I use a web service which does this. It's mildly annoying having to switch apps/...

archerx · 2024-09-08T05:47:54 1725774474

Remembering passwords is easy this is just just convoluted and stupid.

mewpmewp2 · 2024-09-08T05:53:34 1725774814

Since you wouldn't want to reuse passwords how is it to remember them?

homebrewer · 2024-09-08T09:36:32 1725788192

You'll be surprised how many diceware passwords you're able to remember.

It can go two ways depending on your preferences: use a shorter passphrase generated from a large dictionary; a good one can be obtained from 1password:

https://1password.com/txt/agwordlist.txt

https://1password.com/password-generator

or a longer passphrase from a short dictionary including only the most common words, like the EFF one:

https://www.eff.org/dice

https://secure.research.vt.edu/diceware/#eff

I don't use either generator, preferring a local command:

  $ shuf --random-source /dev/urandom --head-count 5 ~/.local/share/words |
    paste --serial --delimiters -

wrapped in a small helper script with desktop notifications and copy-to-clipboard.

antimemetics · 2024-09-08T07:43:25 1725781405

Let the machine do the work, sit back, and relax You have to remember 0 passwords and can still have a unique one for every account

archerx · 2024-09-08T08:20:48 1725783648

Base password plus company name or initials. One password mutated into infinite variations that are easy to remember. This has been working fine for me for at least 15 years.

suprjami · 2024-09-08T10:09:49 1725790189

What do you use for the base password? The website name?

So if someone finds out your password for a certain site is `Facebook1234ABCD` they have a fair guess at every other password?

Same applies for `MyPasswordFB` using the reverse method.

archerx · 2024-09-08T11:07:11 1725793631

My base password is secret but it is an alpha numeric string with mixed caps. An example would be “p45Sw0rD-Apple+” something in that vain.

So in the end the password contains numbers, letters both capped and lower case and special characters.

system33- · 2024-09-08T13:52:46 1725803566

I think their point is that no matter how secure your base password is, once one site leaks it, the bad guy basically knows your password to every site.

archerx · 2024-09-08T14:15:08 1725804908

I have been using the internet since the 90s, my Hotmail account is 23 years old and I have never lost any of my accounts. I think it’s working quite well in my experience.

suprjami · 2024-09-08T21:19:21 1725830361

It will, right up until the day it doesn't.

You just need one little website to leak passwords in plaintext and all your passwords are up for grabs.

I used to do the same thing and I stopped for that reason.

archerx · 2024-09-09T05:29:50 1725859790

It should work for another 23 years. I’ll keep using my system that works.

mewpmewp2 · 2024-09-08T23:34:51 1725838491

This is one of those things that works until it doesn't, though.

archerx · 2024-09-09T05:32:27 1725859947

or it just continues working for another 23 years. Do you have a password system that has worked successfully for as long? Just because you “feel” that it’s not good doesn’t mean your feelings are correct.

stephenr · 2024-09-09T01:09:22 1725844162

Surely a Venn diagram of HN users and password manager users is essentially one circle, no?