It’s helpful to take a few steps back from time to time to reassess where we’re each coming from on our knowledge of tech (or anything) to better communicate.

  • nnullzz@lemmy.world
    link
    fedilink
    arrow-up
    24
    arrow-down
    1
    ·
    9 months ago

    Having the kind of habits you need to keep yourself safe and private online.

    Blows my mind how many people don’t consider or sometimes even reject the idea of things like password managers because “it’s too complicated”.

    • Tippon@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      5
      ·
      9 months ago

      My wife drives me up the wall with this. She insists on using similar passwords everywhere, like Lemmy1 or Lemmy12, even though I’ve set up BitWarden for her.

      To make it worse, she reset her email password recently, refused to use the password manager, then promptly forgot it again 😤

      • Twitches@lemm.ee
        link
        fedilink
        arrow-up
        2
        ·
        9 months ago

        BitWarden ftw! that’s why I started using it, couldn’t remember my overly complex passwords for all the everything In the world needs a password now.

    • shneancy@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      9 months ago

      idk man, I know a password manager would make things easier and more secure, but it’s still putting all your eggs in one basket. If the service I gave all my passwords to has a leak or gets hacked - I’m fucked. And I don’t trust them to keep all my passwords locally and not peak in.

      I’d rather a couple of my accounts I’ve long since forgotten about be broken into than for my entire digital life to be uprooted.

      I have multiple passwords for the levels of security I want, bank is the most difficult, e-mail is close second, then we have mid tier passwords for things I care about personally but wouldn’t really have big consequences if lost, and then the password I personally saw leaked on a russian hacker forum that I use when a webstie insists I need an account to be graced with their service lmao

      • Croquette@sh.itjust.works
        link
        fedilink
        arrow-up
        2
        ·
        9 months ago

        Just use a password manager that keeps a hash of your database only. They can’t peek since the data is encrypted.

        • intensely_human@lemm.ee
          link
          fedilink
          arrow-up
          1
          ·
          9 months ago

          If all it keeps is a hash of your database then you can’t get any information out of it and it’s useless

      • YTG123@feddit.ch
        link
        fedilink
        arrow-up
        3
        arrow-down
        1
        ·
        9 months ago

        A good password manager encrypts your passwords with your own master password (and if you don’t trust them, use an open source one like Bitwarden)—so, even if it gets hacked, your passwords are not immediately compromised. You should take even more measures, like using 2FA such as your phone or a physical key, which basically makes you invincible. Way better than remembering passwords.

        • shneancy@lemmy.world
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          9 months ago

          I despise 2FA, I’ll stick to my piece of paper with passwords written on it. And if someone breaks into my house and steals it it’ll probably be the least of my worry at the time anyway

      • intensely_human@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        9 months ago

        You could use three password managers I suppose. Then you’d either need a rule for determining which manager a particular set of creds was stored in, or you’d need to just brute force remember it.

        But one thing I discovered when I stated using a password manager is that I don’t have five or ten things I need passwords for. I have at least five hundred.

      • fruitSnackSupreme@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        9 months ago

        That’s why you take several steps to ensure security. 2FA on everything. A different email address specifically for your password manager. A keyword suffix that you add to the end of every password. So even if someone gets into your password manager, they’re not getting into any of your accounts. Unfortunately proper security takes a lot of effort these days.

        • shneancy@lemmy.world
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          9 months ago

          2FA is shite, I hate having to keep my phone on me at all times. I’ll just stick to my flawed system, it’s not the most optimal but I have all my unique and important passwords written on a piece of paper hidden between two glued pages in my journal, and the throwaway passwords are simple muscle memory