|
|
|
|
|
|
by Ahwleung
2510 days ago
|
|
|
If you want to apply this advice practically, instead of using and trusting any of the various password managers out there, use a brain-stored hash algorithm for all password management. For example your hash could be <some secret phrase> + the last 4 letters of the website/service being visited, with the last 2 letters flipped. Combine the phrase in some non-intuitive way. Only other considerations are to have a more basic hash for certain financial websites/insurance companies (cough Allstate) that for some reason think an 11-character max password is still okay in this millenium, and to have a method of "incrementing" the password in case you have a service that forces rotations. The only reason to write the hash down is for financial service access in the case of estate planning - store it securely/safely, of course. Ever since switching to this, I've found it's even more convenient than a password manager. You get used to running your hash in a very short time, and don't need to have access to an electronic device to recall a password. |
|
|