Post AJ751Gf0wWfEr7aFjk by beastie@milosz.wtf
(DIR) More posts by beastie@milosz.wtf
(DIR) Post #AJ6yfvXLgZChXHRHWa by bitwarden@fosstodon.org
2022-05-04T14:40:49Z
0 likes, 2 repeats
A strong #Password or a unique #Passphrase? What's your go-to for creating strong credentials and why?
(DIR) Post #AJ6z8OVxXbpBW5Mau0 by steffo@fosstodon.org
2022-05-04T14:45:56Z
0 likes, 0 repeats
@bitwarden I used to use 4-word passphrases because they are easier to write, but websites usually rejected them because they were too long, so I had to switch to 16-character strong passwords ðŸ˜
(DIR) Post #AJ6zBrDzFoCJQbbmEq by Troll@maly.io
2022-05-04T14:46:34Z
0 likes, 0 repeats
@bitwarden To open the password manager or for each website?
(DIR) Post #AJ6ziph3y1xsEgvrKy by PublicLewdness@freespeechextremist.com
2022-05-04T14:52:34.469937Z
1 likes, 0 repeats
@bitwarden I tend to use 40 character passwords over a phrase just because it's been my habit forever.
(DIR) Post #AJ6zkWAPXPEeFpSlWK by jppelt@fosstodon.org
2022-05-04T14:52:51Z
0 likes, 0 repeats
@bitwarden strong password for most websites but I use a #passphrase for encrypted hard drives as they are more secure, adding a layer of complexity.To be honest, just noticed that Bitwarden had a #passphrase generator so I might go all passphrase :blobcatlol: #passphrasewednesday
(DIR) Post #AJ6zoPetg3orEAa0zw by drenik@dresden.network
2022-05-04T14:53:31Z
0 likes, 0 repeats
@bitwarden My brother sent me this a couple of years ago. did not use a password sinceSource: https://xkcd.com/936/
(DIR) Post #AJ6zprbpFAq4Chppho by jppelt@fosstodon.org
2022-05-04T14:53:48Z
0 likes, 0 repeats
@bitwarden strong password for most websites but I use a #passphrase for encrypted hard drives as they are more secure, adding a layer of complexity.To be honest, just noticed :blobcatfacepalm: that Bitwarden had a #passphrase generator so I might go all passphrase :blobcatfingerguns: #passphrasewednesday
(DIR) Post #AJ70wLDs9aZrjzHerY by mjdxp@fosstodon.org
2022-05-04T15:06:11Z
0 likes, 0 repeats
@bitwarden i throw my keyboard at the wall a few times and then i'm all set
(DIR) Post #AJ71M9au0jgvCkMdtY by MxAlba@mastodon.lol
2022-05-04T15:10:51Z
0 likes, 0 repeats
@bitwarden I let KeePass generate a random strong password for me.
(DIR) Post #AJ71Mxrz5V438CjzSi by brandont@fosstodon.org
2022-05-04T15:11:01Z
0 likes, 0 repeats
@bitwarden pass phrases when possible, as they’re just more secure and easier to remember. I’m waiting for this to become the new standard across the internet.
(DIR) Post #AJ71O9jiSAQ6DzRQqe by ilyess@mastodon.online
2022-05-04T15:11:04Z
0 likes, 0 repeats
@bitwarden You get far more entropy with a strong password, even at low character counts, due to its larger alphabet. Passphrases were useful when users were expected to remember their credentials. Now, with password managers auto-filling credentials, I don’t personally see the advantage of using passphrases (unless I can’t store the credentials in my password manager, like for the master password, OS login credentials, and some few other use cases).
(DIR) Post #AJ71XZA7I2wjghHFRI by jcast@mastodon.social
2022-05-04T15:12:54Z
0 likes, 0 repeats
@bitwarden long passphrase for things I have to type in manually often (like computer login). Extra strong passwords for everything a password manager can handle.
(DIR) Post #AJ71ot1kgYPKDlcjVg by paulkater@mstdn.social
2022-05-04T15:16:02Z
0 likes, 0 repeats
@bitwarden I pick a (Bitwarden) pass-phrase if I suspect I have to copy it by hand a lot. Otherwise it's one of your terrible passwords. I love it - and the MFA option.
(DIR) Post #AJ71tLUKoHGVeL7SNc by Aradayn@mastodon.social
2022-05-04T15:16:50Z
0 likes, 0 repeats
@bitwarden Fun, but I tend to shy away from answering questions about my passwords. 🤣
(DIR) Post #AJ72ragtPraAAsij0C by adrienandrem@pouet.chapril.org
2022-05-04T15:16:52Z
0 likes, 0 repeats
@bitwarden I'll use strong passwords until #Bitwarden and #KeypassXC take a checkbox list of custom dictionaries as input for their #passphrase generators.This list containing international wiktionaries would be great.https://dumps.wikimedia.org@wiktionnaire #wiktionary #i18n
(DIR) Post #AJ73MuTZuApmVxQVrk by MurrayWindripper@fosstodon.org
2022-05-04T15:33:24Z
0 likes, 0 repeats
@bitwardenIt depends on what the website or company will allow. Some are still stuck in the Caps, letter, digit, special character mentality or only allow passwords up to a certain length so you have no choice.
