It’s helpful to take a few steps back from time to time to reassess where we’re each coming from on our knowledge of tech (or anything) to better communicate.
It’s helpful to take a few steps back from time to time to reassess where we’re each coming from on our knowledge of tech (or anything) to better communicate.
Having the kind of habits you need to keep yourself safe and private online.
Blows my mind how many people don’t consider or sometimes even reject the idea of things like password managers because “it’s too complicated”.
My wife drives me up the wall with this. She insists on using similar passwords everywhere, like Lemmy1 or Lemmy12, even though I’ve set up BitWarden for her.
To make it worse, she reset her email password recently, refused to use the password manager, then promptly forgot it again 😤
BitWarden ftw! that’s why I started using it, couldn’t remember my overly complex passwords for all the everything In the world needs a password now.
Have you told her that it makes you feel unsafe?
idk man, I know a password manager would make things easier and more secure, but it’s still putting all your eggs in one basket. If the service I gave all my passwords to has a leak or gets hacked - I’m fucked. And I don’t trust them to keep all my passwords locally and not peak in.
I’d rather a couple of my accounts I’ve long since forgotten about be broken into than for my entire digital life to be uprooted.
I have multiple passwords for the levels of security I want, bank is the most difficult, e-mail is close second, then we have mid tier passwords for things I care about personally but wouldn’t really have big consequences if lost, and then the password I personally saw leaked on a russian hacker forum that I use when a webstie insists I need an account to be graced with their service lmao
Just use a password manager that keeps a hash of your database only. They can’t peek since the data is encrypted.
If all it keeps is a hash of your database then you can’t get any information out of it and it’s useless
That’s why you take several steps to ensure security. 2FA on everything. A different email address specifically for your password manager. A keyword suffix that you add to the end of every password. So even if someone gets into your password manager, they’re not getting into any of your accounts. Unfortunately proper security takes a lot of effort these days.
2FA is shite, I hate having to keep my phone on me at all times. I’ll just stick to my flawed system, it’s not the most optimal but I have all my unique and important passwords written on a piece of paper hidden between two glued pages in my journal, and the throwaway passwords are simple muscle memory
A good password manager encrypts your passwords with your own master password (and if you don’t trust them, use an open source one like Bitwarden)—so, even if it gets hacked, your passwords are not immediately compromised. You should take even more measures, like using 2FA such as your phone or a physical key, which basically makes you invincible. Way better than remembering passwords.
I despise 2FA, I’ll stick to my piece of paper with passwords written on it. And if someone breaks into my house and steals it it’ll probably be the least of my worry at the time anyway
You could use three password managers I suppose. Then you’d either need a rule for determining which manager a particular set of creds was stored in, or you’d need to just brute force remember it.
But one thing I discovered when I stated using a password manager is that I don’t have five or ten things I need passwords for. I have at least five hundred.