Skip to content

Latest commit

 

History

History
78 lines (49 loc) · 5.03 KB

password.md

File metadata and controls

78 lines (49 loc) · 5.03 KB

Password

The main principle: Never use the same or similar passwords

For two reasons:

  • Having your email and password from site 1, someone will definitely try to go to site 2 with them - and it's not about you personally, the market for selling hacked accounts is very large, and this is a commodity.
  • If data about your accounts along with passwords surfaced in leaks, then it will be possible to compare even completely different mail and phone numbers (good example).

But how to keep a lot of passwords in mind? And where to get them? I advise you not to treat all passwords as data that should always be in your head. Save space in your memory.

The most optimal way is to create one sufficiently long password phrase for the password store (or for the account to which your browser is linked, in which all passwords are stored).

The section will be updated

How to come up with strong passwords

The standard guidelines for using 8 characters that include special characters, letters, numbers do not work! After all, P@ssw0rd also fits these requirements, and this is not the coolest password, so let's analyze the methods for creating strong passwords.

Three random words

There is a simple but effective method for creating passwords - the method of 3 random words.

What is this method? When we register a new account, we just come up with 3 random words and put them as our password, for example: NETWORKINGHYGIENEDEVELOPMENT agree, it's much easier to remember than: asndjBDHJBSDhjSBADHJadbzhjF, and it will be quite difficult to sort this out by a simple dictionary search.

Such passwords can be strengthened using LEET, replacing some letters with numbers, that is, our password will have the following form: N3TW0RKHY6I3N3D3V3L0PM3NT Thus, our password becomes more stable, and its complexity for memorization does not increase by much, and if you were familiar with LEET, before that, it will be even easier for you.

For even greater durability, you can separate words using different special characters, for example: -, ~, =.

Russian words in English layout

Another simple but effective method is the use of random Russian words in the English layout.

We just take random words in Russian and write them in the English layout, for example, from ехалгрекачерезреку we can get the following t[fkuhtrfxthtphtre.

It looks interesting and quite stable, but you can add symbols / numbers at the end, for example: t[fkuhtrfxthtphtre123! t[fkuhtrfxthtphtre34345!

The section will be updated

Password Managers

This is something that everyone should use! We recall the main principle from the first line and the question immediately comes to mind - "Well, what do I do now, remember 100 passwords!?!?". No, you don't need to remember 100 passwords, one is required, this is the password from the password manager.

The password manager will allow you to generate strong passwords and store them in one, and most importantly - a safe place.

An overview of popular password managers can be found in this article - Overview of password managers

The personal recommendation of the compilers of the manual will be the service Bitwarden. For personal use, it will be enough with your head, the free version includes storing an unlimited number of passwords, using from an unlimited number of devices and all the basic functions of password managers. In addition to storing passwords, you can also store your bank card numbers and notes. The password generator allows you to generate a strong password and check it for leaks, which is undoubtedly one of the "Killer Feature".

LessPass

What if it's difficult for you to store passwords and sync them between different devices? Password managers come to the rescue without the need to store anything!

LessPass is not the only such program, but one of the most famous. Its concept is that the generation of one-time passwords occurs on the fly using a function, the result of which is always the same, provided the parameters are the same.

The program needs to be informed:

  • master password
  • login on the website
  • site address

After that, it will generate your password without sending any data or saving anything anywhere. At any time on any device, you can run this program — and get your password for a specific site.

image

image

Useful materials and links to sources


⬅️ Back | ⏫ Table of contents | ➡️ Next