• grue@lemmy.world
        link
        fedilink
        English
        arrow-up
        18
        arrow-down
        1
        ·
        1 year ago

        get yourself a password manager and insert a proper middleman!

        There, happy now?

    • Sharkwellington@lemmy.one
      link
      fedilink
      English
      arrow-up
      10
      ·
      1 year ago

      So is having a password manager with a bunch of different passwords you don’t remember and just copy-paste considered the way to go these days?

      • PotatoesFall@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        14
        arrow-down
        2
        ·
        edit-2
        1 year ago

        100%, yes. Cybersecurity people will confirm this is the safest way.

        Although, copy-paste is rarely needed. with browser extensions and android auto-fill, I am getting everything filled more or less automatically.

        I recommend Bitwarden personally.

      • helpImTrappedOnline@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        1 year ago

        Yes. If you uses the same email/password for everything, then some can hack a site with weak security and try that combination on other sites that have payment info. This is why you’ll hear about passwords being sold on the dark web, and why it’s such a big deal when a site’s password database gets leaked.

        If all of your passwords are different lengthy strings of nonsense, you’ll be safe. There’s also debate on having your password a string of 4 random uncommon words (at least 5 letters long). This is because it’s easier to remember, while still being long and difficult to guess. This is good for things you type frequently, such as a Windows login or the password database unlock.

        I’ll also use random words for security questions. In the password database I save the answer in the notes section of the entry for the site.

        No one is checking if your first pet’s name really was: snowplowrecaptureducklingpopsicle

        • max@feddit.nl
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Hell, it’s even safer to use nonsensical answers for those security questions. No one can social engineer your folks around you or look on your social media to find your pet’s name or elementary school.