Password Choosing and Password Cracking

The other thing about passwords is that EVERY site you go onto these days requires them, and generally insists on them being fairly complicated. (8 characters, mixed numbers and letters, special characters etc.)

Well there are lots of sites which I really couldn't give a damn whether people can sign in as me or not.
The chrons is one, for instance. A hacker who wants to be farntfar for a while will probably write better challenge entries than I do, so good luck to them.
Anyone who wants to book an airbnb under my name is really not doing me any harm, as long as they can't use my debit card, so I definitely don't select "save my card details" on anything.

On-line banking etc get careful password creation, but not the local DIY shop.
I just keep things simple: any time I need a new password, I grab a random book, open to a random page, and use the first five words on the page. Then I just append a randomly generated number at the end (I won’t say the number of digits, save that it’s more than one), and if I have to I’ll change one of the letters to a symbol and shorten the phrase if there’s an upper limit to password length. That’s random enough for humans to have trouble guessing, long enough for computers to have trouble guessing, and easy enough for me to remember, if it’s a password I use often.
There are dozens of sites that require a username and password to sign in. Not advisable to use one and the same sign-in data for all and impossible to remember all of them in combination with the correct website. Also, imho, it is unwise to use passwords you can remember (words or phrases), because they are more prone to be hacked than passwords that are basically nonsensical. Nonsensical like pB$26Yhhf98&do_ or similar.
Password generators usually produce passwords like that in any length you wish.
All you need to remember is how you perform a Copy & Paste.

In fact though, I was shocked to see @Harpo is using my universal password... ;)
With my advanced age and retreating memory I save all my passwords with Keeper, a password generator and storage app that can be found on all my devices. Just today I forgot my computer password??!! So I found it by going to my phone and plugging in my 10+ symbol nonsense password and retrieving it. (Turns out it wasn't my memory but my typing which was bad.)

All of my "money handling" site are with double verification. Pretty safe, but nothing is completely safe if someone is motivated enough and has resources enough.

Similar threads