Do you use a password manager?

Do you use a password manager?
How creative/secure are your passwords and you generate or come up with/think up your own passwords?

Other urls found in this thread:

portableapps.com/apps/security
twitter.com/SFWRedditVideos

>Do you use a password manager?
Yes, my brain.

>How creative/secure are your passwords and you generate or come up with/think up your own passwords?
So secure the CIA nigger will never be able to bruteforce it even if they implement Markov chains in their cluster of quantum computers.

Simple:
KeePass

Advanced:
PasswordStore / QtPass

>CIA nigger

diceware, pen&paper.

ʩڽ1 Üì8ËqOA\ȟ기*>ðSÞ*õ9·(®$ÍŒLª/3XF¾(c@«a¿¦PÅíå)$Kæȑî&ö*¤òC¤

ETBSIETB ETBBSEM SOSIDC4 DC3DC4DC2SOHHTBELBSDC4 NAKDLE NAKDC3ENQ ENQCRSILFHT DLESOHDC3DC3ETBSIDC2EOTDC3 ETBBSHTFFENQ EMSINAK SOHDC2ENQ SOHDC4 HTDC4.

I use Firefox with a master password with an exported password protected spreadsheet as backup.

For generating, I made my own generator that uses specific criteria to generate the longest valid password. This means I can regenerate the exact same password from the same criteria should I lose my password databases.

gmailmypassword
outlookmypassword
amazonmypassword
amexmypassword

>he relies on software to generate passwords for him

easiest way to get hacked son.

I have four layers of passwords that have served me well for years

>1st layer
relatively unsecure but short passwords used for non-essential stuff. Like online takeout (which i never save my CC info to) and "throwaway" accounts. If those are compromised then it's no major deal, i just rotate my layer 1 passwords and continue on

> 2nd Layer

for more essential things, such as social media, spam/throwaway email addresses and other "personal but public" information. More secure than layer 1 but not by much (usually throwing in a mix of capital letters or numbers). If those are compromised then i scrap my usual rotation and devise new ones and change them all to prevent other accounts in this layer from compromise.

>3rd Layer
this is generally for very personal accounts that can cause significant damage if compromised, but don't include information such as CC/Bank info, Social Security number, or any crucial targets for Identity theft. Stuff such as personal and professional email accounts, work related email and communications, and various game/leisure accounts that i spend a good portion of my free time engaged in. Similar to Layer 2, if one account is compromised i scrap my current rotation of these passwords and start from scratch to avoid further damage.

>4th Layer

the most secure. This is primarily for CC/Bank info or anything with insanely valuable personal information (like Social Security info, tax information, or anything considered "high value" for identity thieves). The passwords are all cryptograms of random things that i encounter on a given day. The passwords are also changed out every 6 months regardless of security risk, and changed with some random criteria of the day they're changed, meaning that there's little to no personal connection tying me to the passwords (which makes phising/social engineering the passwords nigh impossible)

I use sha256 looped over 1000 times.

But I'm moving to Argon2 as soon as an ARM implementation appears.

Do you use qtpass with git? I haven't been able to get qtpass to work for me

>le use my brain meme

Your passwords are not more secure than a generated one by a password manager and/or you don't have unique passwords for every single account.

pwgen straight into a text file

I keep them in a text file using ROT52 encryption

>Do you use a password manager?

KeePass Classic Portable

>How creative/secure are your passwords and you generate or come up with/think up your own passwords?

PWGen Portable

portableapps.com/apps/security

Checked

> 2nd Layer email
> 4th Layer Bank info
> Thinks he is smart

Links bank account to email....

>My brain
Enjoy being objectively less secure than someone who uses a password manager

I use torrents hashes as passwords, i just go to the transmission Web GUI, pick a torrent, copy the hash and use it as a password, i just have to remember which torrent goes with which account.

on my porn accounts i use the same username and password combo because i dont give a shit if those get hijacked
on my email and banking stuff i use unique passwords

my method consists in never rember the password so every time I use a service I go thru the proces of getting a new one and I put a random set of 24+ chars

>So secure the CIA nigger will never be able to bruteforce it even if they implement Markov chains in their cluster of quantum computers.

>Implying the CIA niggers haven't already implemented a hidden mind-scanning technology, mandatorily embedded into every single electronic device manufactured since 1980.

>not encrypting your thoughts

honestly I want to encrypt my thoughts but literally every time I try it just ends up making my brain super slow to the point where doing simple math is a task.
any suggestions?

Thought encryption shouldn't even be legal. Who knows how many perverts are out there thinking thoughts they shouldn't be thinking right now?

