|
|
|
|
|
|
by apmee
5303 days ago
|
|
|
I've often wondered to what extent my own password mnemonic "system" is either sufficiently secure or woefully misguided. Each of my passwords is made up of the same eight-character non-dictionary word, plus the alphabet-position numbers of the first three characters of the name of the site I've made the password for (A -> 1, B -> 2, that old trick). So for example, say the common word I was using in my passwords was "pizzadog", then my Hacker News password would be "pizzadog813" (H -> 8, A -> 1, C -> 3) I admit my goal is convenience, as it's clearly only one step up from using the same password for everything, but with the added numbers making me feel a little better in the event of one of them being compromised. But is there any reason why this approach might be considered a bad idea? |
|
|
Or, they have you register on just one site they control, and figure out the substitution trick. They now have all your passwords.
Now that you made the post it's even worse: we all know your password here is 8 lowercase characters + 813. If that's really true, I recommend changing all your passwords everywhere, NOW.
It's an extremely, extremely tiny step up from having the same password everywhere.