On 2/4/2019, 12:47:35 AM, Dale <rdalek1...@gmail.com> wrote:
> Thing is, with today's computing power, it really isn't anymore.
> While no one could just guess it, it could be cracked/hacked I'm
> sure. I need to come up with a new one that meets the requirements I
> just mentioned. Strong, easy to remember, easy to type but won't
> forget. I've read that using maiden names, years of birth or whole
> dates of birth, actual names, pet's name, words in a dictionary and a
> whole list of other things makes it easier, especially if you post a
> lot on social media, for hackers to use against you. I'm trying to
> avoid that sort of thing obviously and have a couple ideas but am
> curious as to what method others use, without exposing to much
> detail since this is public.
I've been using a little Firefox Addon called Passwordmaker for many,
many years, and despite all of its warts, I've been loathe to give it
up, even though it will never be upgraded to work as a WebExtension.
2 things I loved about it -
a) it doesn't save the password locally, only info about the
site/account, and
b) you can use an unlimited number of Master Passwords
I'm looking at migrating to KeePassXC, and even though I really hate the
idea of saving the actual password - Passwordmaker simply generates the
password on the fly each time based on certain specified criteria (ie,
the site URL, username, password length, etc for each account - one
technique I adopted shortly after assisting in updating the
Passwordmaker website eases my mind about it...
This is a simple technique I strongly recommend that everyone employ,
especially if you use a Password manager (like LastPass or KeePass)...
It is uncrackable (well, as long as it isn't the CIA or NSA that wants
to crack it and they are willing to kidnap/torture you to do so).
You sit down and come up with a ... call it a 'password modification
protocol' ... whereby, you always modify your generated/stored password
in a specific way before pressing enter.
For example, you delete characters 3, 5 and 7, then add 2 characters to
the beginning and 2 to the end.
It is very simple, and negates worrying about someone stealing your
password vault.
