Asklemmy

I use a short passphrase that I made up that only I and my husband know. It consists of numbers, a special character, a word, and more numbers.

Then whatever I'm logging in to, my password consists of something relevant to the thing, with my passphrase appended to it.

I tend to use random lines of code that don’t make much sense.

For example:

W0rds::Format(a[0],b[9])->Render(delta);

Lengthy, memorable, incorporates numbers, special characters, upper and lowercase.

The challenge is having to type it in on phones or other devices not a computer.

I don’t currently use a password manager, but I probably should.

Define 'strength'... against a dictionary attack? Brute force? Social engineering? 'forgotten password/recovery questions' hack? Stolen session cookie? Keyloggers?

If you're not aware of the above, take some time to learn about each of those things and how good security practices counter each one.

The question is kind of like, 'can you bake a cake?' .. probably yes, but it's really missing a lot of essential information, like what kind of oven, what ingredients do you have, what's your skill level, do you have arms, etc.

Any 'passphrase' can be secure or insecure, depending on the other surrounding factors. 2FA solves many security weaknesses.

I use a leetified (using my own custom flavor) passphrase as my master password - I can type it really quickly and it's obscure as hell so I'm happy with it.

@[email protected] Why would the passphrase being long defeat the purpose of using it. That's half the purpose of using passphrases.
Make sure to use made up words or proper nouns and put a pin in an unexpected place. That's an easy way to change it without replacing the whole passphrase

No, I just memorize the proper password.