What the fuck is this?

what the fuck is this?
literally what the actual fuck?
how the fuck would i be able to remember a password like that
im trying to enter a password that isnt just a product of smashing the keyboard but i keep getting slammed with the bullshit dictionary shit

conditioning yall to prepare for biometrics

Stop trying to set asdfgASDFG as your password retard

>how the fuck would i be able to remember a password like that
brainlets, when they'll learn

1n5sTa!!G3nT==

>how the fuck would i be able to remember a password like that
You simply remember it, what the fuck does that even mean? Don't you remember any phone or credit card numbers, or your license plate number?

Yuorpasswerd1!

Get creative

Start with a word and think of an algorithm to apply to it that makes sense to you. E.g. change vowels to number combo that you can memorize, add the special character after the 3rd letter, etc. Have a different word for each website, but apply the same algorithm to it.

i use a completely random string of characters as my standard password and remember it fine, i can also type it really fast. It's as said, you just remember it after a while as long as it's not absurdly long that is.

>insstallgentoo
>not 1n5t4!!GNU+G3n2

>any phone or credit card numbers
Now these are easy because theyre sequential series of numbers. Having that many variables in a password makes it very hard to chunk into memorable pieces.

>or your license plate number?
A very short two-part series of characters

A password manager. I don't get why you're not using one in the first place. They're easy to use and much more secure than trying to remember a slight variation of one password.

>Having that many variables in a password makes it very hard to chunk into memorable pieces.
What? That makes no sense. When I remember a password I simply remember it, I don't think about how many "variables" there are, it's simply there as an arbitrary string of symbols in my memory.

Yeah the dictionary thing is stupid, but everything else should be common sense. If you really do the memory of a squirrel, OP, then just use made up names from things you like. Fantasy and anime shit are a treasure trove of ridiculous made up words.

Good for you.

The stupid thing is, this severly lowers the entropy for a possible attacker. Best if combined with "max. x characters"

It is absolutely utterly useless and can only be designed by a person with maybe good intentions but absolutely no idea what they were doing

yeah, forcing you to have a random password so you have to write it down is more and more common.

I've seen quite a few non-tech average people have a file called passwords.txt on their desktop with all their passwords because of this.

I know you can use password managers and things like that but that's putting all your eggs in one basket too.

What I personally find more annoying than this is that a lot of sites have all those stupid requirements but only store 16 or 32 characters but allow you to enter more than that. I've learned this the hard way. Since sites require a random string I figured oh I'll just use a 88 byte long random string or something like that. Then I try to log back in and no, I can't because my password is wrong. It's wrong? Yeah because they stored 32 bytes and it doesn't cut the input field so now the 88 byte password entered as a new password doesn't match the 32 bytes stored.

>W9a5c^ja6gii1va4Ylnir&D1EnOtIlL2G9wjE@6hxB%##as&Ms

Wow, that was hard.

>not just writing your passwords down on a notecard which makes them easier to remember because you wrote them
>or breaking up your password and storing them in different files on your computer if you're afraid of keyloggers
>actually paying someone to store your passwords which makes their product a prime target for Ivan and his cyka friends to breach

Only acceptable in workplaces.

Seriously, I can see the need for everything but the dictionary words. We all know that if you choose 6+ dictionary words, you're pretty much covered at least for a year.

$ --> ./random.txt
**********************************************
OpenSSL 32 character base64

4q3mU9qQNoeKfZzaj1SSTATLqEFIu2rB3HCbGwTJ7rM=
**********************************************

**********************************************
urandom 23 let/num/sym, ~~~WITH~~~ implying symbols

pG{)OsUo3$-Ua?NDsRxwBb*
**********************************************

**********************************************
urandom 23 let/num/sym, ~~~NO~~~ implying symbols

deg84=alDZk$R!ZB47rG=sE
**********************************************

**********************************************
urandom 31 let/num/sym, ~~~WITH~~~ implying symbols

&V&_Kgm726DOlp$_5ETWdKbEX_*pSql
**********************************************

**********************************************
urandom 31 let/num/sym, ~~~NO~~~ implying symbols

i:+?:Q>!QVn!!47e$Gz|sTbeEmf2Ks9
**********************************************

**********************************************
urandom 16 let/num/sym, ~~~WITH~~~ implying symbols

#PR7%-3z@lX|7ad
**********************************************

**********************************************
urandom 16 let/num/sym, ~~~NO~~~ implying symbols

&*oU&b:-UKt(6>J
**********************************************

>cannot contain dictionary word
This is fucking stupid.
An easy psw to remember is 2 words long and pretty hard for anyone who doesn't know you to bypass it.

