Since we're into computer talk, let's talk passwords. I've been hearing for almost 10 years that the "era of passwords" is almost over and soon we'll not have to use passwords at all. And despite all this prognostication- I still have to maintain hundreds of passwords.
I was that guy that used the same complicated password for my accounts. I had a one password for all my trash accounts I didn't care if they got hacked; one for things I kind of cared about; one for work stuff; and one for really important stuff like taxes, banking, etc. But the problem with this system is that you get a notice every two or three months that one of your websites got hacked and your password is now readily available for sale. So then you have to change all those. Then three months later you have to do it again.
That's when I decided to invest in a password manager. I use Dashlane, and I think it costs me $60 a year. I now have a different password for every site I use (some generated by me and some randomly by Dashlane) and, when something gets hacked, I just have to go to that site to change it. It has a browser extension and an app on my phone (which iOS recently integrated so it plays nice with apple) so when I get to a site, it automatically enters my login and password. On my phone it requires FaceID to do it, which is easy to use. My Dashlane password is a complex one that I have memorized and is now the only password I need to know.
It's not a perfect system, but it's the best I've seen while we wait for the era of passwords to truly pass by. What is everyone else doing?
Passwords
Re: Passwords
I have two very complicated base passwords that I customize for every use based on the company and/or function associated with that use. Sometimes I go to sign up for a site, and it says my email is already signed up. If so, I can guess the password in two or three tries, based on how long ago I think I signed up for it. If not, I just use the password reset function.
All of my passwords are unique, but if some hacker gathered four or five of them, they could probably work out the pattern of them.
All of my passwords are unique, but if some hacker gathered four or five of them, they could probably work out the pattern of them.
Any time the solution is "banjo rifle", I'm in 100%.
Re: Passwords
I use LastPass as a password manager, similar to Kyle's. So for websites, each site has a unique, complex, machine-generated password.
I also have to create logins for accessing my clients' networks, and each one has a different policy for how often passwords need to be changed, complexity, etc. (i.e., cannot have X number of repeated characters between the old and new passwords, need to be X characters long, letters/numbers/symbols, etc.). And that's like logging into your computer (assuming your computer doesn't use biometric login) where a password manager can't integrate and automatically enter the password for you. For those situations, I have a pattern I follow that will give me a password that is unique for each client but is easy enough for me to remember when I have to type it in dozens of times throughout the day when I log into remote desktops, VNPs, etc. And yes, someone who got a hold of some of the passwords could crack the pattern. But since all of the clients use 2-factor authentication that sends a push notification to my iPhone that needs to be approved before a login will work, I'm not as concerned about that happening for those passwords.
I also have to create logins for accessing my clients' networks, and each one has a different policy for how often passwords need to be changed, complexity, etc. (i.e., cannot have X number of repeated characters between the old and new passwords, need to be X characters long, letters/numbers/symbols, etc.). And that's like logging into your computer (assuming your computer doesn't use biometric login) where a password manager can't integrate and automatically enter the password for you. For those situations, I have a pattern I follow that will give me a password that is unique for each client but is easy enough for me to remember when I have to type it in dozens of times throughout the day when I log into remote desktops, VNPs, etc. And yes, someone who got a hold of some of the passwords could crack the pattern. But since all of the clients use 2-factor authentication that sends a push notification to my iPhone that needs to be approved before a login will work, I'm not as concerned about that happening for those passwords.