't use pinyin
Only symbols, number, capital, non capital letter, and an old 4chan meme
>>54759910
How dare RMS make that hand gesture, doesn't he know the metal industry runs on all proprietary systems. He should be listening to GNU/Metal, and making the GNU/Devil Horns gesture
>>54768112
a dictionary attack that strings together four random words as a password attempt? I don't think you understand how dictionary attacks work.
This >>54768112 poster is the reason why the IT and cybersecurity industries are in such a sorry state.
My own brain.
