On 05/11/2024 15:32, Ralph Corderoy wrote:
I don't think a password for a ‘trash’ site should be memorable,
nor have a theme with a per-site variation as the variation can probably
be spotted and adapted to be tried on thousands of sites by a bot,
e.g. ‘correct horse youtube staple’.
GCHQ's advice is to use a password manager.
https://www.ncsc.gov.uk/collection/passwords/updating-your-approach#tip4-password-collection
I do actually use kwallet, but that isn't available on any platform not
running KDE (there is a kwallet in the Android Store, but that is
unrelated.Unless my passwords are actually memorable pass phrases, it is
almost impossible to type them into a site accessed on my phone or tablet.
Also, I don't trust any tool which requires me store my passwords on a
remote site.
One list is
https://wiki.archlinux.org/title/List_of_applications/Security#Password_managers
I note from that list that BitWarden can be self hosted, so I may look
into that.
--
Terry Coles
--
Next meeting: Online, Jitsi, Tuesday, 2024-11-12 20:00
Check to whom you are replying
Meetings, mailing list, IRC, ... https://dorset.lug.org.uk
New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
