![]() ![]() Take the words of the digits, start second letter, then alternate letter by letter in each word. Is the second letter a consonant? Take the month of your birthday.type the three last letters of the service's name as you would in an old cell text message numpad, holding shift down for symbols.if the first letter of the service is a consonant, the password starts with your dog's name shifted one letter backwards alphabetically.if the first letter of the service is a vowel, the password starts with your mother-in-law's first name, shifted one letter forward alphabetically.So for example, a formula might have elements like the following I've just made up for the sake of this post alone: Others will not see the patterns because they're personal to you. using something personal in the formula.There are three simple keys to password formulas (beyond just regular password features like length, different character sets etc. There's no way it's easier to remember a minimum of 6+ strong passwords than a formula.Ĭonclusion: Everyone should have a password formula. One of the ones not in there should absolutely be your main email password (since, like you mentioned, this usually gives control of account-recovery), as well as passwords for online banking and any other extremely-sensitive accounts.Īt minimum, every modern person needs online banking, an email with a secondary recovery email, encryption passwords for each of their digital storage units (which will always be several since we all need either physical or digital back-ups) and passwords for each computer they have. Even though it's extremely unlikely that your password manager gets compromised, to avoid the worst of the "you get everything" case you're worried about, there should be a few of the most important passwords that you don't put into the manager, just memorizing or even writing them down somewhere. My advice personally is that people should use a password manager for almost all of their passwords, but not all of them. They're all completely independent, so any of them being compromised (which, again, is an extremely common event) becomes completely meaningless. Any one of them being revealed gives no useful information about any of your other passwords. Randomly-generated passwords don't have these issues at all (when done better than Kaspersky did, anyway). Changing the formula can help with this, but it also makes the system way harder-how do you know which formula to use when you're logging in? Do you go back and change all of your passwords every time you rotate formulas, or if one of your passwords is compromised? Even more complex formulas could be possible to figure out (or massively reduce the brute-force difficulty) if just a couple of your passwords leak. If it's a really obvious "formula", like if your Tildes password is mysecretpasswordtildes, someone could easily guess that your reddit password might be mysecretpasswordreddit. Every revealed password gives info about how you generate your passwords. The problem with using a formula is that it's just a more-obscure method of re-using a password. Because of that, your method is still good advice overall. ![]() This is why the single most important thing is to not re-use passwords, regardless of how you pick them. ![]() ![]() All of your accounts are now compromised because one was. If you use the same username and password everywhere, this is obviously a complete disaster. This is so common that I'd be surprised if there's anyone that uses the internet frequently that it hasn't happened to, and most people have probably been affected by it multiple times (I certainly have). The most realistic security threat to almost everyone's accounts is that there is a data-breach on a site they registered for, which reveals their username (often their email address) and password. While I wouldn't really call your opinion wrong, I think it puts too much weight on the wrong factors, and ends up being worse advice for most people. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |