post your password manager ITT
>>53668440
>he bought a 4chan pass
>>53668446
I think I'll need my third one this month
captchas are annoying, sue me
>>53668440
>>53668446
>doing free shifts for google image recognition
>>53668440
https://dheera.net/projects/blur
No wonder you need a password manager, retard.
>>53668485
>>53668440
What happens if you loose access to your password manager?
>>53668480
>giving Hiroshima Nagasaki yen
>>53668440
>skype
>>53668627
I make it all over again
>>53668627
You restore from a backup
>>53668627
Not him but I'm going to make an email address that is two factor auth and not linked to any devices or signed up to any services in which I will dump a copy of my database so that I can get it no matter where I am, no matter what happens.
>>53668440
Die little bastard.
>>53668440
>>53668440
plaintext.txt
>>53669072
yeah yeah, brain never fails
I have one 10 character password and I do keyboard shifts and concatenations based on whatever website I'm on.
>>53669116
I do something similar
one complex password memorized
first character is the first character of the website
>>53669097
yeah yeah, technology never fails
>>53669116
>>53669155
As soon as somebody figures out your password scheme, they now have access to all of your accounts.
Good job on coming up with a password that's nearly as bad as ‘12345’.
>>53669179
but how would they? and it's not like I have any friends or much to lose so who cares
>>53669196
>but how would they?
Password databases get leaked all the time.
By re-using the same password / easily predictable password scheme one very single website, you are reducing the security of ALL your accounts to that of the lowest common denominator.
Remember, websites exist that insert your password plaintext into an SQL database (and also do not guard against injections). Are you really trusting them with the security of all your accounts?
The only way to gain security in a password is from basing its generation on a on random process. The more bits of entropy flow into the password, the more secure it is.
By re-using the same complex password for every site, plus a deterministic mutation thereof (which has no random elements), you have literally made a password scheme that has zero entropy.
>>53669179
Once someone gusses the password to your password manager,they have access to all your accounts.
Its not hard to make passwords,just remember your shit
>>53669116
>>53669155
>>53669179
>>53669196
>not memorizing simple passwords and permuting them into complex strings to be used as the actual password, rearranging them for different websites
There's a difference between "password" and "12345password420blazeit4yy1m40"
>>53669240
>Once someone gusses the password to your password manager,they have access to all your accounts.
1. They would need access to my password database to begin with. (Hint: I don't store it in the cloud)
2. My master password is virtually impossible to crack. They would have to steal it from a side channel attack.
>>53668440
>>53669244
How secure a password is has nothing to do with how long or obscure it looks.
How secure a password is almost directly dependent on how many bits of random entropy you consulted during its generation.
“password” is not a secure password because it's extremely predictable. Almost no randomness went into its creation.
“12345password420blazeit4yy1m40” is a combination of two almost zero-entropy passwords, and two online phrases (of which there are maybe a few thousand at best).
It contains maybe a handful of bits of entropy, but it won't last much longer than a few minutes against an attacker with a sufficiently advanced cracking program.
>>53669259
>Hint no one is perfectly protected unless it is a selcuded termial with no outside access
>Hint it dosent need to be the cloud to get access
>not knowing heartbeat
>not knowing openssl breaks
>not knowing windows help chat excploit
>not knowing linux X11 backspace expoit
Who says your dev of your programs does not go rogue before he dumps the project?
You could even have a rootkit or a keylogger
You just dont know
>IMPOSSIBLE TO CRACK
That shows your ineptabilty in the school of cryptography
>>53668480
>not putting nigger in all fields
>>53669304
it was just an example to illustrate having a long permuated password, again not an actual password or a good password
obviously the key is randomize it by personalizing it (without using obvious things like birthdays and such)
>>53669240
You can combine the two, you know. Just make up a phrase add some caps and substitutions and such:
>D0n't D00dl3 D0nk3y D1cks D41ly
Now you have a password that is easy to remember, but hard for people or computers to guess. Just slap that in your password manager and let the password manager come up with complex random passwords for everything else.
>>53669317
Come on then master cryptographer, tell me my master password.
>implying I use shitty software
I run Gentoo Hardened with PaX, strict SELinux policy, FDE+TRESOR and I access the internet through several encrypted VPNs that I sign up to with throwaway accounts and rotate through.
I'm not even joking. Come at me.
>>53669359
I guess.
I bet you'd let your mother/gf/father in.
