196

16437 readers

1533 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 1 year ago

MODERATORS

[email protected]

296

Passwor(ule)d. (lemy.lol)

submitted 10 months ago by [email protected] to c/[email protected]

30 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 9 points 10 months ago (3 children)

Sure they are different, but if somehow someone finds out just one password of yours, all others are broken too, right?

[–] [email protected] 5 points 10 months ago (1 children)

Right, there shouldn't be an easy to decipher password rule. Random passphrases seem to make the strongest passwords these days, especially if symbols, numbers, and spaces are allowed and used. Even the strongest password should have 2FA, and even that is only as strong as the identity verification of the password/2FA reset process.

[–] [email protected] 3 points 10 months ago

Even rigid, known password rules are fine as long as there are enough possible combinations. xkcd.com/936/

[–] [email protected] 1 points 10 months ago* (last edited 10 months ago)

Depends on the implementation of different login services and the number of possible permutations. An attacker will probably get locked out of trying to log in after making dozens of guesses.

[–] [email protected] 1 points 10 months ago

You don’t partially decrypt passwords. You either get the full thing or you get gobble.

So if they get 1, they still don’t know you use or or etc. I wouldn’t just straight up say “Netflix” in my service tagging.