this post was submitted on 23 Aug 2023
558 points (99.1% liked)

Technology

60130 readers
2699 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

The scraped data of 2.6 million DuoLingo users was leaked on a hacking forum, allowing threat actors to conduct targeted phishing attacks using the exposed information.

you are viewing a single comment's thread
view the rest of the comments
[–] SmoothLiquidation@lemmy.world 5 points 1 year ago (1 children)

The only thing that affects how long it takes to brute force a password is length and entropy (the different types of characters used). Passphrase is designed to make it easier for a human to remember, so if you are using a PM to remember it anyway, a 64 character random password is going to be better than a 64 character passphrase.

I usually use the password generator in the 32 character range with all of the symbols, numbers, and characters included, since it seems like a lot of places don't like longer passwords.

[–] fraydabson@sopuli.xyz 3 points 1 year ago (3 children)

wow thanks, I always remembering hearing people talk about passphrases being better, and saw bitwarden add a feature to generate them, I just went with it.

But given I have no interest in remembering these pass phrases, it would make sense to use generated passwords vs passphrases as you said. Good thing my effort to transition to pass phrases was recent and wasn't done too much yet.

[–] SmoothLiquidation@lemmy.world 4 points 1 year ago

Hah, honestly either one is better than just having the same password on every site. You are all good.

[–] Borkingheck@lemmy.world 3 points 1 year ago

The rise of a pass phrase is more to do with mitigating the human risk in security which is people using memorable passwords. So a passphrase is typically easier to remember. That's the theory anyway.

[–] SmoothLiquidation@lemmy.world 2 points 1 year ago

Hah, honestly either one is better than just having the same password on every site. You are all good.