I could pay then to put a flash drive in the back.
Steal your crypttab,
You seem to fail to notice the Rubber Hose Theorem
Throw all the algorithums
Paying a thug to break in your house and slap you with a rubber hose till you give it,its easy as shit.Where are your nukes then?
>>53669345
>obviously the key is randomize it by personalizing it (without using obvious things like birthdays and such)
Personalization is not random. Your personal data is literally predictable. What you meant is randomization. (You don't need a new word for ‘randomization’)
One of the easiest ways to generate random but memorable passwords is to use random words: (e.g. Diceware passwords)curl https://0x0.st/KnO.txt | shuf | head -n 5
>>53669359
How are you browsing this page then?
Xorg is bloated and big as shit,alot of holes there.Wayland is just shit with not enough dev testing,shit could go there.
Are you saying those are shitty software?
Show me another implentation that is still developed on the scope of them.
>>53669415
Not him but how are any of these arguments against password managers when rubber hose works on any password?
People arguing that it's better to memorize every password instead of using a central password manager seem to only ever present arguments that would crack both category of passwords easily either way (e.g. side channel attacks, trojans, rubber hose, evil maids or whatever).
>>53669240
>>53669244
Easy to bruteforce with dictionaries also keylogger.
>>53669418
Nah, I meant what I meant.
I used snippets of my old job's company given usernames and passwords (even added things like what floor I worked at, workstation number, etc.) to other places. Any first glance and it would look entirely random, but means a lot to me to make it absolutely unforgettable.
Granted, the company might have randomly-generated them from the go but still.
>>53669449
Have a random bullshit password that you will NEVER remember when you can lose your password manager vs remembering your password
They are looking for ONE password,oh you gave it to them ALL your passwords are gone to shit
>>53669452
Provide an example or stfu.
>>53669448
>How are you browsing this page then?
Firefox inside a container/jail.
>Xorg is bloated and big as shit
I'm aware, so I use Xephyr and X11 policies to restrict access (so e.g. firefox can't get keystrokes directed towards gpg-pinentry).
>Are you saying those are shitty software?
All software is shit, actually
>he doesn't memorise his passwords
lmao
>>53669485
If they install a trojan, bad hardware or RE then they will also get all of your passwords whether they care about the rest or not.
Only time that would ever make a difference is if you're literally being pressured into revealing the password, because then you're only revealing the one they're asking for.
Technically, in that hypothetical case you could also just offer to give them the password they're asking for (by opening up your password manager).
>>53669517
>xephyr/jails/chroots are not abolute
>>53669571
>they're asking for
KEKEKEKKEKEKEKEKEKEKEKEKEEEEEEEK
"no sir,we are elequent genetlemen,we will not return to our boss and give him access to your entire internet database for further blackmail,we would never do that sir"
pass + gpg
https://www.passwordstore.org/
>>53668627
I keep printouts in a safe.
>>53669696
>being so forgetful to put printouts of passwords in a safe
>concerned of forgetting the safe's combination
>put printout of safe's combination into another safe
>ad infinitum
This is what password manager cucks believe
>>53669498
Example of what dictionaries or keylogger?
>>53669747
Show me any instance of a 64+ alphanumeric password being cracked with a bruteforce attack.
>>53668440
>4chan pass
>Apple
>Skype
>Battle.net
What the fuck, nigger?
>>53668627
You use the forgot password feature on the site you are trying to access.
>>53669097
If your brain fails, you have bigger issues than forgetting your passwords
>>53668440
Did you add all the icons manually?
>>53669638
Then what's your point? If they're going to extract everything they want to, lack of a password manager isn't somehow going to make it harder.
Also,
>you shouldn't use a password manager because it's bad if somebody comes to your house and tortures you for access to your facebook account
Grow up, nobody is going to do this to you throughout the course of your insignificant life.
>>53669782
I just cracked this password:uaxO1SYBId8w9yI5ukIJpEcbK7Z6KpqAtuvo4XUxs14ogjOdeiCzpr6uuN98QYpWKRjMPyt9l1PwI7cWHppdbPx1NMe1W8yHqoc6
>>53670016
God you're dense.
>They want password Z.
>You have a password manger,OPEN ALL PASSWORDS.EXPORT TO DISK
>brain
>"oh here you go i am complying with you and am not resisting in any manor"
Christ
>>53670033
>i
>not having password already in ram when generating it
KEK
Show me on quantifiable instance where brutforcing a 64+ alphanumeric password occured,without the FUD of 'BIG ENCRYPTION'
>>53670141
God you're dense.
