| 1 |
On Mon, Feb 11, 2019 at 1:00 AM Andrew Savchenko <bircoph@g.o> wrote: |
| 2 |
> |
| 3 |
> On Sun, 10 Feb 2019 10:27:32 -0600 Dale wrote: |
| 4 |
> > My password manager does that already. The password I was trying to |
| 5 |
> > come up with was the master password which I must easily remember, be |
| 6 |
> > secure and be easy to type. The other passwords I let the password |
| 7 |
> > manager generate and remember as well. I don't type those so they can |
| 8 |
> > be anything. |
| 9 |
> |
| 10 |
> The line above is approximately the same how I got one of my master |
| 11 |
> passwords. It is not that hard to remember 30-40 random chars. |
| 12 |
> Just try typing them several hundred times. I'm serious. |
| 13 |
|
| 14 |
That's one of the problems of secure password generation is that human |
| 15 |
memory is used backwards. Things become encoded permanently in our |
| 16 |
memory after the fact that we've repeated them several times, but most |
| 17 |
password generation utilities require you to have perfect memory |
| 18 |
first, THEN use repetition to enforce it. |
| 19 |
|
| 20 |
Both a managed password / algorithmic approach gets this more |
| 21 |
humanely. You need to first have a reliable way to generate the |
| 22 |
pssword, and if you typie it enough times, your brain will commit it |
| 23 |
to memory. |
Archives