this post was submitted on 19 Mar 2024
76 points (94.2% liked)

Asklemmy

43719 readers
1553 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

Nowadays, most people use password managers (hopefully). However, there are still some passwords that you need to memorize, like master password (for a password manager), phone lock, wifi password, etc.

Security wise, can passphrase reach the strength of a good password without getting so long that it defeats the purpose of even using it?

you are viewing a single comment's thread
view the rest of the comments
[โ€“] sordid@procial.tchncs.de 0 points 7 months ago (1 children)

@Wistful@discuss.tchncs.de Why would the passphrase being long defeat the purpose of using it. That's half the purpose of using passphrases.
Make sure to use made up words or proper nouns and put a pin in an unexpected place. That's an easy way to change it without replacing the whole passphrase

[โ€“] Wistful@discuss.tchncs.de 1 points 7 months ago (2 children)

I was thinking it would be easy to brute force if just instead of guessing character by character you do word by word...but I guess just adding one special character randomly would make it a non issue.

[โ€“] Revan343@lemmy.ca 2 points 7 months ago

There are a lot more words than there are characters, even including special characters, so if it is actually randomly generated from a large dictionary, a passphrase is much harder to guess

[โ€“] luthis@lemmy.nz 1 points 7 months ago

Brute force is only a thing when either they have the password hash, or the login portal is susceptible to brute force (ie shite). Both cases are rare.