96
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 10 Feb 2024
96 points (95.3% liked)
Ask Lemmy
26283 readers
1671 users here now
A Fediverse community for open-ended, thought provoking questions
Rules: (interactive)
1) Be nice and; have fun
Doxxing, trolling, sealioning, racism, and toxicity are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them
2) All posts must end with a '?'
This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?
3) No spam
Please do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.
4) NSFW is okay, within reason
Just remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com.
NSFW comments should be restricted to posts tagged [NSFW].
5) This is not a support community.
It is not a place for 'how do I?', type questions.
If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.
Reminder: The terms of service apply here too.
Partnered Communities:
Logo design credit goes to: tubbadu
founded 1 year ago
MODERATORS
Having the kind of habits you need to keep yourself safe and private online.
Blows my mind how many people don’t consider or sometimes even reject the idea of things like password managers because “it’s too complicated”.
My wife drives me up the wall with this. She insists on using similar passwords everywhere, like Lemmy1 or Lemmy12, even though I've set up BitWarden for her.
To make it worse, she reset her email password recently, refused to use the password manager, then promptly forgot it again 😤
BitWarden ftw! that's why I started using it, couldn't remember my overly complex passwords for all the everything In the world needs a password now.
Have you told her that it makes you feel unsafe?
idk man, I know a password manager would make things easier and more secure, but it's still putting all your eggs in one basket. If the service I gave all my passwords to has a leak or gets hacked - I'm fucked. And I don't trust them to keep all my passwords locally and not peak in.
I'd rather a couple of my accounts I've long since forgotten about be broken into than for my entire digital life to be uprooted.
I have multiple passwords for the levels of security I want, bank is the most difficult, e-mail is close second, then we have mid tier passwords for things I care about personally but wouldn't really have big consequences if lost, and then the password I personally saw leaked on a russian hacker forum that I use when a webstie insists I need an account to be graced with their service lmao
A good password manager encrypts your passwords with your own master password (and if you don’t trust them, use an open source one like Bitwarden)—so, even if it gets hacked, your passwords are not immediately compromised. You should take even more measures, like using 2FA such as your phone or a physical key, which basically makes you invincible. Way better than remembering passwords.
I despise 2FA, I'll stick to my piece of paper with passwords written on it. And if someone breaks into my house and steals it it'll probably be the least of my worry at the time anyway
Just use a password manager that keeps a hash of your database only. They can't peek since the data is encrypted.
If all it keeps is a hash of your database then you can't get any information out of it and it's useless
That's why you take several steps to ensure security. 2FA on everything. A different email address specifically for your password manager. A keyword suffix that you add to the end of every password. So even if someone gets into your password manager, they're not getting into any of your accounts. Unfortunately proper security takes a lot of effort these days.
2FA is shite, I hate having to keep my phone on me at all times. I'll just stick to my flawed system, it's not the most optimal but I have all my unique and important passwords written on a piece of paper hidden between two glued pages in my journal, and the throwaway passwords are simple muscle memory
You could use three password managers I suppose. Then you'd either need a rule for determining which manager a particular set of creds was stored in, or you'd need to just brute force remember it.
But one thing I discovered when I stated using a password manager is that I don't have five or ten things I need passwords for. I have at least five hundred.