1 |
On 2/4/2019, 12:47:35 AM, Dale <rdalek1967@×××××.com> wrote: |
2 |
> Thing is, with today's computing power, it really isn't anymore. |
3 |
> While no one could just guess it, it could be cracked/hacked I'm |
4 |
> sure. I need to come up with a new one that meets the requirements I |
5 |
> just mentioned. Strong, easy to remember, easy to type but won't |
6 |
> forget. I've read that using maiden names, years of birth or whole |
7 |
> dates of birth, actual names, pet's name, words in a dictionary and a |
8 |
> whole list of other things makes it easier, especially if you post a |
9 |
> lot on social media, for hackers to use against you. I'm trying to |
10 |
> avoid that sort of thing obviously and have a couple ideas but am |
11 |
> curious as to what method others use, without exposing to much |
12 |
> detail since this is public. |
13 |
I've been using a little Firefox Addon called Passwordmaker for many, |
14 |
many years, and despite all of its warts, I've been loathe to give it |
15 |
up, even though it will never be upgraded to work as a WebExtension. |
16 |
|
17 |
2 things I loved about it - |
18 |
|
19 |
a) it doesn't save the password locally, only info about the |
20 |
site/account, and |
21 |
b) you can use an unlimited number of Master Passwords |
22 |
|
23 |
I'm looking at migrating to KeePassXC, and even though I really hate the |
24 |
idea of saving the actual password - Passwordmaker simply generates the |
25 |
password on the fly each time based on certain specified criteria (ie, |
26 |
the site URL, username, password length, etc for each account - one |
27 |
technique I adopted shortly after assisting in updating the |
28 |
Passwordmaker website eases my mind about it... |
29 |
|
30 |
This is a simple technique I strongly recommend that everyone employ, |
31 |
especially if you use a Password manager (like LastPass or KeePass)... |
32 |
|
33 |
It is uncrackable (well, as long as it isn't the CIA or NSA that wants |
34 |
to crack it and they are willing to kidnap/torture you to do so). |
35 |
|
36 |
You sit down and come up with a ... call it a 'password modification |
37 |
protocol' ... whereby, you always modify your generated/stored password |
38 |
in a specific way before pressing enter. |
39 |
|
40 |
For example, you delete characters 3, 5 and 7, then add 2 characters to |
41 |
the beginning and 2 to the end. |
42 |
|
43 |
It is very simple, and negates worrying about someone stealing your |
44 |
password vault. |