I have an acquaintance that have their own "password system" that involves having a "core" set of characters, plus a few unique characters for each site; Is that system safe?

throwawayacc0430@sh.itjust.works · 3 days ago

I have an acquaintance that have their own "password system" that involves having a "core" set of characters, plus a few unique characters for each site; Is that system safe?

null_dot@lemmy.dbzer0.com · 3 days ago

I reject the premise!

There is no safe or unsafe. It’s more like “more safe for a given person”.

Your friend’s system is better than using the same password everywhere. It’s more difficult to hack than the majority of passwords that aren’t generated by password managers. If that’s what your friend likes and works for them well, fine I guess.

It wouldn’t work for me because:

it doesn’t input the password for you. Does your friend really type passwords in all the time?
IDK if my memory is particularly bad but having to remember anything at all is hit and miss. Like I could remember those characters that are used everywhere, but for the router at my mum and dads house that I haven’t accessed in 5 years, was it “mums router” or “router mums house”
Also I manage multiple passwords for the same sites, as in credentials for my partner or whatever, but I guess I could make variant of this system.
also if I were to die the person who sorts out all my stuff will have access to my passwords
but the main reason is… I use my keepassxc db as a database for all sorts of things which aren’t necessarily passwords. ssh keys are a good example. I use it for TOTP. bank card details. membership numbers and government ids. VIN numbers for vehicles. Also, a weird one, I have to keep track of about 100 physical keys for reasons, I stamp a number on them like k32 and then store that number and an explanation of what it’s for in my db.