I sandbox every account using a totally unique password generated in a Python script. I keep the list of passwords in a 256-AES encrypted file using gpg. I keep that encrypted file on a networked drive that is fire-walled off from the internet.

I have one general password that I slightly modify depending on which site I'm using it on. I reckon it's probably not good practice but eh.

Go back in time and don't take your vaccines.

24 random letters and numbers with random capitalization. I don't write it down or use a manager. Parts of it only if the limit is lower or it isn't that important.

...

I remember half my password and store half my password in a manager.

Where is your god now?

Let me explain the most secure password generation schema you will ever encounter. You will need some things to get started:

at least 1 coin
ASCII chart
100% opaque cloth (large enough to cover yourself)
Flashlight (not your phone!)
open source password manager

Cover yourself with the opaque cloth
Flip the coin 7 times, keeping track of the binary digits using your fingers. Convert the binary digits to their corresponding ASCII character. If it's non-printable then flip the coin 7 more times and try again.
Once you have 8 characters stop and make sure you memorize it.
After you are 100% confident you have memorized your password (shouldn't take longer than 1 week) generate a new one and add it to the beginning or end of your previous password
Repeat this process until your password is between 32 and 64 characters long
Once you have your final password you can use it to unlock an open source password manager such as keepass.
Do not store your password database in a proprietary cloud solution such as dropbox or google drive (use NextCloud or OwnCloud if you need something like this)

>Do not store your password database in a proprietary cloud solution such as dropbox or google drive

Why not? Your database is encrypted anyways

That is true, but why even give them an opportunity? OwnCloud and NextCloud are superior anyways

>Do you use a password manager?
Yes. KeePass. It's portable and works on any phone or computer so long as you have access to your database and keyfile. I carry around a USB on my keychain that contains the KeePass program and my keyfile. I have the database stored on Dropbox and can download it on any computer to get access to my passwords.

>How creative/secure are your passwords
The only limit is stupid artificial limits sites impose like no special characters or max password length. For sites without restrictions my passwords are 32 characters long and a mix of letters, numbers, and special characters. Regardless, all my passwords are unique for each site I use.

>not filling your mind with random noise generated by birds

>cStash for android
>not telling you

if you provide access to the database, it means that you have infinite time to try to crack the password and can do so completely offline after downloading the database.

if you have any decent 20+ character password it just wont be possible for them to crack it. MAYBE 10 years minimum if they are lucky but by then your passwords probably wont even be relevant

head -c 1024 /dev/urandom > muh-pw

How do you know my password?

Are there any websites that will accept that kind of shit as a password? A surprising amount of them will ask for letters, uppercase letters, numbers and symbols, then bitch at me when I try to set a 17-character password.

this, as long as your database password is reasonably secure and you change out your important passwords every now and then, you're fine. I change my most important ones (email, bank, etc) out once every couple of months, but you probably don't even need to do that

Lol, that wouldn't do shit. I've never gotten vaccinated and have never had any issues.

>Implying my mind isn't entirely filled with random porn

>Manager
Me. Zero challenge to remember. Will explain
>Creative/secure
Very. Would require some serious time and computing power to brute. You'd need a room full and several decades.

I use diceware. Is that it? Maybe called something else. You roll dice and record the numbers. Then, those numbers correspond to a word or string of numbers. What's created is a unique phrase with letters, symbols, and spaces. Easy to remember because of a human brain and secure. Each word is irrelevant to the next (people tend to name associated words when trying to think up such a password.)
For example
>Roadhouse 0861 fault kelly bolt $ collar

Yeah seriously. What the fuck?

Wouldn't you ideally want to make your passwords vary in length? For example, it could be anywhere from 28 to 36 characters long, with the mean being 32. That way, there are just that many more possibilities, making it harder to crack.

Unless you are hacking pentagon, I presume you are an autist user.

>relying on an external source to generate randomness

lmao enjoy having your password bruteforced before the heat death of the universe

And all it takes is a simple keylogger to fuck your "super secure" system in the ass.

Keepass

Before that I was a retard and would just save passwords in a word document.

>Do you use a password manager?
KeePassX

>How creative/secure are your passwords and you generate or come up with/think up your own passwords?
I only have to remember my master password which is really secure, everything else is randomly generated by KeePassX.

I use my 200LX and a pseudo-random password generator of my own clever design. Nobody can hack this.

>it just wont be possible for them to crack it
That is incorrect. They could always get lucky. Don't give the the opportunity to get lucky.

Because at the end of the day, whether you use a short or a long password, it will hash into the same 512/1024/2048 bit space. In fact, technically there are an infinite number of passwords which can be used to unlock your encrypted data.