https://www.desidime.com/discussions/any-good-password-tips-here-are-mine?page=1#post_9280340
MKV29
Link Copied
Most basic yet under utilised password tip: Use an Open-source password manager.
5
Any good password tips? Here are mine.
- 1113
- 25
-
- Last Comment
- Length is more important than complexity . This does not mean complexity is not important, just that length is more important. Shoot for length first, then complexity.
- Avoid common substitutions, as they are baked into password cracking rule-sets. Common substitutions include: a = @, i = !, s = $, etc. Same with adding a 1 to the end of your password and capitalizing the first character. These are common patterns, and are well-known to crackers.
- Instead of thinking "password" think "passphrase". A single dictionary word is extremely bad. Four to five random dictionary words, perhaps separated by spaces or special characters, is robust. The benefit of a passphrase is that it is easier for you to generate entropy while still remembering your key. Generating entropy through randomized characters is hard, and results in a hard to remember password, meaning you will likely end up with less entropy.
- Avoid "password walking". This is using a password with adjacent keyboard characters (e.g. "qwerty", "1q2w3e4r", "1qaz2wsx", etc.)
- Avoid any password present on a password blacklist. Ideally, this should be a baked-in process.
- You should be using a different password for every website. At the very least, your e-mail password should be extremely strong and unique. If someone gets into your e-mail, they can simply reset every other password connected to that e-mail, regardless of how strong they are. Password re-use attacks are common. I cannot overstate the importance of this one tip.
- SMS-based two-factor authentication (2FA) is better than nothing, but sim-swapping has made it inferior to other forms of 2FA and MFA.
- I, and my colleagues, and many others strongly recommend a (non-browser-based, audited) password manager. There still seems to be debate about password managers. I will only comment that most security professionals and government agencies encourage the use of them. They are not a panacea. Use them in combination with other positive security habits, like frequent backups and 2FA/MFA.
Expired
24 Comments
|
17 Dimers
- Sort By
https://www.desidime.com/discussions/any-good-password-tips-here-are-mine?page=1#post_9280716
dani@rajaimeladaixoxo
https://www.desidime.com/discussions/any-good-password-tips-here-are-mine?page=1#post_9281442
This is so useful!
https://www.desidime.com/discussions/any-good-password-tips-here-are-mine?page=1#post_9281596
1234
https://www.desidime.com/discussions/any-good-password-tips-here-are-mine?page=1#post_9282277
Peppering
https://www.desidime.com/discussions/any-good-password-tips-here-are-mine?page=1#post_9282540
Rule 1 - Keep the need for critical passwords to 1 a4 paper length
Rule 2 - Write them down on an a4 paper with an ink which will not get erased due to passage of time
Rule 3 - Keep updating that a4 paper
Rule 4 - Do not forget rules 1 to 3
https://www.desidime.com/discussions/any-good-password-tips-here-are-mine?page=1#post_9283587
A4 paper length enough hoga ya chart le lu?
https://www.desidime.com/discussions/any-good-password-tips-here-are-mine?page=1#post_9283450
Apni wali bandi ka naam @123
I use it for demat to netbanking ....
Change password along with subject in every 6 months
https://www.desidime.com/discussions/any-good-password-tips-here-are-mine?page=1#post_9284479
😮
https://www.desidime.com/discussions/any-good-password-tips-here-are-mine?page=1#post_9283601
I use forget password. Works every time 
Click here to reply
Reply