How do I use a different password for every website and remember all of them?
I know I can use keepass to create random shit and copy paste it but I want to be able to login from memory.

>>cannot contain dictionary word
>This is fucking stupid.
Until someone pulls a dictionary attack on your account.
Read "The Cuckoo's Egg" by Clifford Stoll.

>reading the cuck's egg

Fuck off cuck

What fucking website is making you do this?

Also try Pa55w@rd

Some sites don't accept your password if it's too long and just give you another error. Asrock forum for example when registering with a 12 char password.

>copy/paste
no need, just use keefox plugin

Use a misspelling of a word or name.

Just use your password manager. You have one, right?

kek

You are a fucking retard. If you have to remember a string of 10 characters it doesn't matter if they were chosen from a pool of 50 characters or from a pool of 5000. It's still the same thing.

...

This. It's really easy once your muscle memory takes over.

>./random.txt
>.txt

You're a fucking idiot. Do you remember a phone number as 638-8272 or as 6-3-8-8-2-7-2? What about words? Do you also remember them completely spelled out? The human brain is made to remember ideas, not characters.

be less useless and contact whoever is responsible and tell the person how fucking retarded password rules are

Who the fuck memorizes their license plate

You memorize an easily typed sequence of keystrokes, not the output it relates to. Then when your password expires in a few months, you move either your left or right hand over a space and you keep using that sequence.

>Do you remember a phone number as 638-8272 or as 6-3-8-8-2-7-2? What about words? Do you also remember them completely spelled out
Yes?

That's how I can dial the number and spell the word I use...

These limitations will surely be more useful for a bruteforcer when the hashes leak.
This is just bullshit.

Anyone arguing that it's reasonable to demand users set passwords like this is an absolute retard. Not only because of their memory, but because any other limitation but character count is counterproductive from a security standpoint.

Not really. an 8 character password of only lowercase would be harder to find than a 6 character password if mixed special, numbers, lower and upper.

I just have 2 passwords for that. 6 letter simple for useless sites and 8 letter with one capital letter and one number that works on all sites.

easier to find*


I meant.

Here's my tried and true password method. Never been borked once.

Come up with a phrase (For instance, Strange Bedfellows)

(Number) (Word 1 Backwards) (Number) (Word 2 Backwards) (Number)

Capitalize a random letter in each of the words.
This is your master PW.

Capitalize a different letter for each account you have and keep those passwords in an encrypted text file and make your master password (which you've memorized by heart) the key.

>there are people here who dont use password managers
>there are people here dumb enough to believe their silly methods of coming up with passwords is more secure than a password manager's 50+ character password

>there are people who don't think a password manager is part of the botnet and trust their entire keychain to this program

Jews

I agree with all these things except the special character. No one is going to put fucking backslash into their password or something.

But no, you should never put dictionary words in a password as advanced brute force crackers try combinations of known words

I have been doing this for years. Never have a problem remembering passwords.

this desu, i don't do a different one for each website but email/secondary email/banking/social media/everything else all get their own

...

set your pw generator to bother with making those passwords lad

>his password isnt Peni$1234

just use the title or a book or video game m8 its easy

people with high IQ's i guess you just wouldn't understand

Pass is a dictionary word.

>A and I are dictionary words
Thanks, I can leave those out of my brute force

Limiting to alphanumeric symbols as an example, not having case and number requirements already covers all the combinations that would satisfy the criteria while also providing a large amount of extra combinations to shift through.

Dropping such requirements doesn't automatically narrow down the search space, but adding them does. Websites should encourage the use of more complex passwords but not require them.

Now, the legth limit should be 20 characters or so rather than 8. Try to brute force that, even if it'd consist of only dictionary words in lowercase it would be safer than any /dev/urandom eight symbol garbage.