this post was submitted on 27 Oct 2023
1302 points (98.0% liked)

Memes

45719 readers
855 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] moonmeow@lemmy.ml 18 points 1 year ago (2 children)

Yes that's definitely a concern to keep in mind.

The problem is that if someone doesn't use a password manager they're morenlikely to reuse weak ones.

Using a password manager is a better path, as long as there is awareness on how to keep it secured.

[–] Browning@lemmings.world 5 points 1 year ago (3 children)

I use the same password for every site, but I put the name of the site at the end of the password.
For example:
NotmypassB3ta.
NotmypassGoogle.
NotnypassLemmy. Etc.
I figure it might stop the most lazy of attacks.

[–] lud@lemm.ee 8 points 1 year ago

It will stop a lot of attacks but if someone figures it out, you're screwed. So I don't recommend it.

But years ago I used the same password everywhere except with a few differences due to different requirements (like special characters) and the weakest passwords I used got leaked on pastebin (or similar). And sure enough many accounts got compromised, not a huge deal and I didn't lose anything I cared about.

The interesting part is that no-one seemed to try the leaked password + 1234 or a capital letter in the beginning.

[–] Droechai@lemm.ee 1 points 1 year ago (1 children)

I had something similar but ran into issues with sites requiring specific symbols, disallowing certain symbols and limiting lengths or similar

[–] wewbull@iusearchlinux.fyi 3 points 1 year ago

That annoys me so much. Especially when the randomly generated line noise password I'm using doesn't happen to include one of the three punctuation characters they need to be "secure".

[–] moonmeow@lemmy.ml 1 points 1 year ago

That sounds not ya I'm sure it stops a , as long as the actual password is also strong. IMO there's still some vulnerability. If someone finds out your password and notices thepattern 'pass+Site', then they mighttryyon another site.

Also why it's a good idea to have a few emails yo use across multiple sites.

[–] Lunachocken@iusearchlinux.fyi 1 points 1 year ago

I can't wait till passkeys are predominant