this post was submitted on 14 Feb 2024
263 points (88.8% liked)
Technology
59398 readers
3070 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Only if you're specifically targeted. I know enough regex to know that nobody is going to bother trying to parse known passwords to identify patterns like that when there's a billion suckers who use 'password123' for their bank accounts.
As long as the pattern is not super predictable, and aren't dictionary words, nobody is brute forcing that.
Even a minute mental load at everything you need to log into in a day is still more than the zero mental load I have when using a password manager.
It’s not just more secure, it’s far more convenient. Plus once you start to share a life with someone, you can share all your accounts and passwords effortlessly as well.
These would be extremely easy to detect with regex. Just look for the service name in a password, including common leet speak conversion.
Password123-Facebook
then easily becomesPassword123-GitHub
orPassword123-Walgreens
.I can assure you, if I was a bad actor that got my hands on a password dump, I’m checking for these kinds of passwords pretty early on.
Edit: A word.