Comment

Comment on "Anon" has problems with cybersecurity [Mod approved non-greentext]

<- View Parent

Martineski@lemmy.dbzer0.com ⁨3⁩ ⁨weeks⁩ ago

proceeds to generate password for each service and forget the master password

Image

source

Sort:hotnew top

SkaveRat@discuss.tchncs.de ⁨3⁩ ⁨weeks⁩ ago
just use a password manager for the password manager password

source
- Martineski@lemmy.dbzer0.com ⁨3⁩ ⁨weeks⁩ ago
  Image
  
  source
- ichbinjasokreativ@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
  Or use a hardware key to unlock it. And then loose that hardware key. Does keepassxc support fingerprints yet?
  
  source
RecluseRamble@lemmy.dbzer0.com ⁨3⁩ ⁨weeks⁩ ago
Write it down somewhere. Just do it by hand.

source
- Zachariah@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
  Yes, and the master should be a paraphrase not a password.
  
  source
  - RecluseRamble@lemmy.dbzer0.com ⁨3⁩ ⁨weeks⁩ ago
    That’s just recommended to emphasize length. If your password is as long as a passphrase it’s likely more secure (harder to remember though).
    
    source
    Zachariah@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
    But if the point is to remember it, then you should use the security from length of series of 5+ random words. It’s easier to remember, write down, and type. All great characteristics of a master passphrase.
    
    source
    -> View More Comments
- XTL@sopuli.xyz ⁨3⁩ ⁨weeks⁩ ago
  Also, you don’t need to write it down correctly, if you remember what’s the missing or different or fake bit. And you can write down a few decoy ones next to it. Or have it in two different places. Lots of room for obfuscation along with some good old fashioned physical security on where you store the note. And the backup note off-site, if you’re that kind of person.
  
  Hell, just make some extra decoy ones just for fun and practice.
  
  source
lurch@sh.itjust.works ⁨3⁩ ⁨weeks⁩ ago
just make the password a little story you can remember, e,g. “Carl+Lenny:go2a bar&spend$$$”

source
- MeDuViNoX@sh.itjust.works ⁨3⁩ ⁨weeks⁩ ago
  Hell naw, my last password was: Xé7&//sgn385d$@+îñccv72RtY¾ff°¥∆§
  
  source
BubbleMonkey@slrpnk.net ⁨3⁩ ⁨weeks⁩ ago
My strategy for this is to have a second password manager available on a couple old devices, accessed with biometrics (fingerprint in this case), and only the master password saved within it.

I considered saving it within the main manager itself, since I have devices where I can use biometrics rather than password, but that feels like a bad idea.

Has definitely been a life saver

source
JackbyDev@programming.dev ⁨3⁩ ⁨weeks⁩ ago
Print out your recovery kit or master password and put it with your other documents (like birth certificate).

source