Comment on Passkeys might really kill passwords
Ookami38@sh.itjust.works 7 months agoAssuming you have a strong base password you aren’t concerned with being broken, you can use that, followed by a unique identifier for what you’re logging into, so every password is essentially the same, but also unique. Something like, translate the lyrics to a song (say without me by Eminem) to first letters and punctuations, 2tpggrto,rto,rto, and add the identifier.
2tpggrto,rto,rto-goog 2tpggrto,rto,rto-faceb
This is essentially how I manage my passwords that I want to actually remember. And no, I don’t use that song lol.
KairuByte@lemmy.dbzer0.com 7 months ago
This is essentially the same thing as using the same password everywhere.
Yeah, they are unique. But if one is broken, they are all essentially broken.
blackbirdbiryani@lemmy.world 7 months ago
Only if you’re specifically targeted. I know enough regex to know that nobody is going to bother trying to parse known passwords to identify patterns like that when there’s a billion suckers who use ‘password123’ for their bank accounts.
As long as the pattern is not super predictable, and aren’t dictionary words, nobody is brute forcing that.
subtext@lemmy.world 7 months ago
Even a minute mental load at everything you need to log into in a day is still more than the zero mental load I have when using a password manager.
It’s not just more secure, it’s far more convenient. Plus once you start to share a life with someone, you can share all your accounts and passwords effortlessly as well.
KairuByte@lemmy.dbzer0.com 7 months ago
These would be extremely easy to detect with regex. Just look for the service name in a password, including common keep speak conversion.
Password123-Facebookthen easily becomesPassword123-GitHuborPassword123-Walgreens.I can assure you, if I was a bad actor that got my hands on a password dump, I’m checking for these kinds of passwords pretty early on.