1. Forum
  2. Usenet
  3. COMP.SYS.MAC.SYSTEM

  • Re: Do you use a password manager?

    From gtr@21:1/5 to El Kabong on Sat Feb 12 19:55:36 2022
    XPost: comp.unix.misc

    On Feb 6, 2022 at 10:16:31 PM PST, "El Kabong" <twang@the.noodle> wrote:

    gtr <xxx@yyy.zzz> wrote:

    On Jul 12, 2021 at 1:53:00 AM PDT, "Unbreakable Disease"
    <unbreakable@secmail.pro> wrote:

    My 50-year old brain isn't capable of memorizing that many passwords
    anymore, so I use KeePassXC. I keep basically everything here including
    my financial passwords and credit card data, with the exception of
    passwords that I would have to remember anyway (full-disk encryption,
    login, primary e-mail passwords, etc.)

    Overall, it's much easier to remember and much harder to forget 10
    complicated passwords that you use everyday than 100+ simple passwords
    you use every month or even less.

    I can't speak about Windows version of KeePass, because with the
    exception of playing games not available on Macintosh, I haven't used
    one since Windows 95 days.

    I have the older version (non-subscription) of 1Password, but also make use of
    the keychain password manager and the manager built-in to Safari (I use Safari
    on both the mac and the ipad/iphone).

    Only lately, when I'm offered a complex "strong password" of jibberish, I take
    it. That's working well too.

    But I also use a variation on the same password: I selected two capitalized >> words (for instance ArchBasket with a few numbers, 245, then the first two >> letters of the intended website, for instance AMazon. Then I use this same >> password everywhere, with the exception of those last two letters.
    ArchBasket245am, for Powell's books: ArchBasket245po.

    It's easy to remember.

    With the latter system, if someone ever found out your
    Powell's password (say, a rogue Powell admin), they might
    easily guess your amazon & other passwords from that.

    I don't think it's a significant risk. But there is no system that is free of risk. I usually ask myself, who can I imagine would crack the code? A rogue Powell's employee? Okay. What would their nefarious plan be? Ordering
    something from Amazon and diverting it to their home? Okay.

    Most of the time I go through any of these .001% possibiities, I'm rarely intimidated by it. I just can't imagine someone would pick me to highjack for idle felony purchases via Amazon.

    Also, if you should occasionally change a password, what
    are you going to change it to? Your system doesn't allow
    a lot of variation.

    My system allows for more than the two words I've indicated. ArchBasket245, if a system demands a change becomes BasketClub356, then ClubDragon467. See the nature of the changes?

    Over the years its changed in other ways too. So various passwords adhere to different rules as they morph through life. Still--I've got a 75% chance of guessing right the first time, and 100% chance by the third try. It's good enough for me.

    (i keep passwords in an encrypted excel file. Excel
    always works, and it's safe for cloud storage.)

    But of course this system has the potential for problems, though they may become more and more rare.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)