I am genuinely confused as to how anyone lives without a password manager.
=> More informations about this toot | More toots from alisynthesis@io.waxandleather.com
@alisynthesis they use samepassword123 for everything.
=> More informations about this toot | More toots from benda@kolektiva.social
@benda I would think those people would constantly have issues. Maybe there are so many of them that there simply aren't enough bots/hacks out there to catch them all?
=> More informations about this toot | More toots from alisynthesis@io.waxandleather.com
@alisynthesis probably both. im sure plenty of them have security issues from time to time. im sure others go under the radar. also, i imagine bad actors probably try, to some extent, to target individuals who are worth the time (known to have some money or good credit).
=> More informations about this toot | More toots from benda@kolektiva.social
@benda right, good point. and those "high value" targets probably aren't generally the same ones using "password123"
=> More informations about this toot | More toots from alisynthesis@io.waxandleather.com
@alisynthesis @benda
It's easy: you just have to stay one step ahead of the bots:
use drowssapemas987
=> More informations about this toot | More toots from axwax@chaos.social
@alisynthesis
I guess they manage
=> More informations about this toot | More toots from qburns@mas.to
@qburns
=> More informations about this toot | More toots from alisynthesis@io.waxandleather.com
@alisynthesis
I’ve never felt safe to use an automated password system. For decades (since before password managers afaik) Iʼve kept an encrypted file of unique passwords for everything, as inaccessible as possible to anything with a net connection. Occasional opening when I can’t remember a particular password is all I really need. (For those accounts I only need to look at once or twice per annum.) And it restricts me making new accounts without internal oversight, which I see as a plus.
=> More informations about this toot | More toots from electropict@mastodon.scot
@electropict pretty sure you're the exception that proves the rule :)
=> More informations about this toot | More toots from alisynthesis@io.waxandleather.com
@electropict meaning, the person who can remember unique passwords for everything is INCREDIBLY rare, therefore the rest of us need a password manager
=> More informations about this toot | More toots from alisynthesis@io.waxandleather.com
@alisynthesis
In practice I only have to remember a few. The one to open the passwords file, and the one to open the encrypted drive itʼs on, my admin user account. Everything else is forgettable, but I don’t even try to remember anything for a web account I use less than once a month. For example, Iʼve had a Mastodon login cookie for about two years and have never looked at it again. 🤷
The pause for thought when setting up a new account anywhere is a more important safety feature imo. 🙂
=> More informations about this toot | More toots from electropict@mastodon.scot
@alisynthesis
I think one feature that people like about password managers is that they generate long random strings rather than having to think of something yourself?
Making memorable strong passwords is probably the bigger challenge.
=> More informations about this toot | More toots from electropict@mastodon.scot
@electropict So in effect, you have a password manager. You just rolled your own. :)
=> More informations about this toot | More toots from alisynthesis@io.waxandleather.com
@alisynthesis I ask my wife that when she's rustling through papers and notebooks looking for her lost passwords.
=> More informations about this toot | More toots from shanesemler@metalhead.club
@shanesemler lol, I know so many people who do that. I would go totally insane without mine.
=> More informations about this toot | More toots from alisynthesis@io.waxandleather.com
@alisynthesis I've literally begged her to install KeePass for over a decade.
=> More informations about this toot | More toots from shanesemler@metalhead.club
@shanesemler I used to be a KeePass user and found it pretty inconvenient, even though I'm a generally techy person. I've since switched to @bitwarden, which has been stellar for me, and SUPER convenient to use.
=> More informations about this toot | More toots from alisynthesis@io.waxandleather.com
@alisynthesis @bitwarden I use Dropbox to sync across devices. I also manually open KeePassXC then copy/paste passwords. That is on purpose. I don't, and won't, trust my passwords to a browser extension. It's not perfectly convenient, but that's how I like it to be.
=> More informations about this toot | More toots from shanesemler@metalhead.club
@alisynthesis I used to do it by reusing the same one. Not recommended.
=> More informations about this toot | More toots from KaraLG84@dragonscave.space
@KaraLG84 tsk tsk :)
=> More informations about this toot | More toots from alisynthesis@io.waxandleather.com
@KaraLG84 oh, I missed the "used to" when I first read your post.
All tsks rescinded. :ablobcattrash:
=> More informations about this toot | More toots from alisynthesis@io.waxandleather.com This content has been proxied by September (ba2dc).Proxy Information
text/gemini
