this post was submitted on 27 Oct 2023
2 points (100.0% liked)

Memes

45623 readers
1075 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
gary_host_laptop@lemmy.ml
sexy_peach@feddit.de
cyclohexane@lemmy.ml
cypherpunks@lemmy.ml
2
Add-on: same password, same identity. (lemmy.world)
submitted 1 year ago by woshang@lemmy.world to c/memes@lemmy.ml
9 comments fedilink hide all child comments
 
top 9 comments
sorted by: hot top controversial new old
[–] newIdentity@sh.itjust.works 0 points 1 year ago (1 children)

Not really though. Once the password has been leaked, it needs to be cracked. And that usually doesn't happen when the password is strong enough.

Except the password wasn't hashed but then the company belongs to get sued to bankruptcy

[–] randombullet@feddit.de 0 points 1 year ago

That's also assuming they used proper salts and a strong hashing algorithm.

Also MITM and or phishing attacks are not super common but can also depreciate your common password very quickly.

Always layered defense. If it's not 1 thing, it could be another.

Unique passwords are just one facet on a multi-layered security defense.

[–] Holzkohlen@feddit.de 0 points 1 year ago (1 children)

The only good passwords are those you don't know yourself because they are randomly generated and all stored in your password manager of choice.

[–] PieMePlenty@lemmy.world 0 points 1 year ago (1 children)

Until some locked down tv/console type device asks me for a password.

[–] zalgotext@sh.itjust.works 0 points 1 year ago (1 children)

Then you look up the random string of 36 characters once, think "why did I make this one 36 characters" as you painstakingly type it in with a TV remote, then immediately forget it as soon as you're logged in.

[–] Lt_Cdr_Data@discuss.tchncs.de 0 points 1 year ago (1 children)

Then repeat this process every few months the device decides it needs to ask the password of you again. Not playing this game

[–] Johanno@feddit.de 0 points 1 year ago

Take the TV throw it out of the window.

Buy a minipc and plugin a cheap Monitor via hdmi.

Setup kodi or similar on your minipc and you won't even have ads anymore because you will of course install pihole too.

[–] Pantherina@feddit.de 0 points 1 year ago

Same mail at a shady provider

[–] clanginator@lemmy.world 0 points 1 year ago* (last edited 1 year ago)

I came up with a formula for my passwords - as easy to remember as a single password and makes a unique login for every site feasible without a password manager. Can be updated as often as you like and all you gotta do is remember the latest version of the formula. At the very least, the hashes will be different and it'd take someone having more than two of my passwords to figure out the pattern.

I also use over 100 email aliases with my own domain name so that my most important accounts have a separate login that isn't a common domain that wouldn't be easy for someone to guess.

It would take a lot of concentrated effort for someone to get at any of my important accounts, and even my less important ones would be pretty difficult to get into even if multiple accounts are compromised, due to using a smaller pool of aliases under common domains for less important accounts.

Someone got into half a dozen of my accounts a few years ago and I finally started taking security seriously.