(DIR) Post #AJ751Gf0wWfEr7aFjk by beastie@milosz.wtf
2022-05-04T15:51:52Z
0 likes, 0 repeats
@bitwarden Strong password for every service, unique passphrase for keystore and devices I unlock without it.
(DIR) Post #AJ7J2BUn1vsaU88HkO by moopet@toot.cafe
2022-05-04T18:28:55Z
0 likes, 0 repeats
@bitwarden password because it's entered by my password manager and not by me 99% of the time
(DIR) Post #AJ7NXN5SNoulEFPTUW by atoponce@fosstodon.org
2022-05-04T19:19:23Z
0 likes, 0 repeats
@bitwarden For the default options in your password generator using the EFF long list, a 4 word passphrase provides log2(7776^4) ~= 51 bits security.By comparison, the default options for your password generator provides log2(65^14) ~= 84 bits security.If a provide hashes my password with vanilla MD5 (shudder), 8x Nvidia GTX 1080 Ti GPUS with Hashcat can crack MD5 hashes at a rate of about 3.072×1011 hashes per second. That's about 54 bits/day and 63 bits/year.https://gist.github.com/epixoip/ace60d09981be09544fdd35005051505
(DIR) Post #AJ7Ng7LUHLmh0v4vj6 by atoponce@fosstodon.org
2022-05-04T19:20:58Z
0 likes, 0 repeats
@bitwarden If a password cracker is using the EFF long list, a 4-word passphrase is cracked ~3 hours. The 14 character password remains uncracked.Unless I need a password that's easy to type, such as entering into a smart TV or IoT device, I'll stick with the password generator over the passphrase one for better default security.
(DIR) Post #AJ7Ns2erX5Npx0pL1c by atoponce@fosstodon.org
2022-05-04T19:23:07Z
0 likes, 0 repeats
@bitwarden *3.072×10^11
(DIR) Post #AJ7O4PcE0G0mcwUYts by cjerrington@mstdn.social
2022-05-04T19:25:22Z
0 likes, 0 repeats
@bitwarden Depends on the account and if it's something I need to type a lot, or just need a strong password for an account.
(DIR) Post #AJ7WXnkKAFOJUwnyvg by staticnoise@fosstodon.org
2022-05-04T21:00:19Z
0 likes, 0 repeats
@atoponce @bitwarden any comment from @bitwarden about the security of passphrases?
(DIR) Post #AJ7XRwtZKq8S5eu17g by atoponce@fosstodon.org
2022-05-04T21:10:28Z
0 likes, 0 repeats
@staticnoise @bitwarden Nay. I'm guessing the default to 4 words is due to convenience as passphrases tend to have significantly more characters for the same level of security than random meaningless strings.However, modern password managers are designed with copy/paste and autofill functionality, so IMO, that convenience is mostly moot. As mentioned, it really is only a concern when you need to type it where you can't copy/paste or autofill.
(DIR) Post #AJ7j9IqggfPE7rQjJI by bitwarden@fosstodon.org
2022-05-04T23:21:33Z
0 likes, 0 repeats
@mjdxp :ablobcateyesflip:
(DIR) Post #AJ8KXeVJWOugXguGpc by danielg@fosstodon.org
2022-05-05T06:20:32Z
0 likes, 0 repeats
@bitwarden My master password is a password but each letter and number is the first letter of a word. So if I remember the sentience I'll know the password.But for websites I let Bitwarden generate a 12-14 character mixed password.
(DIR) Post #AJBazbED4hR8vL0vQW by Paulmo@mastodon.social
2022-05-06T20:08:59Z
0 likes, 0 repeats
@bitwarden I think your credentials for a password manager should be a unique passphrase as it's easier to remember than a random password. As far as I know recent research has shown that unique passphrases are harder for hackers to break than random passwords. The passphrase should contain at least 4 words and they should be random and uncommon
(DIR) Post #AJDFHn1KA3CC29AvPE by catswhocode@mastodon.coffee
2022-05-07T15:15:11Z
0 likes, 0 repeats
@bitwarden I do both, but more often a password, generated by Bitwarden or KeePassXC. Sometimes my "go-to" has to do with what softwate/hardware I have on hand. I also use Diceware sometimes.
(DIR) Post #AJDFKH9T6XDM40AbTs by catswhocode@mastodon.coffee
2022-05-07T15:15:39Z
0 likes, 0 repeats
@bitwarden I do both, but more often a password, generated by Bitwarden or KeePassXC. Sometimes my "go-to" has to do with what software/hardware I have on hand. I also use Diceware sometimes.
(DIR) Post #AJDFr6ueC579rctW2y by farshidhakimy@chaos.social
2022-05-07T15:21:35Z
0 likes, 0 repeats
@bitwarden I would've expected more people to use unique passwords.
(DIR) Post #AJDFthyRN8oPO0uJoO by farshidhakimy@chaos.social
2022-05-07T15:22:04Z
0 likes, 0 repeats
@bitwarden I would've expected more people to use unique passphrases.
(DIR) Post #AJEt83uGiM5WplkdeK by bitwarden@fosstodon.org
2022-05-08T10:16:20Z
0 likes, 0 repeats
@farshidhakimy It's a good discussion and understandable due to many websites enforcing password restrictions. Passphrases can be really useful for example, when a password manager is not available, such as logging into a device.Both have their merits. 🔒