Issue 3: Some thoughts on passwords

21/09/2022 /

Original link: https://zburu.com/archives/167.html

Talk on the seventh day, talk about my heart, and publish it every Wednesday.

Issue 3: Some thoughts on passwords

In the process of taking the subway today, I suddenly wanted a question, what a safe, stable and easy-to-remember password would look like. Do you want to include upper and lower case letters, numbers, and special symbols?

How to set and store?

I think this is necessary, but if the password is too complicated, it is not easy to remember. If you want to remember, you must have your own rules, but once there are rules, others will have more ideas when cracking, and the security will be relatively reduced.

No matter how you think about them, the two are in conflict, and it’s hard to unify them.

Then I discussed with my friends about passwords. They also have their own unique methods, which gave me a lot of ideas for expansion, such as memorizing a formula, the number of pi, pinyin + numbers, etc., so that I can not only memorize, but also have enough confusion. If you don’t know its position subscript, you can’t find the corresponding password characters, and the security is much higher than a common set of passwords.

Some friends also said that they are using password management software, such as 1password, bitwarden, KeePass, etc., which can automatically generate various high-complexity password strings through algorithms. But in speaking, they expressed concerns about password management software. If the software is cracked or extorted, the master password is lost, etc., then all passwords will no longer exist, although this possibility is rare, but this happened in the previous incident.

Moreover, large software vendors hold more users. Once they encounter problems, the impact will be even greater. Users can only hope that the vendor has sufficient offensive and defensive capabilities. All passwords are backed up on the cloud, which is a fatal flaw in itself. If the cloud data is breached, the consequences will be disastrous.

expand on

Personal habits make it difficult for me to trust all kinds of clouds 100%. It may be paranoia. I always feel bad. It is extremely uncomfortable for me to save all data on the cloud. So I usually back up three places. I must keep one copy locally on the hard disk, one copy on the server, and then back up some less important data in the oss bucket. The cost is not high, but it is relatively easy for me to maintain these data continuously, and I also enjoy it.

This article is reproduced from: https://zburu.com/archives/167.html
This site is for inclusion only, and the copyright belongs to the original author.