It turns out that emoticons are considered a symbol, so they can beef up your passwords and make them more secure in combination with letters and numbers. Here’s how.
For petty services where you don’t want to have to break out the password manager, try making your own mental salted hash.
Pick four long words at random. Assign each of these to the four quadrants of the alphabet.
A-F - Equipment
G-M - Triumphant
N-S - Sampling
U-Z - Fatigued
Pick one number:
4
Now, take the first letter of the service that the password is for, and that selects your quadrant word. Take the number of letters in the service and multiply it against your number. Take the last letter of the service, and on your querty keyboard, move all the way to the right of thst line to select the first symbol there. Thats your unique password thats salted with yo ur personal words and number.
Facebook = Equipment32:
Lemmy = Triumphant20{
Pizza Hut = Sampling36{
If you want more security for these petty services, use longer words, bigger number, or use some other metric, Tweak the algorithm to make it unique to you. Maybe capitalize a middle letter in your salt word based on the length of the service name. Maybe add the first letter of the colour of the service logo to the password, EG
Facebook = Equipment32:B
Lemmy = Triumphant20{T
Pizza Hut = Sampling36{R
Petty services I would consider to be anything that’s not super critical, and is at a higher likelyhood of breaching my shit.
For banks, primary emails, or government services, use a more complex algorithm or a random string of chars from your password manager.
Just come up with one strong password (see https://xkcd.com/936/) for your password manager and use randomly generated passwords for everything else. There’s no reason to manually compute a hash every time you sign up for a service.
Also, for a non-remembering solution, use a security key with your password manager, the kind that plugs into USB and you have to tap a button to authenticate. Then you can generate a true random password and store it somewhere safe as a backup, and mainly use the key for day to day.
Yeah putting the name of the service in the passphrase is actually pretty secure, unless the rest of the password is like “thisisapasswordforFACEBOOK” cause then one password gets leaked and the rest can be inferred.
Youre going to memorize a unique sentence for each service?
A method like this allows you to memorize only 4 words of arbitrary length, a number, and a simple algorthm to yield unique passwords for each service.
For petty services where you don’t want to have to break out the password manager, try making your own mental salted hash.
Pick four long words at random. Assign each of these to the four quadrants of the alphabet.
A-F - Equipment
G-M - Triumphant
N-S - Sampling
U-Z - Fatigued
Pick one number:
4
Now, take the first letter of the service that the password is for, and that selects your quadrant word. Take the number of letters in the service and multiply it against your number. Take the last letter of the service, and on your querty keyboard, move all the way to the right of thst line to select the first symbol there. Thats your unique password thats salted with yo ur personal words and number.
Facebook = Equipment32:
Lemmy = Triumphant20{
Pizza Hut = Sampling36{
If you want more security for these petty services, use longer words, bigger number, or use some other metric, Tweak the algorithm to make it unique to you. Maybe capitalize a middle letter in your salt word based on the length of the service name. Maybe add the first letter of the colour of the service logo to the password, EG
Facebook = Equipment32:B
Lemmy = Triumphant20{T
Pizza Hut = Sampling36{R
Petty services I would consider to be anything that’s not super critical, and is at a higher likelyhood of breaching my shit.
For banks, primary emails, or government services, use a more complex algorithm or a random string of chars from your password manager.
Just come up with one strong password (see https://xkcd.com/936/) for your password manager and use randomly generated passwords for everything else. There’s no reason to manually compute a hash every time you sign up for a service.
Also, for a non-remembering solution, use a security key with your password manager, the kind that plugs into USB and you have to tap a button to authenticate. Then you can generate a true random password and store it somewhere safe as a backup, and mainly use the key for day to day.
too short, for all that effort just use a sentence with a symbol and a number.
FacebookCanGoToHell!123 is more secure and easy to remember
Yeah putting the name of the service in the passphrase is actually pretty secure, unless the rest of the password is like “thisisapasswordforFACEBOOK” cause then one password gets leaked and the rest can be inferred.
Youre going to memorize a unique sentence for each service?
A method like this allows you to memorize only 4 words of arbitrary length, a number, and a simple algorthm to yield unique passwords for each service.
You can also add a standard phrase to all of them that is shared between them all just to make them more complex
Equipment32:thisismypassword
yes, it is what I do now. there was a time when people memorized 10, 15 phone numbers.
Also you can’t really “forget” a password, because it’s connected to the name of the site. Very clever