this post was submitted on 28 Jun 2023
60 points (98.4% liked)

Showerthoughts

29800 readers
796 users here now

A "Showerthought" is a simple term used to describe the thoughts that pop into your head while you're doing everyday things like taking a shower, driving, or just daydreaming. A showerthought should offer a unique perspective on an ordinary part of life.

Rules

  1. All posts must be showerthoughts
  2. The entire showerthought must be in the title
  3. Avoid politics
    • 3.1) NEW RULE as of 5 Nov 2024, trying it out
    • 3.2) Political posts often end up being circle jerks (not offering unique perspective) or enflaming (too much work for mods).
    • 3.3) Try c/politicaldiscussion, volunteer as a mod here, or start your own community.
  4. Posts must be original/unique
  5. Adhere to Lemmy's Code of Conduct

founded 1 year ago
MODERATORS
top 14 comments
sorted by: hot top controversial new old
[–] [email protected] 8 points 1 year ago (2 children)

Use a password manager and use it to memorize important stuff, like costs and effects of MTG cards

[–] janonymous 3 points 1 year ago

I do use a password manager. But not for my cash card pin, signal pin, bank app pin, windows logins, mobile phone pin, mobile phone code, ...

[–] emptyother 1 points 1 year ago

MtG cards.. Absolutely a priority! 😆

[–] miraclerandy 8 points 1 year ago (1 children)

Bitwarden is an open source password manager and is super useful. You can store all your passwords and sync on all your devices. You can even some with friends and family as you choose.

[–] janonymous 3 points 1 year ago

I'm using KeePass, but I still need to remember my cash card pin, signal pin, bank app pin, windows logins, mobile phone pin, mobile phone code, ...

[–] eighty 7 points 1 year ago (1 children)

Sorry to break it to you but it's no longer viable to just have 3-4 passwords to memorize or simply add small changes. With the exponential rise in computing power and data breaches, brute-forcing and rainbow tables are increasingly viable.

Just memorize a ridiculously strong password (I recommend a combination of a quote/passphrase and made up words in addition the standard best password practices) and use that for your password manager. Bitwarden and many others have a password generator where you can generate 30+ character passwords

[–] RGB3x3 3 points 1 year ago (1 children)

Brute forcing and rainbow tables are only useful if a company allows unlimited login attempts or if the attacker gets their hands on a hashed password database.

But if the company is following good security practices by salting hashes, expiring sessions, and disallowing more than 10 attempts on an account, then there's little reason to fear.

And if a company is not using those, then you'd be screwed anyway. Best solution is not to use a password that would show up on a rainbow table and that is resource intensive to brute force the hash for.

[–] emptyother 4 points 1 year ago

if the attacker gets their hands on a hashed password database.

This is the easiest and most common way, the primary thing to fear. Thats the main security risk we want to lessen by having a unique password per site. I'd say its so IMPORTANT to have unique passwords that I tell people to discard the old rules about never writing anything down. Write shit down, keep it in a drawer by your computer if needed. I mean, if they get access to that they already got access to just take your entire computer and rob your house, so it doesnt really matter. The important part is not letting strangers faraway on the internet get in because they are harder to catch than a house robber.

Having a complicated password is "only" the second most important thing because you cant rely on a company's ability to not be idiots. Or done a human error. You dont want to be screwed ~~if~~ when a single company (of maybe dozens to hundreds) havent hashed and salted correctly.

[–] [email protected] 4 points 1 year ago (1 children)

Get a decent password manager!

[–] janonymous 2 points 1 year ago (1 children)

I do use a password manager. But not for my cash card pin, signal pin, bank app pin, windows logins, mobile phone pin, mobile phone code, ...

[–] emptyother 3 points 1 year ago

You can do that too. Bitwarden got fields for those. You gotta subscribe for the 2FA generator, though.

[–] DeadNinja 2 points 1 year ago

Relatable AF

[–] TheSpookiestUser 2 points 1 year ago

Sometimes I won't be able to manually recall a password, freak out, then autopilot filling it it correctly and suddenly think "oh yeah that was it, I must be a dumbass".

[–] HjFUN 1 points 1 year ago

It used to be for remembering the steps to that sick hidden berry patch. (Conjecture)