Creating and managing strong passwords \ stacker news ~bitcoin

2539 sats \ 19 comments \ @Nysolo 6 Jun 2023 bitcoin freebie

Today I want to talk about creating strong passwords, because this is the first and one of the most important steps to secure your online activity. Let's figure out how to create passwords that are strong and hard to crack.

🔐Password length. The longer the password, the harder it is to crack. I recommend using at least 25 characters and avoid obvious combinations like your date of birth, your pet's name, etc.

🔐Special characters. Use lowercase and uppercase letters, numbers, and special characters for greater complexity. Or password phrases of at least 6-7 words. This is enough entropy to protect your accounts. Example password: "MnV&aoM3xnQu!4Cm#n%792tgF!GD7f4ec^$" Example passphrase: "causing-bakery-landmass-thermal-oversleep-skipping-recycled"

🔐Uniqueness. Obligatory rule - different passwords for different accounts. The password must never be repeated. Many people neglect this rule.

How do you create such passwords and don't forget them? It's simple - password managers. These are programs that generate complex passwords and store them in an encrypted form, so that nobody but you can access them. The only password you need to remember is the password from the password manager itself. It too should be complex enough, but in a way that you will remember it.

I recommend using open source password managers such as KeePassXC, Bitwarden. By no means use password managers built into your browser and do not use popular ones like 1password, LastPass. These companies have been hacked, plus they have closed source code.

KeePassXC is a completely local password manager. That is, it creates an encrypted database offline. And then you can move that database between devices.

Bitwarden (I use it) is a cloud-based password manager. The database is encrypted offline on your device and transferred already encrypted to the cloud, so you can conveniently sync between devices.

We recommend that you change your passwords at least once a year for important accounts.

*Bonus. A service where you can enter your email address and check if your passwords have been leaked and in which services - haveibeenpwned.

view all related items

450 sats \ 1 reply \ @beorange 6 Jun 2023

Password managers are hard requirement nowadays. All passwords should also be generated randomly.

Remembering passwords and re-using them is a big "no no" for any person (tech savy or not).

0 sats \ 0 replies \ @Nysolo OP 6 Jun 2023

Agreed

67 sats \ 0 replies \ @Monotone 6 Jun 2023

Wow. I was just about to write a similar article on the subject. You beat me to it)

It's a great topic. I think we need to talk about these things more often. People often don't even think about it.

66 sats \ 3 replies \ @DarthCoin 6 Jun 2023

I use those too (keepass and bitwarden). I even have a copy on an encrypted USB of that keepass database (hidden in a safe place). Double protection. Even If I lose that usb or is stolen, there's no way to get the passwords inside. At least for 150 years, enough time to change them or being obsolete.

0 sats \ 2 replies \ @Nysolo OP 6 Jun 2023

How often do you have to update the base on the USB drive?

0 sats \ 1 reply \ @DarthCoin 6 Jun 2023

not so often, is just an additional copy, but yeah it needs to be updated regularly if you change a lot the content.

0 sats \ 0 replies \ @Nysolo OP 6 Jun 2023

is the eternal competition between convenience and security. In most cases, people prefer the former

5 sats \ 1 reply \ @oraltosun 6 Jun 2023

Very informative, thank you. I use Bitwarden for a while.

0 sats \ 0 replies \ @Nysolo OP 7 Jun 2023

I'm glad you liked it.

5 sats \ 1 reply \ @CoSatoshi 6 Jun 2023

This is great, thanks for the post.

10 sats \ 0 replies \ @Nysolo OP 7 Jun 2023

You're welcome)

0 sats \ 0 replies \ @FrickFrickFrick 8 Jun 2023

I just keep it simple. It is the same password as my luggage.

0 sats \ 6 replies \ @2bithits 6 Jun 2023

25 characters seems like a bit much

244 sats \ 4 replies \ @Nysolo OP 6 Jun 2023

Why? Passwords of 8-12 characters are already quite possible to crack in a reasonable time. From 25 characters - is a good option, especially since security is not redundant

0 sats \ 3 replies \ @2bithits 6 Jun 2023

What are the odds of brute forcing a 12 character password using UC, LC, numbers & special characters?

21 sats \ 2 replies \ @Nysolo OP 6 Jun 2023

Here's an example from Bitwarden. With today's level of technology, it's quite realistic to hack with the bruteforce method.

https://nostr.build/i/d6b40311a6c62d27ede127181d838a3f2e7070bd5dc6e6caa518a99a43f261db.jpg

21 sats \ 1 reply \ @2bithits 6 Jun 2023

Right...

For some reason I thought it would be much more difficult than that.

Thanks for letting me know

0 sats \ 0 replies \ @Nysolo OP 7 Jun 2023

This is a good reason to update your passwords)

0 sats \ 0 replies \ @td 4 Apr

Agree, but doesn't cost any time or effort to set your password manager to default to more characters?