Comment on Please create a non-secure password.
frezik@midwest.social 2 days agoQuite a few. Data dumps of passwords from sites can be from sites that used full hashing. If you used a fully random password of at least 20 characters, even unsalted md5 storage would be unbreakable.
Buffalox@lemmy.world 2 days ago
That’s true. But how does a randomized password generated by a password manager work when the service is accessed from 3 platforms? Like for instance Windows, Linux and Android?
Seems to me that you need 3 different pieces of software, and just 1 getting compromised would compromise everything.
frezik@midwest.social 2 days ago
It’s generally one piece of software, a browser extension, that works for all. Even mobile apps are often just webpages with extra steps, so the code base is the same.
The underlying storage must be encrypted the same way on each.
Yes, there are still potentially issues. I’ll come back to what I said at the start: passwords are a bad system in general, all methods for handling them are flawed, but password managers have the fewest flaws.
Buffalox@lemmy.world 2 days ago
Well that I can actually mostly agree on, IDK how we got into a disagreement on that in principle? For me personally though, I trust myself more, than a software manager. I’m pretty sure my passwords are strong enough, even if a software manager can make even stronger passwords.