How do you go about making your password(s) fully secure? I know some websites offer suggestions like adding 1 number but what do you do?
Bare minimum or extra mile?
>>56136638
>domainmonthofmybirthcreatorofdomain"+"anameofabook
Use a password manager.
use a password manager, or
use a word dictionary with N entries, generate K random numbers in the range of N such that log2(N^K) > 40 or ideally more, and then memorize the resulting funny phrase
Two factor token authentication.
You pop out your android phone and generate a token that's required to login.
Password manager ofc
>>56136638
Password manager is the only way you're going to remember enough secure passwords for all the accounts you probably have.
Preferably on an airgapped box or on a secureish Linux box you use solely for this purpose
passwords aren't secure period so it doesn't matter.
>>56137261
Depends on what protocol they are used for.
If were talking about website logins then your at the mercy of whomever runs the server, But something like SSH keys or maybe a personal server at home it would be impossible to brute a 10+ character alpha numeric + special char password in a practical length of time.
>>56137261
This
But for most normie stuff, you're protecting against either a) social engineering, b) guessing, or c) brute force. Not being a retard can only carry you so far.
A good trick I learned is using an easy to remember phrase, and sprinkling in numbers and/or symbols.
"Fuck 0ff, you n1gg3r!!1"
Easy to remember, easy to type.
>>56137343
Why would you do this? Replacing letters with numbers makes it harder to type, and brute force tools will also attempt these replacements. Why not just lose the numbers and keep the length?
>>56137423
I didn't think tools would use replacements.
I mean, unless you're trying to protect against the NSA, you're right.
>>56137343
Profanities are extremely common in passwords, numbers as letters as well. Every password cracker worth his salt would break this password.
And remember, you are most likely not protecting yourself from someone targeting just you. The most realistic scenario is that hacker gets access to some password hashes database and tries to brute force as many passwords as he can. Therefero it's not unreasonable to think that he will run his cracking program for days, if not weeks, and will try all these kinds of combinations.
This password is not horrible, but not exactly secure either.