Quick update regarding passwords:
"12345" is commonly considered unsafe since 2012.
According to experts "1234567" will still be safe until 2023, at which point you should probably change all your passwords to "12345678".
*safe to brute force attacks that don't utilize dictionaries
@fribbledom In the year 3020, that safe password will be |11110000>.
I use FEDCBA9876543210
@fribbledom Alternative Unicode Points / Emoji versions of the numbers might be safer? 🙂
@fribbledom You ported cracklib to golang so I guess you're an expert! Thanks!
@fribbledom I’m ahead of the curve by using one2345
@fribbledom i have heard the best way for people is 4 or more randomly chosen words, for a computer use a password program.
Just in case you were taking this seriously (sorry, can't quite tell):
I have heard that advice of using 4 "random" words (from people claiming some authority on the topic), and it is not really good advice.
1: it's 2^44 bits of entropy, not very safe these days
2: humans can't make random things up, so it's actually less
3: using the same system as many others is bad
4: password managers, people!
This one is a decent explainer of how password cracking _actually_ works and what makes a good/bad password:
I do two things:
1: https://keepass.info/ to generate passwords too complicated to remember (Win/Linux/Android/..iOS?), and store all my PWs.
2: https://sourceforge.net/projects/pwgen-win/ (sorry windows only...) for memorable passwords (e.g. for keepass) -- mix and match schemes, aim for >80 bits of entropy, then make a truly random sample.
@fribbledom I have a problem with my keyboard so whenever I try to input my password I could only type asterisk so then I changed my password to six or seven asterisks. Problem is I can't always remember whether it was six or seven asterisks but luckily it only freezes me out if I get it wrong three times so so far so good.
@fribbledom my fuckin homestuck brain was trying to read these like "lzeas? lzeasbt? lzeasbtb?"
@fribbledom I use the next gen authentication system on my computer.
It requires a solution in an exact ratio of 8 different bodily fluids to gain access.
@fribbledom personally I'd use
00110001 00110010 00110100 00110100 00110101 00110110 00110111 00111000 00111001
ᵉⁱᵗʰᵉʳ ᵒʳ ᵗʰᵉ ʳᵘˡᵉ ˢᵗⁱˡˡ ᵃᵖᵖˡⁱᵉˢ 😂😂
@fribbledom I mean that extra few bits of entropy does help against bots. I suppose it's not quite that direct a relationship if humans are sitting down trying it, but hey, that seems improbable right? .... Right? .... (Asking for a friend.)
Being the most commonly used password (pretty much worldwide), I'd still program my bot to try "123456" through "123456...0" as the first couple of guesses. Then proceed with dictionary attacks.
@fribbledom That's why I use 54321. Thinking outside the box as usual.
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!