Fwd: confirm 9a85e83e9531356d37cfd8581573d167b99c16f8

Adam D. Ruppe destructionator at gmail.com
Fri Apr 11 08:48:44 PDT 2014


On Friday, 11 April 2014 at 15:39:35 UTC, Dicebot wrote:
> And blindly using 3d-part tool for something that critical
> just does not make sense.

The most secure password tracker for the majority of people is a 
plain piece of paper put away in your desk. The odds that 
somebody will physically break into your home/office and grab 
your passwords off paper is a lot lower than the odds that some 
random browser bug will pwn you.

The odds are a bit higher in the office so work passwords might 
be a different story, but still, making somebody go through the 
hassle of actually going there in real life is going to set the 
bar a LOT higher than a script kiddie with a MitM exploit or 
whatever collecting them en masse.


BTW also use complete sentences for passwords. A lot easier to 
remember in your brain, easy to vary, and hard for others to 
guess. You can use a pattern to easily remember them all. For 
example, your reddit password might be "Reddit is a steaming pile 
of horse crap!", your twitter password might be "160 characters
per message?! Yeah, right, what a spam haven." and your bank 
password would be "Capshort12" because they had the brilliant 
idea of truncating passwords at a certain number of 
characters.... blargh well it doesn't work everywhere.

But I do something like this, and if I ever forget a password, I 
just use the site for a minute, something about it will piss me 
off, and then, boom the password comes right back to my mind!


More information about the Digitalmars-d mailing list