Rich Freeman wrote: > On Mon, Feb 4, 2019 at 3:09 PM Dale <rdalek1...@gmail.com> wrote: >> I'm not sure if one can convert that to NSA time or not. o_O The >> password contains upper/lower case letters, couple symbols from up top >> of the number keys and several numbers. None of which anyone would be >> able to guess in any way. They have nothing to do with that list of >> things not to use, birthdays etc. If a person was trying to just guess >> it, even a best friend who knows me extremely well, they would not be >> able to guess it much less the order of it. The only bad thing, it >> isn't to easy to type. Of course, a really good password usually isn't >> so . . . > And do you use that password on only a single site? > > If you use it on more than one, then as soon as one of those sites is > compromised it will sniff your password and then your password can be > used on all the others without any cpu cycles wasted on brute-forcing > it at all. > > That is the weakness of random passwords. Unless you use some kind of > password manager you won't actually use a unique password on each site > due to difficulty with memorization... >
Right now, I'm coming up with a master password for LastPass and maybe a new set of keys. I may use something different for my keys to your point. My encryption thingy broke on Seamonkey, the keys are broken somehow. I googled, tried some stuff but can't figure out how to fix them so I revoked the things and am going to start fresh. Heck, only one person ever uses them anyway. lol Once I get logged into LastPass, I generate unique passwords with it for each site. Depending on the site, I try to generate as long and use as many characters as the site will allow. If it allows the symbols on top of the number keys, I enable them. If it doesn't, I cut that off. If it allows 20 characters, I set it to generate 20. It's not like I have to remember it or even type it in either. I may as well be as secure and random as possible. The master password is the current project tho. Way back, I used to have three passwords. One fairly secure one for financial type sites, one somewhat decent one for stuff like social sites and one I could care less about. None of them would be easy to guess but the complexity changed. Nowadays, I wouldn't even dream of doing like that. Far to many script kiddys out there trying to steal stuff. That doesn't even mention the pros and what they do. You are right tho, reusing passwords is a really bad idea. It makes it dead simple to hack everything else. Dale :-) :-)
