Whatever your password is plus the day it is, or the month, or both, you can also include the year.
And this is one of a few reasons that frequent password changes aren’t very helpful in increasing security over the difficulty it adds to the end users.
Yup, I have been preaching that in all the companies I worked for but then again you can’t also trust people to have a strong password anyway.
Use bitwarden or keepassxc or write them down
…or delete the accounts
Seconding the recommendation for Bitwarden.
Starting using a password manager is one of the single most powerful improvements to my life in a long time.
You know the phenomenon where you try to log into a website you rarely use, but your regular password doesn’t work, meaning you have to reset it — only to discover that your regular password didn’t work because the website has weirdly specific and persnickety password requirements (bonus points if you modify your usual password to fit their requirements and then the system says you can’t reuse an older password)? Well I haven’t had to deal with that problem in years.
Being able to avoid that kind of thing saves a surprising amount of executive function energy in the long term. If I stongly encourage you try one out
Wait you guys actually still aren’t using password managers? I thought it was a joke…
Yah, im not giving my passwords to some third party app. Fuck that.
It’s many times more secure than any system you’ve developed
0th tier rage bait
desperately hoping this is a prime tier shitpost
The fact that modern life basically requires a third party app to prevent instant identity theft and fraud is a real problem.
It all comes down to the fact that every fucking service in the world is just there to scrape data. I don’t need to logon and provide my every detail to check the local weather, I shouldn’t have to give my social security number to play video games…
In a way, password managers are kinda the solution that prevent you from needing to involve a third party in your auth. You can even use completely open source software, and manage all the data yourself. That gives you way more control than say, oauth. Although sure, passkeys are better in many ways.
Even if we lived in a world where surveillance capitalism and personal data harvesting wasn’t a thing, you still need to identify yourself.
I agree, and I do use an open source one, but I disagree that we need to identify ourselves for everything. You can’t even look at a resturaunt menu anymore without signing up for an account. Everything is gate kept behind an account, and those accounts are all so interconnected that when one is compromised, it might for multiple and often you will never know (and I’m not talking about password reuse).
Password managers are a good solution to the problem, I’m not mad at them, I’m mad at the problem that necessitates them.
One way to deal with this I’ve been doing for a little while is to use a service that enables me to use email aliases. It’s mostly meant to avoid email address leaks, but will also make it harder for online services and companies to track you, since it’s a big point of tracking. You can also use it to figure out who sold your email address. Not a perfect solution, but it’s something. I’ve been using Proton. Whether or not you trust them is up to you, but they do offer this ability (I just can’t remember if it’s free or paid).
Oh, agreed, I do this as well. Again though, so much bullshit, why should we need dozens or hundreds of email addresses?
I feel like everyone is so used to needing accounts for everything, it’s just accepted as a given. When you go to the store to purchase a newspaper, should we have to bring our passport?
I agree that there’s too many websites that want you to make an account, and often data harvesting is the motive. What I’m saying is, even if that’s not the case, I would still need a password manager to log into various services that require auth as a core part of the service (email, banking, social media, services with my payment information, insurance, version control, anything work-related, any paid service)
Sure, but I still think there should be a way to do this without the need. Password managers are fine, again, not upset with them but still, it should be easy enough to not need one, at least for a normal person.
A lot of this is due to dealing with my elderly parents. They have so much of their lives reliant on services, but they are no longer capable of even figuring out a password manger. Even for important shit, there should be a better way to do this than having to keep track of hundreds of pieces of information. Passwords shouldn’t even be a thing we ever need to use unless we need to break glass. There are methods out there that work, but it’s so disjointed but also interconnected.
Honestly, no idea how it could be solved other than through legislation maybe. Fat fucking chance with the way the world currently works.
I only have like 2-4 password I can remember, and one of them is a 60+ char string that protects* all of my random passwords
