| 1 |
On 2/4/2019, 12:47:35 AM, Dale <rdalek1967@×××××.com> wrote: |
| 2 |
> Thing is, with today's computing power, it really isn't anymore. |
| 3 |
> While no one could just guess it, it could be cracked/hacked I'm |
| 4 |
> sure. I need to come up with a new one that meets the requirements I |
| 5 |
> just mentioned. Strong, easy to remember, easy to type but won't |
| 6 |
> forget. I've read that using maiden names, years of birth or whole |
| 7 |
> dates of birth, actual names, pet's name, words in a dictionary and a |
| 8 |
> whole list of other things makes it easier, especially if you post a |
| 9 |
> lot on social media, for hackers to use against you. I'm trying to |
| 10 |
> avoid that sort of thing obviously and have a couple ideas but am |
| 11 |
> curious as to what method others use, without exposing to much |
| 12 |
> detail since this is public. |
| 13 |
I've been using a little Firefox Addon called Passwordmaker for many, |
| 14 |
many years, and despite all of its warts, I've been loathe to give it |
| 15 |
up, even though it will never be upgraded to work as a WebExtension. |
| 16 |
|
| 17 |
2 things I loved about it - |
| 18 |
|
| 19 |
a) it doesn't save the password locally, only info about the |
| 20 |
site/account, and |
| 21 |
b) you can use an unlimited number of Master Passwords |
| 22 |
|
| 23 |
I'm looking at migrating to KeePassXC, and even though I really hate the |
| 24 |
idea of saving the actual password - Passwordmaker simply generates the |
| 25 |
password on the fly each time based on certain specified criteria (ie, |
| 26 |
the site URL, username, password length, etc for each account - one |
| 27 |
technique I adopted shortly after assisting in updating the |
| 28 |
Passwordmaker website eases my mind about it... |
| 29 |
|
| 30 |
This is a simple technique I strongly recommend that everyone employ, |
| 31 |
especially if you use a Password manager (like LastPass or KeePass)... |
| 32 |
|
| 33 |
It is uncrackable (well, as long as it isn't the CIA or NSA that wants |
| 34 |
to crack it and they are willing to kidnap/torture you to do so). |
| 35 |
|
| 36 |
You sit down and come up with a ... call it a 'password modification |
| 37 |
protocol' ... whereby, you always modify your generated/stored password |
| 38 |
in a specific way before pressing enter. |
| 39 |
|
| 40 |
For example, you delete characters 3, 5 and 7, then add 2 characters to |
| 41 |
the beginning and 2 to the end. |
| 42 |
|
| 43 |
It is very simple, and negates worrying about someone stealing your |
| 44 |
password vault. |
Archives