It’s helpful to take a few steps back from time to time to reassess where we’re each coming from on our knowledge of tech (or anything) to better communicate.

  • shneancy@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    10 months ago

    idk man, I know a password manager would make things easier and more secure, but it’s still putting all your eggs in one basket. If the service I gave all my passwords to has a leak or gets hacked - I’m fucked. And I don’t trust them to keep all my passwords locally and not peak in.

    I’d rather a couple of my accounts I’ve long since forgotten about be broken into than for my entire digital life to be uprooted.

    I have multiple passwords for the levels of security I want, bank is the most difficult, e-mail is close second, then we have mid tier passwords for things I care about personally but wouldn’t really have big consequences if lost, and then the password I personally saw leaked on a russian hacker forum that I use when a webstie insists I need an account to be graced with their service lmao

    • YTG123@feddit.ch
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      10 months ago

      A good password manager encrypts your passwords with your own master password (and if you don’t trust them, use an open source one like Bitwarden)—so, even if it gets hacked, your passwords are not immediately compromised. You should take even more measures, like using 2FA such as your phone or a physical key, which basically makes you invincible. Way better than remembering passwords.

      • shneancy@lemmy.world
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        10 months ago

        I despise 2FA, I’ll stick to my piece of paper with passwords written on it. And if someone breaks into my house and steals it it’ll probably be the least of my worry at the time anyway

    • Croquette@sh.itjust.works
      link
      fedilink
      arrow-up
      2
      ·
      10 months ago

      Just use a password manager that keeps a hash of your database only. They can’t peek since the data is encrypted.

      • intensely_human@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        9 months ago

        If all it keeps is a hash of your database then you can’t get any information out of it and it’s useless

    • fruitSnackSupreme@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      10 months ago

      That’s why you take several steps to ensure security. 2FA on everything. A different email address specifically for your password manager. A keyword suffix that you add to the end of every password. So even if someone gets into your password manager, they’re not getting into any of your accounts. Unfortunately proper security takes a lot of effort these days.

      • shneancy@lemmy.world
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        10 months ago

        2FA is shite, I hate having to keep my phone on me at all times. I’ll just stick to my flawed system, it’s not the most optimal but I have all my unique and important passwords written on a piece of paper hidden between two glued pages in my journal, and the throwaway passwords are simple muscle memory

    • intensely_human@lemm.ee
      link
      fedilink
      arrow-up
      1
      ·
      9 months ago

      You could use three password managers I suppose. Then you’d either need a rule for determining which manager a particular set of creds was stored in, or you’d need to just brute force remember it.

      But one thing I discovered when I stated using a password manager is that I don’t have five or ten things I need passwords for. I have at least five hundred.