Mfw

Is Sup Forums retarded? Fucking use software like KeePass. Cryptography is a thing, ya know?

By having an IQ above 70

I mean, shit, I keep a .txt for every website I use in an encrypted 7z on my desktop and I go to strongpasswordgenerator.com to generate them, works p well

same

I use the same password for everything of course!

Not if someone gets them without you knowing they got them

Firefox with backup exported to password protected Excel Workbook.

Password-store. It's basically but executed in a non-retarded way.

LastPass

Keep assx

I use it too
>strongpasswordgenerator.com
kek

This except I keep them in a small safe

Text file encrypted twice with aes 256 and different passwords, then I uploaded it to Google drive, and I have a script to download it, prompt me for the passwords, then decrypt it and print it, and then the files get deleted.

> (You)
>>strongpasswordgenerator.com
>kek
I mean, it just uses cryptographically secure js specific to your platform

Paper :).

>yes goy give us all your passwords
>don't mind all the equivalents that stored them in the cloud and were leaked

>storing commonly accessed information on encrypted anything

I gave up on that shit after a day. Don't know how you can put up with constantly having to enter a password.

you're retarded

I started using a joke password for one site I never intended to use, now I use it on everything. I need to sort myself out.

>you're thinking of normie bs like 1Password and LastPass, KeePass is open source and has been audited and is local

I keep them in a plain text file in /home/documents

>open source and local
can you detect if it uses any internet connection at all with wireshark? Or can you just set the firewall to not allow this program internet access?

it stores and uses an encrypted database file

>open source
>local only
>encrypted file
ok sold me, how easy is it to use?

This, plus a super comfy python script that takes as input a domain and computes the password for me on the fly

last pass :^)

write them in a book. this is 100% secure if you live alone.

IQ doesn't have anything to do with the ability to remember things. Seriously dude I have accounts on at least 20 websites that I use regularly and remembering 20 passwords that are >30 characters long is not impossible but it is hard.

I mean, it's portable so just try it lol

Can you elaborate? Sounds interesting and I'm considering it now.

make password as stupid as possible
somehow, stupid things are easy to remember.

I remember them. And I have to change 4 passwords every 30 days

I keep all my passwords written on a pad of paper in my room. Unfortunately I can't understand half of what I wrote because I'm lazy and use anagrams or abbreviations for everything and can't remember what any of it means.

I don't - there are a few that I remember and if I don't remember them I just reset them when I need to.

This is exactly what I do. No saved passwords in any browser, ever, period.

Anybody use pass?
wiki.archlinux.org/index.php/Pass

Me. Literally everything else except KeePass is pleb.

Basically a little wrapper script managing your passwords stored in GPG-encrypted text files. Nothing more simple. Just try it.

My. Fucking. Browser.

Also, Master Password for other things.

This is exactly what I do, but the text file is also encrypted by my private PGP key.

Trust that three layer encryption a lot more than the password managers available.

Not the same guy, but a good example would be like:
url = "gmail.com"
secret = "hunter2"

for i in range(secret):
output[i] = url[i] + secret[i]

KeePass

That's all you need.

Not him but that's my backup plan for if my encrypted volumes fail or the likes:

1) Make up a simple algorithm. It could be anything from a number representing a character or word, or vice versa.
2) Remember it and tailor it in a way that you can easily ingrain upon yourself
3) Start upping the complexity until the algorithm is creating something incredibly difficult to crack from your easy to remember input

When you start using it for enough things, you'll never forget it. I have 3 different ones that I still use, and they all result in easy to recall 50+ digit passwords.

pass

the standard unix password manager

any other answer is not Sup Forums worthy

literally what is wrong with a text file encrypted with GPG?

woah how are you able to find that after you hide it?

Master Password for the Master Race.

80% of my accounts use the same shitty old password. At least I changed it to something that can't be found through a lame dictionary brute force attack; also it used to be the same as my email account password, but that's been changed as well.

Recently, I switched to generating them on the fly for each website in my head. But because I know myself, I also put them in OneNote, stupidly in plaintext and not even encrypted.

