this post was submitted on 08 Jan 2024
1732 points (98.4% liked)

Lemmy Shitpost

27212 readers
4157 users here now

Welcome to Lemmy Shitpost. Here you can shitpost to your hearts content.

Anything and everything goes. Memes, Jokes, Vents and Banter. Though we still have to comply with lemmy.world instance rules. So behave!


Rules:

1. Be Respectful


Refrain from using harmful language pertaining to a protected characteristic: e.g. race, gender, sexuality, disability or religion.

Refrain from being argumentative when responding or commenting to posts/replies. Personal attacks are not welcome here.

...


2. No Illegal Content


Content that violates the law. Any post/comment found to be in breach of common law will be removed and given to the authorities if required.

That means:

-No promoting violence/threats against any individuals

-No CSA content or Revenge Porn

-No sharing private/personal information (Doxxing)

...


3. No Spam


Posting the same post, no matter the intent is against the rules.

-If you have posted content, please refrain from re-posting said content within this community.

-Do not spam posts with intent to harass, annoy, bully, advertise, scam or harm this community.

-No posting Scams/Advertisements/Phishing Links/IP Grabbers

-No Bots, Bots will be banned from the community.

...


4. No Porn/ExplicitContent


-Do not post explicit content. Lemmy.World is not the instance for NSFW content.

-Do not post Gore or Shock Content.

...


5. No Enciting Harassment,Brigading, Doxxing or Witch Hunts


-Do not Brigade other Communities

-No calls to action against other communities/users within Lemmy or outside of Lemmy.

-No Witch Hunts against users/communities.

-No content that harasses members within or outside of the community.

...


6. NSFW should be behind NSFW tags.


-Content that is NSFW should be behind NSFW tags.

-Content that might be distressing should be kept behind NSFW tags.

...

If you see content that is a breach of the rules, please flag and report the comment and a moderator will take action where they can.


Also check out:

Partnered Communities:

1.Memes

2.Lemmy Review

3.Mildly Infuriating

4.Lemmy Be Wholesome

5.No Stupid Questions

6.You Should Know

7.Comedy Heaven

8.Credible Defense

9.Ten Forward

10.LinuxMemes (Linux themed memes)


Reach out to

All communities included on the sidebar are to be made in compliance with the instance rules. Striker

founded 2 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] NielsBohron 101 points 11 months ago (11 children)

I'm not IT, just a college instructor, but you'd be amazed at how many Gen Z students have told me that they can't log into their email because they don't know their own password. Not even forgot; they don't even know it in the first place because every device remembers everything for them.

[–] virku 110 points 11 months ago (2 children)

To be fair that is basically what we are trying to get people to do though. Use a good password vault with a single strong password and two factor authentication. All other passwords should be a uniquely generated password for that application.

[–] pufferfisherpowder 45 points 11 months ago

Yeah, I don't know any of my passwords but the one password to rule them all.

[–] TheDoozer 11 points 11 months ago (4 children)

Can you recommend a good, safe password vault?

[–] [email protected] 36 points 11 months ago

Keepass and Bitwarden are the highly recommended password managers.

[–] jasep 19 points 11 months ago* (last edited 11 months ago) (1 children)

If you're brave enough to roll your own: KeePass XC. If not, Bitwarden. (edit for clarity)

[–] kurwa 16 points 11 months ago (1 children)

That's not hosting, it's just a local file.

[–] jasep 8 points 11 months ago (2 children)

If you want to access your KeePass safe from multiple devices (phone, tablet, PC, etc), you have to host it somewhere.

[–] [email protected] 2 points 11 months ago

or just sync the file using syncthing or plain old rsync?

[–] kurwa 2 points 11 months ago

You can put it on Google drive or something similar. You could also use syncthing (like how I do it) and you still don't have to host anything.

[–] [email protected] 3 points 11 months ago* (last edited 11 months ago)

I recommend bitwarden. Make sure to have a good 2fa also like Aegis or raivo

[–] [email protected] 2 points 11 months ago

+1 for Bitwarden, wife and I use it and it works well. It lets you securely share passwords for free.

[–] [email protected] 33 points 11 months ago

Caring about that has been beaten out of them by increasingly absurd password requirements over dozens of systems. They won't memorize it, won't write it down physically, and use the web browser to save it.

"But my system is different, I..."

Nobody cares. The password is just a speed bump in doing the thing they actually want to do.

[–] Z3k3 21 points 11 months ago (1 children)

I'll be honest as an IT professional of 25 plus years I don't know .y passwords either but that's because I let a password manager deal with it for me.

I have had people older than me complain the comp forgot the pass in my desktop days.

There was also it's cousin. I am definitely meeting the complexity requirements why isn't it saving

[–] [email protected] 3 points 11 months ago

My favorite are the services that keep rejecting the randomized passwords so I have to manually think of a password. I ain't creative enough on the spot for that! Just accept my /dev/urandom output dammit!

[–] [email protected] 19 points 11 months ago (1 children)

If they use a password manager and randomly generated passwords, then it's acceptable.

[–] dingus 7 points 11 months ago* (last edited 11 months ago) (2 children)

One of the reasons why I don't want to use a password manager, actually. If you get locked out of that, you're fucked.

[–] [email protected] 6 points 11 months ago (1 children)

Good ones have an unlock token or another one time use way of unlocking it in case you forget your master password.

