Cybersecurity

6970 readers

130 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

[email protected]

Password reuse is rampant: nearly half of observed user logins are compromised (blog.cloudflare.com)

submitted 3 weeks ago by [email protected] to c/[email protected]

26 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 10 points 3 weeks ago (17 children)

While I understand that password reuse is a problem I also understand that remembering 50+ passwords, because literally everything requires you to make an account, is impossible. And some of these password managers seem shady themselves. And if said manager needs a password that means someone only needs the one password which puts us back at square one.

These days I've resorted to physically writing my passwords down because I straight up don't trust anything that connects to the internet anymore for this kind of information. Like some lame puzzle in a video game where you have to look around the room for the password. But it still feels safer than anything that's connected to the internet.

[–] [email protected] 6 points 3 weeks ago (7 children)

This feels a little too tinfoil-hat for me. The reality is that one strong password is going to be more secure than 50 weak passwords. If you use something like a passphrase with 30+ characters, cracking it with today’s methods will take longer than the heat death of the universe. Yes, it means all of your eggs are in one basket. But that’s why it’s important that basket is protected like Fort Knox.

[–] [email protected] 1 points 3 weeks ago (1 children)

This feels a little too tinfoil-hat for me.

Nah a lot of those services are ripe for abuse... The correct answer is to just use your own... keepass for "offline" on a USB stick type of thing... or host your own vaultwarden.

[–] [email protected] 2 points 3 weeks ago

Either way is much safer than using the same password for everything. Same password >> Retail password manager >> self hosted offline password manager

load more comments (5 replies)

load more comments (14 replies)