this post was submitted on 15 Sep 2024
471 points (99.4% liked)

196

16478 readers
2286 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 4 points 1 month ago (1 children)

Using the same password (no matter how secure it is) for all accounts is a bad idea.

Assuming you have at least 20 accounts with sensible data, and you don't even remember that 5 of them exist.

Now shittywebsite.xy gets hacked and all data is unencrypted and unhashed.

So now [email protected] with yourSecu4ePassPhrase is leaked.

You now quickly try to change the password on 15 accounts with the same email and password. But you forgot the 5 accounts you made years ago. Now after some time hackers login into the the old accounts and get your credit card info or whatever.

Great idea!

Yes my password manager is a single point of failure, but it is one I personally control and have the view over.

[โ€“] [email protected] 2 points 1 month ago

Good point.

A series of pass phrases that you can remember yourself is still better than relying on a password manager that can ALSO expose all of your passwords, none of which you remember.