[lukasm]

I use a hybrid approach with Lastpass used as a password entropy storage. For important services like Github I only store half of the password in LastPass. Then I add a nonce and a generic short password.

The final password is 12-16 random characters for LastPass + 3 chars Nonce that I generate from the service name (in my head) and a short 5 character password.

If LastPass leaks the secrets no one is able to take over the accounts easily.

For services that don't matter much I just store the whole password in LastPass.

[jhanschoo]

Thanks for sharing your approach. I already use the nonce+generic pass, but had not thought about your method, which I'd like to use from now on.

[kilroy123]

This is a great idea, but doesn't it involve a lot of manual work? Or is there some kind of automated way to do this?

[lukasm]

It requires no extra work. Lastpass automatically fills out the creds, I have to type a few extra characters in password input and press login. Only tiny annoyance is pressing No in Lastpass "Do you want to update your password?".

[Jolter]

Doesn't nonce mean "number used once"? Seems like you would have to use the same number every time, no?