>They want all your passwords.
>WRITE DOWN ALL YOUR PASSWORDS
>brain
>"oh here you go i am complying with you and am not resisting in any manor"
>>53670173
'YOUR PASSWORD MANAGER SAYS YOU HAVE 54 PASSWORDS BUT ON THIS TABLET YOU ONLY HAVE 45 *CRACK**FALL* GIVE ME THE REST'
*DOOR BUST*
GIVE ME YOUR PASSWORD FAGGOT BOSS NEEDS IT
'HERE YOU GO FINE SIRS'
>>53670224
>YOUR BROWSER HISTORY SAYS YOU VISIT WEBSITE X BUT YOU HAVEN'T WRITTEN DOWN YOUR PASSWORd
Jesus fucking christ dude just make up your mind. Two scenarios:
1. They only care about password X
2. They care about all your passwords
Having a password manager or not isn't going to change the outcome. Either they get password X and don't care about the rest, or they get all your passwords.
Pick one scenario and stick with it.
>>53670254
>YOUR BROWSER ALREADY DOSENT KEEP THESE THINGS STORE,BECAUSE WE ARE INTELLIGENT CRYPTOLOGIST ARENT WE?
Your logic is heavily flawed.
They dont even know of the other passwords.Hell you might only ever have one you use for everything. But no one knows this.
>>53669240
They also need the db and key file.
>>53670281
>Your logic is heavily flawed.
Says the one whose argument is based on the premise that a terrorist cell will want your facebook password.
>They dont even know of the other passwords.
If they have access to your machine (and they need it in case they want your password manager), of course they do.
[phrase and number]+service name
What kind of fucking retarded cunt uses a password manager?
>4chan pass
>WoW
Not too surprised.
>>53668643
>Believing the lies and libel 8ch shills spread about Nagasaki.
>>53669638
>xephyr/jails/chroots are not abolute
Your life is more likely to be negatively affected by you forgetting a password to one of your hundreds of signed up services than it is to be negatively affected by exploits that break out of jails.
Context, people, context. If the data you're protecting is not sensitive enough to get dozens of terrorist groups interested in abducting your for it, there's no point in sacrificing convenience for the sake of misguided “security”.
(Not that abstaining from a password manager would help you in the slightest even in the even that DOES happen)
>mfw when all of my passwords are the same thing with little variations like a special character or capital
No risk no reward
>>53670281
>They dont even know of the other passwords.
Nor would they (necessarily) for a password manager. You can use code-names for the service names.
e.g. insert ofpass generate Facebookyou can usepass generate Amigo(I just randomly picked that word out of a dictionary).
Now you just have to remember that Amigo means Facebook, which is not hard to do. Even if your db gets leaked, an attacker would need prior knowledge of the existence of your Facebook account (and its user name) to even be able to *attempt* trying out the ‘Amigo’ password on facebook.
Best of both worlds, you still get your 100-character securely generated random per-service passwords, but you can still hide your identity from drive-by attacks in case your password db gets leaked.
(Apart from buying you enough time to change all of the important passwords)
Plus, for lesser-used services and throwaway accounts you can just use the actual service name because nobody cares about them either way.
>>53669834
If you lost all your backups, you have bigger issues than forgetting your passwords, like you're on the run from every government on the planet or you're terminally retarded.
>>53669270
hope that's encrypted as fuck
>>53670484
Why?
Who's going to access it?
>that one anon against password managers
what's your story? Indian or teenager?
>>53670517
Given his piss poor grammar and writing style, probably Indian.
>>53670496
Me.
How's it going, Jeff?
>>53670534
>Jeff
Nope, try again. Maybe you'll get it right within the next 1,000 guessed names?
>>53670544
How's it going, David?
>>53670555
You're not even guessing in the right language. This might take a while...
>>53670559
How's it going, Sandip?
Are word passwords in a foreign language with few speakers safer from dictionary attacks?
>>53670590
>Implying I'm a filthy disgusting pooskin
Wrong race faggot
>>53670618
How's it going, Jesus?
>>53670601
Yes, but only slightly.
I have a word list that's based on every single word occurring on wikipedia in all languages. If it exists as a word, it's probably included.
