Nowadays, most people use password managers (hopefully). However, there are still some passwords that you need to memorize, like master password (for a password manager), phone lock, wifi password, etc.

Security wise, can passphrase reach the strength of a good password without getting so long that it defeats the purpose of even using it?

  • Truck_kun@beehaw.org
    link
    fedilink
    English
    arrow-up
    0
    ·
    8 months ago

    I do use passphrases, but I combine with randomness.

    I memorize one random 8 character string to use with something more memorable.

    Then when I need more security, or I feel that random 8 character string is no longer safe (password leak/hacked), I memorize a new 8 character string.

    Then I combine them.

    Then I memorize a new 8 character string and mix it in.

    It’s a process built up over years that ingrains into memory. Sometimes I forget the order, or if i added spaces, or did no spaces. Luckily, as long as I am sure of the discrete segments, I can remix them to recreate until it works (in a reasonable time).

    My last addition was when I made the move from Lastpass to another password manager, after their endless bad news.