On Mon, Feb 11, 2019 at 1:00 AM Andrew Savchenko <birc...@gentoo.org> wrote: > > On Sun, 10 Feb 2019 10:27:32 -0600 Dale wrote: > > My password manager does that already. The password I was trying to > > come up with was the master password which I must easily remember, be > > secure and be easy to type. The other passwords I let the password > > manager generate and remember as well. I don't type those so they can > > be anything. > > The line above is approximately the same how I got one of my master > passwords. It is not that hard to remember 30-40 random chars. > Just try typing them several hundred times. I'm serious.
That's one of the problems of secure password generation is that human memory is used backwards. Things become encoded permanently in our memory after the fact that we've repeated them several times, but most password generation utilities require you to have perfect memory first, THEN use repetition to enforce it. Both a managed password / algorithmic approach gets this more humanely. You need to first have a reliable way to generate the pssword, and if you typie it enough times, your brain will commit it to memory.