Scanning it still doesn't take too long. A single word is NEVER enough. Use 5 or more.
>>53670636
What about cases genders and plurals? That can shift the last few letters of each word
My madter password for my keepass database has 6 words
>>53670678
When I say “every word that appears on wikipedia in any language”, I really mean it. If the specific sequence of characters occurs on wikipedia, it's in the list.
It's still only about 60 million words (~200 MB), which if you can guess 1,000 passwords per second (absolute worst case scenario) takes about 16 hours.
For something simple like MD5 or SHA1 you can easily check millions of passwords per second, meaning you can scan the data in under a minute.
>>53669452
Well a key logger is fucking up anyone's password no matter what it is. A dictionary brute force is going to take thousands of years to crack a password like that too. Especially if there is a random keyboard shift on the characters and extra characters are added based on the website the password is for.
>>53670820
>A dictionary brute force is going to take thousands of years to crack a password like that too.
Depending on the method, you mean “longer than the lifetime of the universe”.
>Especially if there is a random keyboard shift on the characters and extra characters are added based on the website the password is for.
....aand, you just ruined it. The most secure password in the world isn't going to help you if you re-use it.
Good job breaking it. This is why people are terrible at passwords..
>>53670847
It shouldn't matter if it's reused if there is random shifting.
If I turn random horse battery into elbsin gieaw vlrrwet, a dictionary attack isn't helping you unless you know ahead of time how I'm mapping characters and shifting them. Let's say I do keyboard shifts according to website title of the last website i visited before signing up for whatever website im on now, and then concatenate information to the password based on the website I'm signing up for, like the first and last characters of the title are added to the end of my password.
You would never be able to guess my password unless you had access to my browser history and knew my shifting mechanism. Meanwhile on my end, all I need to remember is the number I associated with my new account for keyboard mapping, and the base password and I can algorithmically recreate my password no problem no matter what website I'm on.
>>53670958
>It shouldn't matter if it's reused if there is random shifting.
The only way this is true is if the random shifting you introduce contains as much entropy as the original password to begin with.
But if that's the case, you might as well just generate a new password.
>If I turn random horse battery into elbsin gieaw vlrrwet, a dictionary attack isn't helping you unless you know ahead of time how I'm mapping characters and shifting them.
Real-world dictionarys are based on leaked passwords from big websites.
The moment your faggot password shows up in one of the leaks, no amount of randomized characters is going to help you.
Password reuse is the reason people's accounts get hacked, NOT brute forcing.
Trust me, I've broken into plenty of people's facebook accounts, paypals, email addresses etc. before and EVERY single time, it was because I got their username and password from an unrelated database leak.
>>53671020
Like try these for example[email protected]:t211212
[email protected]:t211212
[email protected]:tobias
[email protected]:schunk
[email protected]:GmD5.5.S
[email protected]:1710arik
[email protected]:fraggle
[email protected]:masterbroker
[email protected]:crankvaried
[email protected]:solar1
[email protected]:210602
[email protected]:moi221271
[email protected]:eselpark
[email protected]:Semitone
[email protected]:bonaire
[email protected]:replikant1
[email protected]:openopen0
[email protected]:rebecca
[email protected]:lewisbauer
[email protected]:ge1077346
[email protected]:beaugosse
[email protected]:loveis
[email protected]:love34
[email protected]:greco01
[email protected]:1958
They'll probably work.
>>53671020
The thing is that I never actually use the base password and there is no reuse as far as sites on the Web are concerned. I'm getting strings of variable length with chars ordered such that they look like they came out of a random number generator. You keep saying 'blah blah blah my dictionary hack can brute force this' but you're not proving anything. Now explain to me seriously how a dictionary attack of saved words is going to help you generate my passwords across various websites.
>>53668485
My gmail is:
First letter is 'j'
there's a 'y' second letter to the end
two 'l's in the middle
Do your worst. If you actually manage to email me, I'll send you 0.2BTC, swear to God.
>>53671101
I did a grep. 187 passwords matching '^j.*ll.*y.@gmail' in just the first file.
I'm not going to e-mail all of these. Any more specific than that?
>>53671091
>Now explain to me seriously how a dictionary attack of saved words is going to help you generate my passwords across various websites.
It depends on whether or not I'm interested in you personally or not.
If I'm not interested in you personally but just looking for low-hanging fruit / drive by attacks, I'll probably just try accounts like >>53671058 and ignore the ones that don't work.
