Gentoo Archives: gentoo-user

From: Andrew Savchenko <bircoph@g.o>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Coming up with a password that is very strong.
Date: Sun, 10 Feb 2019 16:59:46
Message-Id: 20190210195934.8446fb0050df0e7256ef0b3b@gentoo.org
In Reply to: Re: [gentoo-user] Coming up with a password that is very strong. by Dale
1 On Sun, 10 Feb 2019 10:27:32 -0600 Dale wrote:
2 > Andrew Savchenko wrote:
3 > > On Sun, 3 Feb 2019 23:47:35 -0600 Dale wrote:
4 > >> Howdy,
5 > >>
6 > >> Some may recall me mentioning using LastPass to manage my passwords. 
7 > >> Obviously, it can generate very strong passwords that are different for
8 > >> each site.  It can also remember them as well which makes things more
9 > >> secure than using just a few passwords for all sites.  One for things
10 > >> like financial sites, maybe a less secure one for some site you still
11 > >> want reasonably secure and a even weaker one for sites you don't care
12 > >> about hacking, and hackers likely won't either.  I know some people who
13 > >> do this even today.  Heck, ages ago, I was one of them.  Things change
14 > >> tho.  Some passwords can be hacked in seconds by a desktop computer,
15 > >> including my own if I had the software and knowledge to do it. 
16 > >>
17 > >> The one thing about most all password managers, they have a master
18 > >> password.  That one password unlocks the rest.  Trick is, having that
19 > >> one be a good one that is easy to remember, type on a keyboard and be
20 > >> secure, virtually unhackable but also unforgettable.  I've had what used
21 > >> to be a strong password for a while.  Thing is, with today's computing
22 > >> power, it really isn't anymore.  While no one could just guess it, it
23 > >> could be cracked/hacked I'm sure.  I need to come up with a new one that
24 > >> meets the requirements I just mentioned.  Strong, easy to remember, easy
25 > >> to type but won't forget.  I've read that using maiden names, years of
26 > >> birth or whole dates of birth, actual names, pet's name, words in a
27 > >> dictionary and a whole list of other things makes it easier, especially
28 > >> if you post a lot on social media, for hackers to use against you.  I'm
29 > >> trying to avoid that sort of thing obviously and have a couple ideas but
30 > >> am curious as to what method others use, without exposing to much detail
31 > >> since this is public. 
32 > >>
33 > >> How do you, especially those who admin systems that are always being
34 > >> hacked at, generate strong passwords that meet the above?  I've googled
35 > >> and found some ideas but if I use the same method, well, how many others
36 > >> are using that same method, if you know what I mean.  ;-)  Just looking
37 > >> for ideas. 
38 > > 1) Install app-admin/apg.
39 > > 2) apg -a1 -m40
40 > >
41 > > Best regards,
42 > > Andrew Savchenko
43 >
44 >
45 > My password manager does that already.  The password I was trying to
46 > come up with was the master password which I must easily remember, be
47 > secure and be easy to type.  The other passwords I let the password
48 > manager generate and remember as well.  I don't type those so they can
49 > be anything. 
50
51 The line above is approximately the same how I got one of my master
52 passwords. It is not that hard to remember 30-40 random chars.
53 Just try typing them several hundred times. I'm serious.
54
55 > Goes to show tho, there is yet another tool to come up with passwords. 
56 > lol 
57 >
58 > Dale
59 >
60 > :-)  :-) 
61 >
62 >
63
64
65 Best regards,
66 Andrew Savchenko

Replies

Subject Author
Re: [gentoo-user] Coming up with a password that is very strong. Mark David Dumlao <madumlao@×××××.com>