Comment by tedd4u
1 day ago
One could perhaps put those in a different vault. Sounds like a pain to me. But nothing compared to an email and/or banking compromise.
1 day ago
One could perhaps put those in a different vault. Sounds like a pain to me. But nothing compared to an email and/or banking compromise.
It becomes tricky when all your passwords are randomly generated, 24 characters long, full of symbols, special characters, casing variations, etc. All of mine are an absolute nightmare to type manually.
I suppose that becomes a pretty strong argument for passphrases + MFA, because passphrases are much easier to type in manually. But the problem there is lots of services still have stupid/arbitrary maximum password length restrictions that make it difficult or impossible to use a sufficiently complex passphrase.
It’s very frustrating.
You can generate "pronounceable" passwords in some tools.
1PW just generated this for me: mimp-rort-jan-mon-kain-sqin
Not as much entropy as 24 random letters/digit/punctuations/capitalisation. But (for me at least) much easier to read end type in situations where copy/paste isn't available (like from my phone to my dev docker containers)
Yes but parent was saying use passphrases, which is the same, just more like "correct horse battery staple". Parent then correctly pointed out there are a large number of sites that enforce special characters, numerical digits, etc., also being part of the password. So that idea falls apart very quickly in practice.
>> mimp-rort-jan-mon-kain-sqin And then you see they are not accepting such a weak password. Add special characters, numbers, etc.