this post was submitted on 06 Dec 2023
151 points (96.9% liked)

[Outdated, please look at pinned post] Casual Conversation

6590 readers
1 users here now

Share a story, ask a question, or start a conversation about (almost) anything you desire. Maybe you'll make some friends in the process.


RULES

Related discussion-focused communities

founded 1 year ago
MODERATORS
 

These are the same companies that don't support second factors, only have their app as a second factor, or only SMS second factor. Is it too much to ask for smart card or token (yubikey) support?

you are viewing a single comment's thread
view the rest of the comments
[–] droning_in_my_ears@lemmy.world 46 points 11 months ago (5 children)

I hate that stuff. Also websites that have lots of specific conditions for what a password contains. You're just increasing the likelihood of me forgetting it.

[–] Echo5@lemmy.world 15 points 11 months ago

I started using a password manager for a lot of my passwords. Works pretty well, it’ll generate criteria matching passwords for me. Also functions as a list of websites I’ve created accounts with.

[–] Bwaz@lemmy.world 13 points 11 months ago (1 children)

Forgetting it?? All you have to do is scribble it on a little slip of paper in your top drawer like 90% of people do. Very secure.

[–] BastingChemina@slrpnk.net 3 points 11 months ago (1 children)

Top drawer ! I think you it's still more secure than most of my colleagues. It's usually a post it on the monitor.

[–] bouh@lemmy.world 1 points 11 months ago

Post it on the monitor is for session password. For the 5 others, there is a txt file on the desktop!

[–] l_b_i@yiffit.net 11 points 11 months ago

And if you don't forget it, you'll use a simple one that's easy to guess or contains common substitutions, p@$$w0rd!. And then when you do forget it you'll call support who will reset it, and they get so many calls it will make taking over another account easier.

[–] DABDA@lemmy.world 8 points 11 months ago (1 children)

In case you haven't already seen it yet there's The Password Game to drive this point home

[–] l_b_i@yiffit.net 3 points 11 months ago

I don't think I've gotten past finding the correct length video. Getting that to work with everything else and keeping what's his face alive is just too much.

[–] iAmTheTot@kbin.social 3 points 11 months ago (2 children)

Use a password manager my guy

[–] droning_in_my_ears@lemmy.world 1 points 11 months ago (2 children)
[–] Darkassassin07@lemmy.ca 1 points 11 months ago* (last edited 11 months ago)

I didn't either, so I self-host mine via vaultwarden. My passwords never leave my own systems (unless being used to login ofc), except for transit between my server and client devices. That is encrypted before storage or flight then wrapped in tls for https and again for a vpn connection (also self-hosted).

[–] Blaze@discuss.tchncs.de 1 points 11 months ago

Even locally? https://keepassxc.org/ can be an option

[–] thedirtyknapkin@lemmy.world 1 points 11 months ago* (last edited 11 months ago) (1 children)
[–] Darkassassin07@lemmy.ca 1 points 11 months ago

You can use the manager on your phone to display the password you're having a hard time remembering sonyou can manually type it in, while still keeping it stored securely instead of just a plain text note on your phone.

You can also login to your password manager via web browser to copy/paste between it and login pages. Wouldn't be my choice, but it's an option. (not gonna enter my password vaults details on a work computer unless that vault only contains work logins.)