this post was submitted on 18 Mar 2025
67 points (100.0% liked)

Privacy

35752 readers
441 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
top 19 comments
sorted by: hot top controversial new old
[–] [email protected] 2 points 1 hour ago

Always two there are. No more, no less. The one they know, and the one they don't.

[–] [email protected] 9 points 9 hours ago (1 children)

I'm glad I've been using a password manager for several years now.

[–] [email protected] 1 points 2 hours ago

Yeah I think I've got 600 distinct logins in my bitwarden at this point, lol.

[–] [email protected] 27 points 14 hours ago* (last edited 14 hours ago) (2 children)

I wonder how much of this stems from two stupid IT policies. For decades users have been told to not write down passwords and to change them regularly. The result of this policy is to use a small number of password variations that one reuses. Then IT complaims about it.

The better plan has always been to use long random passwords that you never reuse and write them down by some method like a password manger and only change them rarely for example when they may be compromised,

[–] [email protected] 1 points 22 minutes ago

My workplace has finally gone to passphrases and 1 year password life, which is nice as it's a password I often need to type, so I'd rather 20 easy to type and memorise chars than 16 random

[–] [email protected] 4 points 10 hours ago (1 children)

I remember asking my company if they have official password management software in my job before my last job. They did not. I can't believe we have all this specific software to be used at the company but they don't put some time to identify what they want employees to use for this. Funny thing is security teams are such big deals but I think they actually don't want to get involved in case it does not work out.

[–] [email protected] 1 points 8 hours ago

Lot of security is theater. IT doing a CYA thing.

[–] [email protected] 24 points 14 hours ago (2 children)

Which half? The hunt half or the er2?

[–] [email protected] 14 points 14 hours ago

What parts? I only see "The **** or the ***?"

[–] [email protected] 11 points 14 hours ago

The "correcthorse" part

[–] [email protected] 12 points 12 hours ago
[–] [email protected] 14 points 13 hours ago

yeah because half of them are 1234

[–] [email protected] 6 points 11 hours ago (1 children)

I would do the word jumble suggested by xkcd, but so many websites require numbers, special characters, and disallow spaces that it would be impossible to remember unique passwords between those sites. Ironically I end up in a much weaker password ecosystem because I re-use the nearly-same password over and over again so I'm not constantly requesting a reset.

[–] [email protected] 16 points 11 hours ago (3 children)

Why not use a password manager?

[–] [email protected] 1 points 2 hours ago (1 children)

I'm split between a work pc, mobile, and home pc... It could work for 90% of cases. I never trusted a password manager though.

[–] [email protected] 1 points 20 minutes ago

KeePass doesn't rely on any third party, and if you choose to use a third party file storage to hold your password vault, it's encrypted

[–] [email protected] -2 points 4 hours ago (1 children)

Single point of failure and a separate entity has all of your passwords and you have to continue paying them or lose access to everything. Sounds like a terrible idea to me

[–] [email protected] 2 points 3 hours ago

There are password managers you can self host. Bitwarden being one of them. Secure it as much as you want and keep off-site encrypted backups if you're worried about a single point of failure.

[–] [email protected] 7 points 11 hours ago

BitWarden now supports passkeys and has a free 2FA app.

No excuses not to be as secure as possible anymore.