this post was submitted on 17 Jul 2023
111 points (96.6% liked)
Technology
59657 readers
2710 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The hard on's y'all get for password managers, and the Firefox circlejerks is baffling. Leads me to believe these "federated" instances have a double entendre everyone glosses over because of their shiny new toys.
I use random passwords for every account and using a password manager is the best way I've found to manage that. Is there another method that you prefer?
I get it, and they definitely make things easier on people. But how many times have we seen instances of people abusing their custodial privileges? My gripe is with the push I've seen to get people using these tools, more than the existence of them in general. Mnemonic techniques to remember your passwords will always be superior from a security perspective. It's the same as crypto, "not your keys, not your coins."
Mnemonic techniques are okay, but won't you have to come up with a different one for every service you use? I mean if there's a pattern, then a breach in any one of them could compromise all your passwords.
I myself use mnemonic password for my master password. And I've started to make my passwords longer randomly generated ones. I use a file based password manager as well. I think that's a good mix of security and convenience.
Correctamundo friend
That's a good point, thanks for explaining. Something I try to remember is that you not only have to trust the company who's managing your data, but you also have to trust them to protect it from bad actors.
I'm trusting Bitwarden for now, but eventually I'd like to move to a self-hosted option like Vaultwarden. I think that's the best way to go if you're confident in administering it.