1 |
On Mon, Feb 11, 2019 at 1:00 AM Andrew Savchenko <bircoph@g.o> wrote: |
2 |
> |
3 |
> On Sun, 10 Feb 2019 10:27:32 -0600 Dale wrote: |
4 |
> > My password manager does that already. The password I was trying to |
5 |
> > come up with was the master password which I must easily remember, be |
6 |
> > secure and be easy to type. The other passwords I let the password |
7 |
> > manager generate and remember as well. I don't type those so they can |
8 |
> > be anything. |
9 |
> |
10 |
> The line above is approximately the same how I got one of my master |
11 |
> passwords. It is not that hard to remember 30-40 random chars. |
12 |
> Just try typing them several hundred times. I'm serious. |
13 |
|
14 |
That's one of the problems of secure password generation is that human |
15 |
memory is used backwards. Things become encoded permanently in our |
16 |
memory after the fact that we've repeated them several times, but most |
17 |
password generation utilities require you to have perfect memory |
18 |
first, THEN use repetition to enforce it. |
19 |
|
20 |
Both a managed password / algorithmic approach gets this more |
21 |
humanely. You need to first have a reliable way to generate the |
22 |
pssword, and if you typie it enough times, your brain will commit it |
23 |
to memory. |