If I *am* interested in you personally, then you have to assume I'm looking at maybe 2 or 3 of your passwords and using cryptanalysis to try and figure out if there's any relationship between them.
If there's a simple mixing scheme you can come up with, then there's a cryptographer that knows about it and can easily break it.
Like I said - the more your reused passwords have in common, the easier it is to correlate them. To re-gain the full security of the original password, you have to use a mixing process that adds enough entropy as just generating a new password would be.
No matter how powerful your mixing process is, it's somewhere between those two extremes in that scale. The matter of fact is, by reusing passwords you are weakening them. End of story.
Besides, the alternative is both easier and more secure: Just use a password manager and completely random passwords. That way database leaks will just show complete gibberish that has absolutely nothing to do with the words you are actually remembering.
If somebody has access to your password database and enough computing power to crack it, you are in some far, far deeper shit either way.
>>53668440
My brain, Grandma. Write them on a sticky pad, why don't you?
>>53671136
nice fancy terminology bro
>>53671108
>Storing password in a text file
>>53671108
I know your IP!
>>53668440
My password manager is me.
>>53668731
/thread
>>53670958
>elbsin gieaw vlrrwet
I can tell from 50 feet away that this is just based on replacing individual characters in a consistent manner.
Now I just need to tune my password cracker to only scan combinations of words that match exactly this pattern and -- oh look, I've already cracked it:
>>53670618
How's the weather where you're at, Hatshepsut?
>>53671402
>radium nurse battery
this is now my password
>>53671211
I tried a guess based on the shape of the characters, maybe it'sJrellieye@?
If the cops ask me for my Facebook password and I am legally required to give it to them would I have to give them access to my password manager? Or could I just truthfully say that I don't know it?
>>53671136
Not going to be any more specific. My main point is that you won't get my email address from the image + deconstructing the blur, even with hints. I'm not kidding, though, I will genuinely send you .2BTC if you do manage to email me. If there's a trusted method of holding me to my word, let me know and I'll put up the money.
>>53671645
Why would they need your Facebook password? They can just get access to your account through the company.
>>53671677
It s just an example, could be a password to anything.
>>53671651
>My main point is that you won't get my email address from the image + deconstructing the blur, even with hints.
If I had to seriously attempt something like this, I would probably try:
1. Guessing the blur radius based on comparing the font size in the rest of the image with the feature size of the blurred one
2. Subsampling the image based on this blur image
3. Applying the technique from http://www.wisdom.weizmann.ac.il/~vision/SingleImageSR.html
See pic related for an example of just how well they can guess letters using little information.
Also, even some simple analysis can clue me in to the approximate shape of your e-mail (cont)
>>53671702
>Also, even some simple analysis can clue me in to the approximate shape of your e-mail (cont)
Pic of what I mean. Based on this alone I could pick a likely length and possible characters for every slot, then do a brute force mass-email.
I also see that you re-used the google login on Facebook and Discord.
Either way, I'm too lazy to go any further.
>>53671695
Just use your password manager to retrieve the password. They don't need access to your password manager.
>>53671726
>Based on this alone I could pick a likely length
It might be something like this:
Jaallaayi@
where ‘a’ and ‘i’ are stand-ins for something of approximately that size
>>53671770
>>53671726
I guess pic related are all the same?
>>53671702
See also: http://www-rohan.sdsu.edu/~aty/bibliog/latex/scan/blur.html
How do these things work? Do you have to copy-past your passwords into the browser or do they do that automatically?
>>53671968
Copy paste, yes.
And yes that does mean if you have some malware or keylogger on your system they'll get the passwords you copy paste, but of course it also means that they'll get any passwords you type, so there's no real difference.
>>53672058
Sounds like a pain in the ass.
>>53672067
Not really.
>>53671908
https://www.imagemagick.org/Usage/fourier/
https://www.imagemagick.org/Usage/fourier/fft_math/
This is actually pretty fucking cool. I'm glad you took me down this rabbit hole.
>>53672067
It's really not. You do it once per site unless you clear your cookies/logout.
There are also plugins that let you auto-login, but they're more trouble than they're worth.
Windows and Linux also have auto-type, so it can type your password and username for you if you want.
>>53669072
If you can remember all your passwords, they seriously lack entropy.
>>53669660
This.
>>53668627
That's what backups are for retard
tfw noone here pre-hashes their passwords
>>53674616
That feel when so many website don't hash and randomly salt your pre-hashed passwords.
