|
|
|
|
|
|
by ss248
3249 days ago
|
|
|
>Memorize a strong password for every service that you use I keep hearing this argument and i think people who use it just don't understand why password has to have high entropy (e.g. strong). It's not to stop attacker from bruteforcing login page (nobody is doing it nowadays), it's to stop attacker from cracking hash, if he gets it. If password is unique, it doesn't have to be strong. >If you can do all of the above, then great, but most people can't. And this stuff again... "Security is hard, just use this password manager, dum-dum." All you have to do, is divide your accounts into two groups: accounts you care about and accounts you don't. Most people would not have more than 4-5 accounts in the first group. Create and memorize strong password for them. For the second group, you couldn't care less, so use passmanager, that is the only good use case for it anyway. |
|
|