this post was submitted on 02 Nov 2023
434 points (100.0% liked)

196

16437 readers
1480 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 10 points 1 year ago (2 children)

And that's how you get rules put in place to not use a password that's similar to your old passwords. (I don't agree with such rules, just to be completely clear)

If you are forced to use long passwords, use book titles, song titles, character names, album names, TV show names, etc etc.

Examples: WutheringHeights$!5, ThePrisonerOfAzkaban:29, TheCountOfMonteChristo33&&

Of course you can put the numbers and symbols anywhere, not just at the end.

[–] [email protected] 30 points 1 year ago* (last edited 1 year ago) (1 children)

If they’re able to determine that you’re using a similar password, it’s because they’re not hashing your passwords and are storing them as plaintext. You should run far far away from any site or service that is able to enforce similarity rules. Because when you properly hash a password, even a minor difference such as upper/lowercase will produce a wildly different result.

[–] [email protected] 19 points 1 year ago

I've been wondering about that. I think they get around it by using the "enter your current password" prompt, so they potentially have it in cleartext for the duration of the session.

[–] [email protected] 5 points 1 year ago

it's better to use poems. I've done Hamlets 2b monologue, View From Westminster Bridge, Tell the Truth but Tell it Slanted, The Raven, Iago's Many a duteous knave, Louis the Dauphin's I am too high born to be propertied.

Or really any poem you happen to have memorized.