Paul CantrellDec 22
Re @jaredwhite’s post: https://indieweb.social/@jaredwhite/115764214310973928
Show threadAmoshiasDec 22

@inthehands @jaredwhite passwords should NOT be random. they should be secure.

Humans are the flaw in the system. random passwords aren't usable by humans and will fail more frequently than passwords with "less entropy" but are more usable.

Show threadDavid Cantrell 🏏Dec 22
@Amoshias @inthehands @jaredwhite however, you should have different credentials for every service, and no-one can remember which passphrase was used for which of 300 different services. Therefore you should use a password manager, and at that point you might as well use random passwords for everything except the password manager itself.
Show threadPaul Cantrell

@DrHyde @Amoshias @jaredwhite
This is the correct answer.

(And from somebody with the same name as my dad! Yay! Hi!!)

Using a global passphrase template with per-site variations leaves one wide open to a variety of brute-force attacks.

Dec 22 at 11:06pmWeb
Show threadDavid Cantrell 🏏Dec 22
@inthehands @Amoshias @jaredwhite I can confirm that I am not your father. I have a cousin called Paul, and that would be creepy!