Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API

From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
devRancid64325dRemembering passwords is stupid, has less entropy, bet you reuse it across a bunch of sites, and is still vulnerable to phishing
-
lorentz1532525dNot remembering, but on occasion you must be able to copy certain passwords by hand. Especially if you follow your earlier advice and store them in a paper notebook.
-
donkulator31125d@tamagotchi If a UUID is too long for the password field there's something piscatorial in the works.
-
Lensflare1987525dI just want to note that passwords are actually meant to be text that you can remember.
If it’s something generated with random symbols then it‘s more of an auth key. -
kamen678125d@Lensflare I feel like this is where passphrases came around. From security perspective they're the same as passwords, but from user perspective they might be better.
-
donkulator31125dI like a good passphrase.
The best ones are grotesquely obscene. Makes them more memorable and also gives you a powerful incentive not to accidentally type them into that teams chat on the other screen. -
CoreFusionX351825d@tamagotchi
Upvote as in it's better to have something you remember, yes.
Besides that, UUIDs are indeed more entropy than atoms in the solar system. So they make good passwords that don't need hashing nor salting. (Bear in mind you still wanna do this if only to maintain secrecy). -
BordedDev200123d@kiki I think I have seen password generators literally use UUIDs
@whimsical agree about the password manager, though I would like an "account" manager, that just remembers which sites you've logged into
@donkulator @Lensflare and then they don't allow spaces
Ubisoft is 12 characters from what I remember (or maybe was it 10, some insane low number) -
kiki3758822d@BordedDev uhhh it's not uuid. I mean the hex part of the password is taken from randomUUID() call result
-
Lensflare1987522d@kiki isn’t randomUUID() redundant?
Any UUID is random already. And you can’t create one that is more random than any other one. -
kiki3758822d@Lensflare uuid v1 is far from being random. I would prefer tc39 to call this function “UUIDv4”, but I suppose uuid committee (Microsoft) has plans to do all future improvements on uuid without changing the format itself. Thus, when a critical vulnerability is found in v4, randomUUID() can just be made to generate v5, instead of making the whole world’s worth of websites to update their function calls
-
CoreFusionX351822d@Lensflare
I guess random as in the method of constructing it, but yeah, wouldn't be an UUID if it weren't random. -
kiki3758822d@Lensflare actually “UUIDv4” is a lame name for a function because it starts with a capital despite not being a class name. “uuidv4” is lame because “v” and “uuid” aren’t equal in their meaning, but they’re equal in their casing. Those acronyms man. Call it “uuid4”, but that ain’t gonna happen — that’s too kikish for mainstream software
-
Lensflare1987522d@kiki yup, anything that has an abbreviation has this problem in camel case.
SmallPDFFile?
SmallPdfFile?
SmallpdfFile?
No matter how you put it, it‘s wrong. -
kiki3758822d@Lensflare I was wrong. It's IETF and open software foundation. I'm so grateful it's not ms :D
-
BordedDev200122d@kiki Fair enough, I don't think version should be in function names either.
What about uuid(UuidVersion4) - granted that would only work in languages that more dynamic for the dynamic amount of parameters -
kiki3758822d@whimsical amazing, good for you. About python though… it was my first language that I learned to do real things in, not just textbook algos.
UUIDs are good passwords.
random