Attention Required! | Cloudflare
cybernews.com
  • flatbield@beehaw.orgEnglish
    1·
    16 days ago

    I wonder how much of this stems from two stupid IT policies. For decades users have been told to not write down passwords and to change them regularly. The result of this policy is to use a small number of password variations that one reuses. Then IT complaims about it.

    The better plan has always been to use long random passwords that you never reuse and write them down by some method like a password manger and only change them rarely for example when they may be compromised,

  • ArtificialHoldings@lemmy.world
    0·
    16 days ago

    I would do the word jumble suggested by xkcd, but so many websites require numbers, special characters, and disallow spaces that it would be impossible to remember unique passwords between those sites. Ironically I end up in a much weaker password ecosystem because I re-use the nearly-same password over and over again so I’m not constantly requesting a reset.

      • mnemonicmonkeys@sh.itjust.worksEnglish
        0·
        16 days ago

        Single point of failure and a separate entity has all of your passwords and you have to continue paying them or lose access to everything. Sounds like a terrible idea to me

        • shadshack@sh.itjust.works
          0·
          15 days ago

          There are password managers you can self host. Bitwarden being one of them. Secure it as much as you want and keep off-site encrypted backups if you’re worried about a single point of failure.

            • shadshack@sh.itjust.works
              0·
              14 days ago

              You’re right. It’s better to just not use a password manager and use the same password on every site you go to.

              /s if that’s not obvious

              • mnemonicmonkeys@sh.itjust.worksEnglish
                0·
                13 days ago

                Or do the sensible thing and minimize how many accounts you make on various sites because they’re bullshit, which also has the added benefit of giving you a small enough number of accounts that you can remember the passwords

      • ArtificialHoldings@lemmy.world
        01·
        15 days ago

        I’m split between a work pc, mobile, and home pc… It could work for 90% of cases. I never trusted a password manager though.

        • psud@aussie.zoneEnglish
          1·
          15 days ago

          KeePass doesn’t rely on any third party, and if you choose to use a third party file storage to hold your password vault, it’s encrypted