Gentoo Archives: gentoo-user

From: Andrew Savchenko <bircoph@g.o>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Coming up with a password that is very strong.
Date: Sun, 10 Feb 2019 16:59:46
Message-Id: 20190210195934.8446fb0050df0e7256ef0b3b@gentoo.org
In Reply to: Re: [gentoo-user] Coming up with a password that is very strong. by Dale
On Sun, 10 Feb 2019 10:27:32 -0600 Dale wrote:
> Andrew Savchenko wrote: > > On Sun, 3 Feb 2019 23:47:35 -0600 Dale wrote: > >> Howdy, > >> > >> Some may recall me mentioning using LastPass to manage my passwords.  > >> Obviously, it can generate very strong passwords that are different for > >> each site.  It can also remember them as well which makes things more > >> secure than using just a few passwords for all sites.  One for things > >> like financial sites, maybe a less secure one for some site you still > >> want reasonably secure and a even weaker one for sites you don't care > >> about hacking, and hackers likely won't either.  I know some people who > >> do this even today.  Heck, ages ago, I was one of them.  Things change > >> tho.  Some passwords can be hacked in seconds by a desktop computer, > >> including my own if I had the software and knowledge to do it.  > >> > >> The one thing about most all password managers, they have a master > >> password.  That one password unlocks the rest.  Trick is, having that > >> one be a good one that is easy to remember, type on a keyboard and be > >> secure, virtually unhackable but also unforgettable.  I've had what used > >> to be a strong password for a while.  Thing is, with today's computing > >> power, it really isn't anymore.  While no one could just guess it, it > >> could be cracked/hacked I'm sure.  I need to come up with a new one that > >> meets the requirements I just mentioned.  Strong, easy to remember, easy > >> to type but won't forget.  I've read that using maiden names, years of > >> birth or whole dates of birth, actual names, pet's name, words in a > >> dictionary and a whole list of other things makes it easier, especially > >> if you post a lot on social media, for hackers to use against you.  I'm > >> trying to avoid that sort of thing obviously and have a couple ideas but > >> am curious as to what method others use, without exposing to much detail > >> since this is public.  > >> > >> How do you, especially those who admin systems that are always being > >> hacked at, generate strong passwords that meet the above?  I've googled > >> and found some ideas but if I use the same method, well, how many others > >> are using that same method, if you know what I mean.  ;-)  Just looking > >> for ideas.  > > 1) Install app-admin/apg. > > 2) apg -a1 -m40 > > > > Best regards, > > Andrew Savchenko > > > My password manager does that already.  The password I was trying to > come up with was the master password which I must easily remember, be > secure and be easy to type.  The other passwords I let the password > manager generate and remember as well.  I don't type those so they can > be anything. 
The line above is approximately the same how I got one of my master passwords. It is not that hard to remember 30-40 random chars. Just try typing them several hundred times. I'm serious.
> Goes to show tho, there is yet another tool to come up with passwords.  > lol  > > Dale > > :-)  :-)  > >
Best regards, Andrew Savchenko

Replies

Subject Author
Re: [gentoo-user] Coming up with a password that is very strong. Mark David Dumlao <madumlao@×××××.com>