>adult
>>53674616
>hashing a randomly generated password
that will surely make it more secure!
>>53674636
Exactly, and when those sites inevitably get hacked and leaked, all they have is a useless pile of garbage
>>53674657
Why would you hash a randomly generated password?
>>53674667
I'm asking >>53674616
>>53674616
>>53674636
The websites that store your password in plaintext are also the ones that have requirements like “must be at most 8 letters long and contain none of +-/*.,;' etc.”.
Also, since I assume this means you need the help of a computer program to hash your passwords for you, you might as well just use a real password manager and get more security for no extra cost.
>>53674712
This, it still eludes me so many websites have such bad security policies. But don't worry, I already use a password manager.
I keep everything inside a very safe MS(TM) OneNote(TM) document synced with MS OneDrive Technology(TM).
I can access my passwords from any computer through MS(TM) Office Online(TM).
>>53674616
>>53674667
If you don't reuse passwords, hashing them will buy you no extra security since a leak of one database won't be applicable to the rest either way.
If you *are* reusing passwords and *not* salting your hashes per website, then hashing them would still buy you no extra security since a leak of one database will give you the hashed password you need to plug into the rest of them.
In other words: To gain any security in an even hypothetical scenario, you need to salt your hashes with a different salt for every website.
Whence do you get that salt? If you generate it randomly, you probably need to store it somewhere - and so you might as well just use a password manager.
The only way this would even remotely make sense is if you pick a memorable salt and memorize it manually, then hash that together with a common base password. This buys you an amount of security equal to the time it would take to crack your salt+base pair for a single website. (Assuming you're careful with your HMAC and presumably also using a slow hash function)
Are you literally doing that?
>>53674790
I mean what could go wrong.
>>53674790
http://www.crypto-it.net/eng/theory/kerckhoffs.html
Don't trust closed source when it comes to cryptography.
>>53668440
>kikepass
what could ever go wrong?
>>53668440
I use a retina scanner.
>>53674805
memorized random (a-Z/0-9/symbols) password with simple per-service salts, hashed (bcrypt) before input to the service
>using a password manager
Do people really have such shitty memory capacity these days
Ree
If I had to store a password or long key that was like randomly generated, I would just put it into a text file and hide it in /etc/ or something
>>53674952
security by obscurity: not so great
>>53674952
>just put it into a text file
Do people really have such shitty security standards these days
Kek
My brain, photographic memory.
>>53674952
>Do people really have such shitty memory capacity these days
I memorize about 10 important passwords (root, GPG sign, GPG decrypt, GPG master, LUKS, university, various workplace passwords)
I use a password manager for the other 100 throwaway accounts that I'll use maybe once a year and honestly don't care enough about to even spend 30 seconds coming up with a password for them.
>>53674970
For important passwords I use >>53674983
But for non-crucial, randomly generated keys I would use a text file and just stuff it somewhere since nobody can really use it against me.
>>53674983
Cool meme but a 16 digit secure password has to be changed in a periodical basis.
I have 10+ places I log into. Shitty algorithms like mobile number+my gf's cup size won't make a good password
>>53675169
Why is she pointing a gun at me
>>53675173
She was pointing her gun at the anon behind you
The thought of some hacker being on my screen and seeing all my passwords freaks me out. That's why I write everything on a small piece of paper and put it inside a box.
>>53674952
>I would just put it into a text file and hide it in /etc/ or something
But /etc/ is where everything important is! Why the fuck would you put it there?
>>53668440
OS X user here, I literally use the notes app with password tips, never the full password, only reminders.
Now it has a password protection for specific notes, so I think I'm safe since Apple cares about my privacy...
FileVault -> Notes encryption -> Password reminders, am I safe enough /g/?
>>53666443
People expect to only find config files there :^)
I just name it like a conf file and then store my info there
>>53675262
>>53675281
Idk why it linked to another thread
>>53675209
what if some thief steals your box and sees all your passwords?
>>53670618
Give it back Jamal
>>53671402
You can tell that from 50 feet away because I told you. When the words are put together as one string, you're not going to have any idea how long each individual word is supposed to be or by how much the shifts have been done. Not to mention added random data from the website which matches no shift pattern. What I posted was an example that was meant to show how easy it is to make a password algorithmically. You have yet to crack a password that hasn't been given to you up front