(All of that apart from saving all of the passwords since foreever in Chrome/Firefox password manager of course).

Well it's mostly shit anyway.

KeepassX, works pretty well.

Used to do the brain-only thing site-based cypher thing, but then I hit 30 and earlier years of substance abuse are taking its toll and my memory is getting steadily worse.

KeepassX is a lot more comfy

Using the good old noggin

This is basically what I do as well.

Every pass I have is unique, besides throwaway shit sites.
Even passwords with password limits that are very small, I still have a unique system for those.
I have tiers of passwords for varying security levels.
Each one tripling in size roughly.
My largest passwords, which I still remember and/or calculate, are in the hundred character range.
I've only ever forgotten one password, which funnily enough was one of the first instances of me using this method.
RIP old archives emails and MSN chat logs.

My exact generation method I will obviously not share.
But generally I just split the alphabet in to a grid, some letters, digits and symbols grouped, assign letters and numbers on an axis, pick out the appropriate digits on each axes for the service I am using in question.
There is also a sentence and number fragment in some cases, sometimes multiple. Also some glyphs.

Of course, passwords are only as good as the website not being SHIT and having terrible security.
I refresh my passwords every year with a new codeword for the year.
It, also, is different based on the level of security.
Site hacked? There is an incrementor method in place that I simply have to remember. Or mistype then remember :^)
Sometimes I will write it down if it is a site I don't use more than a few times a year. Just a note saying "fuckwit site: #2", then I append the incrementer code for that year also.

>yfw better than CIA security
When's my job? Stop hiring autistic cunts off /mlp/

>Even passwords with password limits that are very small, I still have a unique system for those.
>I have tiers of passwords for varying security levels.
>My largest passwords, which I still remember and/or calculate, are in the hundred character range
>But generally I just split the alphabet in to a grid, some letters, digits and symbols grouped, assign letters and numbers on an axis, pick out the appropriate digits on each axes for the service I am using in question.
>There is also a sentence and number fragment in some cases, sometimes multiple. Also some glyphs.
>I refresh my passwords every year with a new codeword for the year.
>It, also, is different based on the level of security.

Check out this fucking tryhard. kek

I generally do 32 character password (or whatever is the longest if a site doesn't support that many chars). They are randomly generated and then I change a few characters by hand just in case the random number generator is compromised. To remember them, I just create a little story in my head about the characters and the words that they might stand for.
They all just stay in my head.

It's trivial to do.
Do you even remember what you did 3 hours ago lmao
Stay brainlet, faggle.

>It's trivial to do.
>Do you even remember what you did 3 hours ago lmao
>Stay brainlet, faggle.

kek.
1. Your stupid algorithm is weak as shit.
2. You're probably a fucking burger flipper.
3. Being a burger flipper you suffer from Dunning-Kruger
4. Goto 1.
kek

KeePass

>weak as fuck
Looks like someone doesn't understand basic cryptography.
I bet you seriously think a dictionary attack can be used on that.
lmao

[a-z][A-Z][0-9] -> ??? [x]
[common english words] -> 5000~
Figure it out, brainlet.

Once you do that, choke on your dictionary. Then a calculator.

Looks like the Dunning-Kruger champ of 2017 would rather use a ridiculously inefficient method of generating a password with common english words compared to just using DiceWare :^)

lmao. Brainlet indeed. Now get me my BigMac and fries, Jamal.

>2007+10
>not having a subreddit to remind you of your password
reddit.com/r/kgb_facebook/

>relying on software to do a trivial mental task.
I have a brain and use it regularly, unlike you.
Enjoy your webdev, kidiot.

Protip, this password system only being 100 characters isn't a limit on me.
I can easily scale it to many hundreds no problem.
All it takes is a retarded quote to bulk it up :^)
"muh dictionary attacks" kek.

>relying on software to do a trivial mental task

Lol. DiceWare isn't software. So, it just goes to show, you are actually the brainlet that professes to "understand basic cryptography", yet, never heard of the most secure way of choosing a secure passphrase.

