From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 262B9138334 for ; Mon, 4 Feb 2019 22:34:28 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 22710E0E03; Mon, 4 Feb 2019 22:34:22 +0000 (UTC) Received: from insect.birch.relay.mailchannels.net (insect.birch.relay.mailchannels.net [23.83.209.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 87D17E0DB7 for ; Mon, 4 Feb 2019 22:34:21 +0000 (UTC) X-Sender-Id: dreamhost|x-authsender|tanstaafl@libertytrek.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id E44F950209A for ; Mon, 4 Feb 2019 22:34:19 +0000 (UTC) Received: from pdx1-sub0-mail-a42.g.dreamhost.com (unknown [100.96.30.62]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 98731503075 for ; Mon, 4 Feb 2019 22:34:19 +0000 (UTC) X-Sender-Id: dreamhost|x-authsender|tanstaafl@libertytrek.org Received: from pdx1-sub0-mail-a42.g.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384) by 0.0.0.0:2500 (trex/5.16.2); Mon, 04 Feb 2019 22:34:19 +0000 X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|tanstaafl@libertytrek.org X-MailChannels-Auth-Id: dreamhost X-Chemical-Keen: 24d1d4cd20b7d164_1549319659796_1695216364 X-MC-Loop-Signature: 1549319659796:254695646 X-MC-Ingress-Time: 1549319659795 Received: from pdx1-sub0-mail-a42.g.dreamhost.com (localhost [127.0.0.1]) by pdx1-sub0-mail-a42.g.dreamhost.com (Postfix) with ESMTP id 42D3980863 for ; Mon, 4 Feb 2019 14:34:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=libertytrek.org; h=subject :to:references:from:message-id:date:mime-version:in-reply-to :content-type:content-transfer-encoding; s=libertytrek.org; bh=K PTcmcFOppFUeq2dH4P3dF487IQ=; b=RZZNFRVtbJgn+GAdGIMHQBRJAvQqSEV/d jI6FlE8kMkIT8vBBTByXDL+BGvCxSnrgpn9K4LI8gSigFf+VAeFGHaKl7X82NbQm LHq3FIFZUsvWdL6Fauj7cE9J3iG8cEE6uo7IzIZzImdPbHTRLKQd1dh57AqcBNmA zTTDuUrefk= Received: from [192.168.0.70] (unknown [204.77.234.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: tanstaafl@libertytrek.org) by pdx1-sub0-mail-a42.g.dreamhost.com (Postfix) with ESMTPSA id EEFB780856 for ; Mon, 4 Feb 2019 14:34:18 -0800 (PST) Subject: Re: [gentoo-user] Coming up with a password that is very strong. To: gentoo-user@lists.gentoo.org References: <8d027455-f210-c399-f5a7-bfb05692cc5f@gmail.com> X-DH-BACKEND: pdx1-sub0-mail-a42 From: Tanstaafl Message-ID: <203701cf-b0c8-a2d3-ab49-46fdde2ccc95@libertytrek.org> Date: Mon, 4 Feb 2019 17:34:16 -0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 In-Reply-To: <8d027455-f210-c399-f5a7-bfb05692cc5f@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-VR-OUT-STATUS: OK X-VR-OUT-SCORE: 0 X-VR-OUT-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedtledrkeeggdduieefucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuggftfghnshhusghstghrihgsvgdpffftgfetoffjqffuvfenuceurghilhhouhhtmecufedttdenucenucfjughrpefuvfhfhffkffgfgggjtgfgsehtjeertddtfeejnecuhfhrohhmpefvrghnshhtrggrfhhluceothgrnhhsthgrrghflheslhhisggvrhhthihtrhgvkhdrohhrgheqnecukfhppedvtdegrdejjedrvdefgedrudejtdenucfrrghrrghmpehmohguvgepshhmthhppdhhvghloheplgduledvrdduieekrddtrdejtdgnpdhinhgvthepvddtgedrjeejrddvfeegrddujedtpdhrvghtuhhrnhdqphgrthhhpefvrghnshhtrggrfhhluceothgrnhhsthgrrghflheslhhisggvrhhthihtrhgvkhdrohhrgheqpdhmrghilhhfrhhomhepthgrnhhsthgrrghflheslhhisggvrhhthihtrhgvkhdrohhrghdpnhhrtghpthhtohepghgvnhhtohhoqdhushgvrheslhhishhtshdrghgvnhhtohhordhorhhgnecuvehluhhsthgvrhfuihiivgeptd X-Archives-Salt: 28b52c79-fd98-4600-b910-914eb898b99b X-Archives-Hash: b198e636639d266406cf7e1d6a59f8c7 On 2/4/2019, 12:47:35 AM, Dale wrote: > Thing is, with today's computing power, it really isn't anymore. > While no one could just guess it, it could be cracked/hacked I'm > sure. I need to come up with a new one that meets the requirements I > just mentioned. Strong, easy to remember, easy to type but won't > forget. I've read that using maiden names, years of birth or whole > dates of birth, actual names, pet's name, words in a dictionary and a > whole list of other things makes it easier, especially if you post a > lot on social media, for hackers to use against you. I'm trying to > avoid that sort of thing obviously and have a couple ideas but am > curious as to what method others use, without exposing to much > detail since this is public. I've been using a little Firefox Addon called Passwordmaker for many, many years, and despite all of its warts, I've been loathe to give it up, even though it will never be upgraded to work as a WebExtension. 2 things I loved about it - a) it doesn't save the password locally, only info about the site/account, and b) you can use an unlimited number of Master Passwords I'm looking at migrating to KeePassXC, and even though I really hate the idea of saving the actual password - Passwordmaker simply generates the password on the fly each time based on certain specified criteria (ie, the site URL, username, password length, etc for each account - one technique I adopted shortly after assisting in updating the Passwordmaker website eases my mind about it... This is a simple technique I strongly recommend that everyone employ, especially if you use a Password manager (like LastPass or KeePass)... It is uncrackable (well, as long as it isn't the CIA or NSA that wants to crack it and they are willing to kidnap/torture you to do so). You sit down and come up with a ... call it a 'password modification protocol' ... whereby, you always modify your generated/stored password in a specific way before pressing enter. For example, you delete characters 3, 5 and 7, then add 2 characters to the beginning and 2 to the end. It is very simple, and negates worrying about someone stealing your password vault.