9
Warning: My password manager setup was a mess until a friend called me out
A buddy in Seattle looked at my phone last week and said, 'You're still using the same master password you set in 2018? That's like locking your front door with a key under the mat.' I had been using a simple phrase for everything. Now I use Bitwarden with a 20-character random master password and turned on 2FA for the vault itself. Has anyone else had to completely redo their password system after getting a reality check?
3 comments
Log in to join the discussion
Log In3 Comments
patb121mo ago
My buddy in IT security told me his company's internal data shows most breaches happen through phishing, not weak master passwords. A 20 character random password you might forget is a bigger risk if it makes you write it down somewhere. I just use three strong words I can remember and change them every year. That friend in Seattle sounds a bit paranoid.
9
hugo8251mo ago
Yeah, I saw a report that kind of backs up what @patb12 said... it argued that a truly random shorter passphrase you'll actually remember is safer than a long random one you might store insecurely.
2
samwalker29d ago
Wait, three words you change every year? That sounds wild to me lol. I mean I get the logic behind not wanting something insane you'll forget, but changing it every 12 months feels like you're just asking for trouble. Wouldn't that make it way easier for someone to guess if they got a hold of your old word lists from a data breach? I feel like sticking with something randomish and just keeping it in a password manager is way less stressful than trying to come up with new clever combos all the time. No way I could reliably remember a new set of three words every year without writing it down somewhere sketchy.
2