Enjoy your weak-ass, overcomplicated nonsense passphrase I guess, sweetie.

P.S. still waiting on those fries. Grab me a coffee while you're at it, brainfart

t. brainlet who uses the same password for everything

>t. brainlet who uses the same password for everything

Wrong :^)

Looked up DiceWare I see? You'll be using it soon enough. No need to thank me; that would deflate your ego.

>he thinks random numbers are more cryptographically strong
>random words make it better durrr
>no bias from me hurrdy durrdurr

ahahaha, oh fuck please stop it, my sides, they hurt.

10 randomly chosen words and 10 words from a quote that has been mangled with digits and numbers between and after it, the LATTER is stronger.
Throwing ANY amount of digits in to a quote makes it useless to a dictionary attack. No matter how smart they are. No heuristics will matter when the password is hitting the 40 characters length, never mind hundreds.

Have fun remembering your retard passwords while I have zero effort remembering the ones I chose which are still stronger.

Stay brain-poor lmao

Not me, faggle. Also I actually just remembered what Diceware was. It's an even faggier way of making passwords than software is.

Christ, you could at least use software, I'd maybe have had some sense of respect for your brainletitis.

I've been using the same password since 1998, just add letters, and numbers to it to meet requirements.

Same password with some variation for everything.

That in mind, I rarely register for anything, and probably have about 8 accounts total.

I write them on a post-it in cursive and leave it on the monitor
My family is black but I'm adopted

>he thinks random numbers are more cryptographically strong

Never stated anywhere nor implied.

>random words make it better durrr

Random non-common words from English. There are also other languages if that's your bag. Also, having a 10-word phrase with additional numbers/characters/symbols adds to the randomness after thowing the dice.

>no bias from me hurrdy durrdurr

With DiceWare, there isn't a bias. With your shitty algorithm, of course there's a bias! C'mon now, Dunning-Kruger guy.

>ahahaha, oh fuck please stop it, my sides, they hurt.

Yeah, my flatmates are having a right old chuckle at you also. :^)

>10 randomly

Isn't that what I just said? lel

>Have fun remembering your retard passwords while I have zero effort remembering the ones I chose which are still stronger.

No problem. Have fun when you brainfart, brainlet :^)

>Stay brain-poor lmao

I don't work for McDonalds :^)

>Also I actually just remembered...

You're welcome pal.

>Christ, you could at least use software

So, first it's "don't use software", now you're saying, "use software"? Golly, you sure sound defeated right now. kek

I've been using it for a few months now and I love it.

I've been trying to google this, but I'm not too smart with the whole gpg thing. How do you transfer the passwords over to another machine? If I just copy the files, then I don't have the gpg key necessary to decrypt it. Can anyone ELI5?

It's funny how retarded you sound.

Your entire dictionary of words are public knowledge.
The words I have made-up deliberately to shit on dictionary attacks are nonsensical.
Even ONE of those words in the most common quotes known to human kind still defeats your randomly chosen shit.
Does not matter where it is. even if it is at the end.
I have several.

One is enough to shit on any dictionary attack, even smart ones with heuristics.
The words I use have never been typed anywhere by me. Deliberate nonsense words created by taking random words and syllable jumbling.
Even if the pass was at the end and the quote was known, no dictionary attack will find it so it is back to plain old brute force. RUH ROH.

Stay brain deprived lmao
Enjoy your dice, you fucking neckbear.
I bet you thought it was real top smarts to use random.org as your dice. ahaha

Man, just use KeePassX or something. All you do with that is backup your .kdb database file.

I use lastpass. it's very cheap and easy to use.

>It's funny how retarded you sound.
Ditto

>Your entire dictionary of words are public knowledge.

Guess what Einstein, all your letters are public knowledge also. The entropy of my phrases is more than enough to survive any brute force attack. I usually have 70+ characters on standard phrases, site permitting. This is typical, random with numbers and symbols without bias, and very memorable.

>The words I have made-up deliberately to shit on dictionary attacks are nonsensical.

Using a shitty algorithm.