[–] [email protected] 6 points 11 months ago (2 children)

Ease of syncing across devices has me using an internet-based password manager (Bitwarden), but I keep a second local-only password manager (Keepass) that only stores my Bitwarden password. Just in case.

[–] [email protected] 8 points 11 months ago

Keepass

For those who want to keep their ass.

[–] PopShark 2 points 11 months ago (1 children)

Hey that’s real smart but what if you forget the Keepass password when trying to retrieve the Bitwarden password you forgot lol?

I use Bitwarden myself and love them. Great software great organization it seems. They didn’t even send any bullshit marketing “noooo come back YOULL LOSE EVERYTHING” emails companies love to send when you downgrade from paid to free tier and that right away bumps them up in my mind.

[–] [email protected] 1 points 11 months ago* (last edited 11 months ago)

My wife and I also keep our Keepass passwords in each other's Bitwarden vaults.

So to lose access we'd both have to simultaneously forget our Bitwarden passwords AND be locked out of any biometric login. I consider that sufficiently unlikely.

[–] [email protected] 1 points 11 months ago

Backups + OSS.

I use Bitwarden and JSON backups inside a 7zip. I ALWAYS backup after I make a new password that can’t be changed via email.

[–] papalonian 13 points 11 months ago (1 children)

Like others have said they're probably using Google as a password manager. When you're making an account for anything while in the Chrome browser it recommends strong passwords for you such as UjafUif&i$ureT6hj9gzq5hvc$tcgo0be3. Would you memorize it?

[–] NielsBohron 10 points 11 months ago (2 children)

I get it, but I also don't understand the idea of letting Google suggest a random secure password for me. Probably just the Genx/Millenial in me, but I subscribe to the xkcd school of random password generation (password generator), which makes it really easy to have secure passwords that meet complexity requirements and are also easy to memorize.

[–] virku 5 points 11 months ago (1 children)

Why not both then? Make your own human readable passwords, but do a different one each time and store them in a password vault.

[–] NielsBohron 3 points 11 months ago (1 children)

Definitely. I don't really do anything that is particularly sensitive, so I only have 3-4 standard passwords (that meet the most common complexity criteria) that I separate by how sensitive the information/service is, but if I truly needed more, I would absolutely be using a 3rd party password vault. I just don't have the need right now, so I haven't bothered.

What gets me is the people that don't know their own passwords, don't know how/where to look them up, and don't even understand how to reset their passwords (because they can't log into their own email). I don't even know how they function in modern society.

[–] [email protected] 3 points 11 months ago

What gets me is the people that don’t know their own passwords, don’t know how/where to look them up, and don’t even understand how to reset their passwords

I worked support for a phone manufacturer for a while and helped a lot of poor lost souls struggle to get back into their Google accounts on their new and replacement devices. I got a lot of them in, but some may have never gotten out of authentication hell

[–] papalonian 2 points 11 months ago

Yeah, I have my own password generation scheme. Not the most secure thing in the world but I'm at least able to log in to my accounts from other people's computers. One of these days I'll get around to using a password manager but I just can't be bothered.

[–] [email protected] 9 points 11 months ago (1 children)

My girlfriend (millenial) is like that as well and it is infuriating. I tell her time and time again, just use a password manager that isn't the browser's password manager and you are golden. You just need to remember one "complicated" password, i.e. something with more than 8 characters and that's it.

The many times she doesn't know her password to important account is mind boggling.

[–] dlok 2 points 11 months ago* (last edited 11 months ago) (1 children)

Tip for anyone using Google Chrome password manager they can access it from any other device by going to passwords.google.com in the browser and logging in (probably best in incognito if not your device).

[–] [email protected] 2 points 11 months ago

That's a great tip. I don't use chrome, so I didn't know that.

[–] Caesium 7 points 11 months ago (2 children)

ironically I think tech literacy is going down with future gens thanks to so many functions getting automated. Kids aren't learning how their computers work because it does all of work for them

[–] NielsBohron 9 points 11 months ago

I hate to be a "kids these days" person, but you're absolutely right. My Gen Z students don't even understand how folder/file structure works; they just download everything onto their desktop and use the search function to find what they need later. If they can't remember what something was called, they're SOL.

Don't get me wrong, I have a lot of faith in Gen Z and Alpha, but their strengths are definitely not the strengths of Millenials or Gen X.

[–] afraid_of_zombies 2 points 11 months ago

It's like that with everything isn't it? The problems have been off-loaded. In my company for example we used to make our own motors, now we buy them. I doubt there is anyone left who knows how to build one where I work.

[–] [email protected] 5 points 11 months ago (1 children)

I'm GenX and I don't know my email password...

Though I'm 99% sure it's in keepass somewhere.

[–] [email protected] 1 points 11 months ago

average keepass enjoyer

[–] [email protected] 4 points 11 months ago

My kid sister is the same way. Bought her a quest 3 for her bday. Took 3 days to get up and running because a) she had no idea what her meta account passwords were... had always just logged in on her phone... and b) none of the forgot password functions worked because she never cleared her Gmail mailbox so it had filled up and bounced previous facebook emails landing her on their internal do not send list.

I was livid.

[–] [email protected] 2 points 11 months ago

I've had the same issue with gen z to gen x. It hurts my soul each time

[–] SocialMediaRefugee 1 points 11 months ago

I know people who don't use a password manager so every time they have to type in a pw they have to go through the reset process.