Horse: "That's a battery staple." Man: "Correct!"

these are called pass *phrases* and yes, they tend to be way more secure at least until quantum computers render all traditional cryptography meaningless.

> I'm leery of putting all my most high-value stuff in one place behind one password. Most password managers can be set up to also require a keyfile and/or physical passkey to unlock their databases. A keyfile means someone couldn't get into your password database even if it got leaked and they knew the password (assuming you stored your keyfile separate from the database - the file and its location should be treated like a password itself), while a physical passkey makes it virtually impossible to breach the database unless someone steals the USB device.

Over the years, nobody has ever guessed my passwords, but four sites I was subscribed to were compromised and my email+password got leaked anyway. The strongest chain and the weakest link...

I guess what I mean is, it's a single point of failure. Usually an extremely strong one, granted.

Well good news then, because even throwing every quantum computer currently on the planet is not enough to factor 2048-bit RSA, and likely won't be in any currently alive human's lifetime.

Maybe with *current* quantum computers, but human technology tends to increase at an exponential rate so I doubt it will be long. Scientists are already trying to design post-quantum encryption for this very reason. https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards

And your memory is not a single point of failure?

> until quantum computers render all traditional cryptography meaningless. I'll cross that bridge when it actually happens.

I look around the room or think about what I'm doing. My username was made that way.

You’ve got an estimated 5-10 years before quantum computers can crack all current encryption by using Shor’s algorithm. > One of the most important quantum computing algorithms, known as Shor's algorithm, would allow a large-scale quantum computer to quickly break essentially all of the encryption systems that are currently used to secure internet traffic against interception. Today's quantum computers are nowhere near large enough to execute Shor's algorithm in a practical setting, and the expert consensus is that these cryptanalytically relevant quantum computers (CRQCs) will not be developed until at least the 2030s.

Not recommended. People can and do crib the kinds of things you're likely to have around you. It can narrow the field of guesses more than you'd think.

Well, no, not really. If I forget a password I've only lost access to the one site, and it's recoverable. Just an incremental failure. Not going to lose everything unless I literally die in which case I don't care about anything anymore. And no one is going to breach my brain short of tying me to a chair, and that's not really my threat model.

Gotcha, the boomer method.

I use horse-battery-staple passwords for core stuff (unlocking my computer, bank stuff). I use the password manager-generated passwords for everything that's in a browser.

we want you to have a secure password so we're only letting you use letters, numbers, and !@#$. nothing else. also, you have to use at least one of each, and it can only be 8 to 12 characters long. remember, we're doing this for your security!

30 characters? you don't need that, we only let you use up to 10. also yes you have to have at least one lowercase letter, uppercase letter, number and a symbol (which can only be !, @, #, or $). we're doing this for your security, of course

@sirblastalot@ttrpg.network It seems that my (current) main account was banned as part of that cleaning. Can you or another moderator let me know what's the process of appealing this ban ? Or shall I take-it as an opportunity to move my main account to piefed ?

DMing you