>Even ONE of those words in the most common quotes known to human kind still defeats your randomly chosen shit.

Prove it Dunning-Kruger guy :^)

>One is enough to shit on any dictionary attack, even smart ones with heuristics.
>The words I use have never been typed anywhere by me. Deliberate nonsense words created by taking random words and syllable jumbling.

As I said: not very efficient in the slightest. This is why you suffer from the Dunning-Kruger effect. Your complexity in generating these is completely worthless when DiceWare exists.

>Stay brain deprived lmao
>Enjoy your dice, you fucking neckbear.
>I bet you thought it was real top smarts to use random.org as your dice. ahaha

No need to get upset sweetie. You're the one that thought DiceWare was only made up from numbers though, kek. Again, you're welcome.

>implying

those had CVEs in the past and will have more in the future

>cheap

good goy

>those had CVEs in the past and will have more in the future

[citation needed]

(((JEWgle))) it, goy

So it's false. Thanks.

The same algorithm was used to make the random nonsense words in Diceware dictionaries. :^)

My passwords when generated are trivial to do but stupidly complex to brute even with a dictionary.
You need to waste time shitting out random numbers and looking through lists, then having to remember the order of silly nonsense words.
I shit out a nonsense word in the middle of a quote with numbers as spacers, add a comma somewhere and boom, done.
Meanwhile at zero effort passwords.

Your 30~ random words don't give you any extra security since, unless the attacker knows you are using Diceware, it falls back to brute force anyway.
All you are doing is making it more complex for you to REMEMBER those words for no gain in security.

"Houston, [word] Base here. The [word] has landed. That's one small step for a [word], one giant leap for [word]"
Even putting 1 in all those brackets defeats your silly high-overhead method.

You are pushing your inability to think of words and phrases on to something external.
This should be named Brain Poverty General.

you need to do an "export"

I have them all neatly written down and marked as to which account they belong to, on a notepad right next to my keyboard.

Checkmate, hackers.

i have 2 excel docs full of passwords
one is real, the other is fake
i "leak" the fake one every few months by "accidently" pushing it to github

this is to keep hackers off my trail and to waste their time.

>Your 30~ random words don't give you any extra security since, unless the attacker knows you are using Diceware

This is gold. It's like hearing tech amateurs assume because the source code to software is open, it makes is less secure than proprietary. Hehe :^)

>"Houston, [word] Base here. The [word] has landed. That's one small step for a [word], one giant leap for [word]"
>Even putting 1 in all those brackets defeats your silly high-overhead method.

Your complete misunderstanding of how DiceWare generates passwords is comical. :^)

>All you are doing is making it more complex for you to REMEMBER those words for no gain in security.

Negative. That is your method.

>You are pushing your inability to think of words and phrases on to something external.

Yes, words that are free from bias or commonality. Something that you cannot claim. :^)

Enjoy your illusion of security. I'm afraid you project your brain poverty a little too much, Jamal.

KeepassX

Please be bait. You can't honestly be this retarded.

Well, enjoy your shitty algorithm. Life calling.

I know exactly how diceware works.
It has a bunch of silly words in a list, you shit out some dice rolls, find the word from the concatenated rolls, repeat.
Then you need to remember the silly words, words you will almost certainly not be familiar with, to 10-30 words length.

Meanwhile I pick some random quote, shit some nonsense words in to it, already beaten your method in length and simplicity.
And that hasn't even put in the SERVICE UNIQUE parts of it, which are trivially generated in-head which add an extra 10-30% characters on top of that.

I guess imagination powers are like magic to people with serious gray-matter abnormality.
SGMA is serious shit. My ants died from that.

Regardless, both systems fall back to brute force.
Mines is easier to do. Yours is just as nonsense as the words picked for the dictionary.

Come back when you've made more than 5 diceware passes.
Your super duper hyper unique passwords are worthless since it is all bit-based in the end. Number of bits and how easily remembered they are is what becomes important. Mines is vastly easier to remember but still cryptographically secure.
Anyway, us superior floating brains have a job to do. Have fun with your board games.