6
wonwon0
2y

Am I the only one not liking that shitty websites where you put almost no critical login information require insanely complicated password?

I don't want my complicated password ending up in a rainbow table because they store my passwords in text format...

There's only so much versions of passwords I can remember for trivial websites...

Comments
  • 4
    For trivial you can often use one base and add on some site specific piece to avoid using the same one. As long as that base is not similar to your important ones it works.

    Or use a password manager for all such passwords.
  • 3
    @Voxera I tried using a pw manager. Used their function to generate random pw. Found that it's not that useful to use when using another pc. Even more when you gotta use your master pw to log on the pw manager on foreign machines.
  • 3
    Yes you are, everyone else is using a password manager that syncs between all their devices. And having to log in to your account with a foreign computer is so rare that you can check the password from your phone that time.
  • 1
  • 2
    @wonwon0 Export password list from your browser, import on other device, done. That's how I'm using different 20 character passwords everywhere.
  • 1
    @wonwon0 just a rhetorical answer
  • 2
    Either use browser's inbuilt password manager, which also has a password generator nowadays.

    Or, just type any random password, no need to remember, once you get logged out, just reset it to another random password.
  • 2
    Password manager.
  • 2
    In the past 3-4 years, I never hired anyone, who admitted that they don't use a password manager for their personal stuff. That would be like hiring a master chef who only eats at mcdonalds.
  • 1
    Are you guys assuming that I use 1234 as pw?

    I have an algorithm in my head. It's just tideous to come up with a new pw on every website.

    On pw managers: Don't you find it ironic that your security relies on one single entity? If it fails, it's gg for every websites. If it's down, you can't login.

    Anyway, pw manager guys, you miss the point of my rant. I was talking about my anoyment of the equivalent of putting an overkill 2000$ lock on a rundown shed with broken windows. Not asking question about where I can find lock providers and how irresponsible I am for making my own secure locks.
  • 1
    @wonwon0 Don’t use cloud password managers. KeePassXC is quite nice. I agree with your point about it being a single point of failure, but that’s what backups are for.

    And as for physical security ... fix the damn windows if you can, or use a different shed. And replace the fucking masterlock with a Bowley lock (or paclock) if you care the least about security.
  • 1
    @Root why not? Good password managers are 0 knowledge anyway
  • 2
    @wonwon0 pw manager guy present :) (I was working on one of the previoly very popular, nowadays not that much)

    In the product we built, if we went down, you'd still have your passwords and able to use or export them (browser plugin, mobile app kept an offline, encrypted copy always).
  • 1
    @wonwon0 i do realoze that we have different usage of passwords and that does not mean that yours couldn't be secure. But in most cases, I get pissed off by the opposite: when I can't use a generated, random, 40 char password...
  • 2
    What do you mean by "my complicated password"? that you have just one, right?

    You're doing it wrong.
  • 1
    @Nihil75 I have a base password which I make various versions of according to an algorithm that I alone know. You're assuming wrong.

    People arround tend to come to conclusions pretty fast...

    I like to use a simple throw away pw on shit I know I will not use to pay or store important data. I use a separate email for these uses. It's simpler to remember and faster.
  • 0
    @wonwon0
    If you use a throw-away password and don't provide any information of value, it shouldn't matter whether the site stores it in clear text.
    What is this rant actually about?
  • 1
    @Oktokolo sites such as these impose pw requirements making it impossible to use throw away pws

    Sometime they even prevent the use of my algorithm because they prevent specific symbols or impose a particular number of capital or lower case caracters
  • 0
    @wonwon0
    Easy solution: Adjust the random password generator in your password manager.
  • 0
    @KatatonDzsentri To his point of single point of failure, if you use a cloud service and it goes out of business, you would lose access — with a grace period of course. But this isn’t an issue with a stand-alone program. That’s why I said he shouldn’t use a cloud provider.
  • 0
    @Root with this logic, don't use AWS, GC, or Azure either :)
  • 1
    Left field solution: delete most of your social media accounts.
  • 3
    @wonwon0 Taking a password and making variations of it is literally what rainbow-tables do.

    You're doing it wrong.
    Generate random, unique passwords for each system.
  • 0
    I don't know what's up with some of you, but I didn t ask for a security audit. I think I do it okay but you can have your opinion.

    I, personally, don't like to depend on a third party platform to get my passwords. I have dozens of unique passwords and I am happy about that.

    On that note, I think I've had enough of that rant.
Add Comment