this post was submitted on 27 Oct 2023
1294 points (98.1% liked)

Memes

45520 readers
1631 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
gary_host_laptop@lemmy.ml
sexy_peach@feddit.de
cyclohexane@lemmy.ml
cypherpunks@lemmy.ml
1294
Add-on: same password, same identity. (lemmy.world)
submitted 1 year ago by woshang@lemmy.world to c/memes@lemmy.ml
172 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] Paradachshund@lemmy.today 17 points 1 year ago (32 children)

Everyone talks about password managers these days, but isn't that telling the hackers exactly where to go to get all your passwords? Seems like a much higher chance of catastrophic failure to me if you have a single point of entry.

[–] moonmeow@lemmy.ml 18 points 1 year ago (6 children)

Yes that's definitely a concern to keep in mind.

The problem is that if someone doesn't use a password manager they're morenlikely to reuse weak ones.

Using a password manager is a better path, as long as there is awareness on how to keep it secured.

[–] Browning@lemmings.world 5 points 1 year ago (3 children)

I use the same password for every site, but I put the name of the site at the end of the password.
For example:
NotmypassB3ta.
NotmypassGoogle.
NotnypassLemmy. Etc.
I figure it might stop the most lazy of attacks.

[–] lud@lemm.ee 8 points 1 year ago

It will stop a lot of attacks but if someone figures it out, you're screwed. So I don't recommend it.

But years ago I used the same password everywhere except with a few differences due to different requirements (like special characters) and the weakest passwords I used got leaked on pastebin (or similar). And sure enough many accounts got compromised, not a huge deal and I didn't lose anything I cared about.

The interesting part is that no-one seemed to try the leaked password + 1234 or a capital letter in the beginning.

[–] moonmeow@lemmy.ml 1 points 1 year ago

That sounds not ya I'm sure it stops a , as long as the actual password is also strong. IMO there's still some vulnerability. If someone finds out your password and notices thepattern 'pass+Site', then they mighttryyon another site.

Also why it's a good idea to have a few emails yo use across multiple sites.

[–] Droechai@lemm.ee 1 points 1 year ago (1 children)

I had something similar but ran into issues with sites requiring specific symbols, disallowing certain symbols and limiting lengths or similar

[–] wewbull@iusearchlinux.fyi 3 points 1 year ago

That annoys me so much. Especially when the randomly generated line noise password I'm using doesn't happen to include one of the three punctuation characters they need to be "secure".

load more comments (2 replies)
load more comments (27 replies)