If you set up a new password manager, please don't use a previously used password for your master password.
https://twitter.com/CyLab/status/1162388232950231040 …
-
-
-
Replying to @Pinboard
The same reasons you wouldn't reuse a password anywhere else.
1 reply 0 retweets 0 likes -
Replying to @durumcrustulum
Doesn't the master passphrase require physical control of my device to be useful?
3 replies 0 retweets 0 likes -
Replying to @Pinboard
'We reserve the right to search your electronic devices at a border crossing' combined with <any large breach with your reused password>
2 replies 0 retweets 0 likes -
Replying to @durumcrustulum
I'm not trying to be difficult, but I think this is a hard thing to ask for usability by regular humans. Safely crossing borders is a different animal, and I think better served with a travel mode
1 reply 0 retweets 1 like -
Replying to @Pinboard
I have...three passwords (plus two pins) that I have memorized and chose rather than were randomly generated. Given that one of them is my master password, I don't find that particularly burdensome.
1 reply 0 retweets 0 likes -
Replying to @durumcrustulum @Pinboard
If you really _really_ can't come up with something fresh for your pw manager's master pass, fine do whatever clever permutation of child's name and birth year (but with numbers instead of vowels!) that you will actually use and remember, just try to make it somewhat different.
1 reply 0 retweets 0 likes -
Replying to @durumcrustulum
There are issues with that, like the passphrase chosen for a laptop being excessively cumbersome to type on a phone keyboard because the vowels are numbers. (I'm not making these up, this is drawn from all the ways I failed to get regular people to use password managers)
2 replies 0 retweets 2 likes -
Replying to @Pinboard
(Was my sarcasm not clear? You can do the numbers for vowels thing but that is definitely a known mutation in password crackers.)
1 reply 0 retweets 0 likes
I missed it, I'm sorry. I genuinely don't get why password crackers are a consideration in the master passphrase for a password manager. You cited the example of crossing borders, but that seems very specific to me. I apologize if I'm being dense.
-
-
Replying to @Pinboard
I figure, you are choosing the combo for your safe, probably one you won't change for a long time, and this one-time, high-value decision is improved if it's not a value you've already spread all over the world associated with your identity.
1 reply 0 retweets 0 likes -
Replying to @durumcrustulum @Pinboard
It's better to use a password manager with a meh password than not at all, but if you can swing it, please choose a decently long passphrase you haven't been using lots of other places to secure it.
1 reply 0 retweets 0 likes - Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.