today is the Change Your Password Day so lets talk about passwords.
when was the last time you changed a password?
do you simply remember all your passwords, use a password manager or are you oldschool and write notes?
two factor authentication yay or nay?
Other urls found in this thread:
passwordcard.org
passwordstore.org
twitter.com
I don't change passwords unless there's a breach or it's required. I use keepass and randomly generated long-ass passwords., Local database with both a master password and key file. I use 2FA for major accounts like google and steam.
Which password manager is better keepass or lastpass?
did you know that Sup Forums has a feature where if you try typing your password, it censors it?
********
try it!
lolfuckoff
Didn't work
keepass is more secure since you control everything yourself.
lastpass if you are too lazy to setup your own ""cloud"".
keepass
Stole so many runescape accounts doing this
>always alternate between the same 3-4 passwords for a decade
>never been hacked
what am I doing wrong/right?
>>never been hacked
people wont hack you but the service you use.
hack service
>steal database including email and passwords
>crack shitty password encryption
>run email & password against every known service
>clear out accounts if possible and sell the rest
>rinse & repeat
thats why you should use a seperate password for every service you use
Did you know your name and credit card number will be filtered out because Sup Forums recognizes the format! Try it
Jeff Thompson
XXXX-XXXX-XXXX-XXXX
Exp: 05/19 CVV: XXX
...
hunter2
What if you need to log in your accounts from someone other PC?
>sorry guyz I actually don't know my password xDDD
Keepass. I keep my database synced through my Nextcloud server and use keefox in firefox to autofill logins.
> Signing into strange computers
Enjoy loosing your account.
Sounds a lot like they use the password as a key or w/e in the databae. AKA shit tier devs.
What's the point of having randomly-generated, complicated passwords? Sure, they will be impossible to guess, but they can still be retrieved as easily as password123.
I use pass passwordstore.org
Do you know about password hashing user? It doesn't matter if someone gets an entire database full of passwords if it's unreadable, uncrackable garbage.
most people arent hacking into your account by brute force, they just use inference and a little bit of effort.
im wondering if anyone has examples of algorithms they might use to generate unique passwords for each account you have.
Unless the website developers are shit and store them in plain text or md5 thinking that's good enough.
It was a bit tight anyway
>sorry guys I actually don't know my password
That's actually a good excuse not to login from someone else's computer.
What the actual fuck are you trying to say
>being this dumb
Oh it was a pun
Lastpass is not secure and has been hacked last year.
>logging in on untrusted computers
yeah no
also
>what are phones
lots of password managers have android/ios ports
>add all passwords to a text file
>encrypt with aes-256-cbc
>move to random folder with lots of files
>change file extension and filename to blend in with the rest
>"shred -vzn40 originalfile.txt" and "srm originalfile.txt"
>do this across multiple devices
>full reboot and wipe text editor caches if you're really paranoid
Why not use a password manager?
I guess you don't have to worry about the manager software having unpatched vulnerabilities and becoming abondonware.
That's mainly why, plus it's another level of security through obscurity. You could leave the .aes file on your desktop and it would never be cracked unless you used a shitty password.
keepass is marginally more secure if you're a paranoid schizophrenic and think the gubmint is hacking THE CLOUD, lastpass is better if you value both security and convenience
i know a dude who uses keepass because he doesn't trust leaving his database in THE CLOUD. his solution for taking his database everywhere? fucking google drive
>What if you need to log in your accounts from someone other PC?
there's a portable version of keepass you can stick on a thumb drive and just carry with you, plus an android app if you're a normie with a smartphone. there's really no excuse anymore
In his defence I'd trust Google over LastPass' security any day - both if your goal is hiding from the gov't then yeah Google is not a good choice.
>his solution for taking his database everywhere? fucking google drive
That's what I do. I doubt google spends time trying to crack keepass databases.
My password for work expired yesterday so I changed to a fresh new password not 16 hours ago.
I make up n-phrase passwords from the subject of an academic category or mix of
crustyanus69
Giovanni Kuzo
6011-6698-2742-3667
Exp: 02/20 CVV: 219
I use the same password for all of my email accounts.
Another one for my banking, and PayPal.
One for anything related to gaming.
One for forums.
One for torrent or porn sites.
One for social media.
One for any sites where I can purchase shit.
A bunch of other ones.
I basically just seperate them into categories and make a password for it.
I would like to make a seperate password for every account but I have to many so it wouldn't work good.
I don't trust software to keep my passwords so I just have it written on a piece of paper.