undefined | Better HN

0 pointsnouveaux1y ago0 comments

Most of us can't remember more than one password. This means that if one site is compromised, then the attacker now has access to multiple sites. A password manager mitigates this issue.

0 comments

cardanome1y ago

People used to memorize the phone numbers of all important family members and close friends without much trouble. Anyone without a serious disability should have no trouble memorizing multiple passwords.

Sure, I do use password managers for random sites and services but I probably have at lower double digit amount of passwords memorized for the stuff that matters. Especially for stuff that I want to be able to access in an emergency when my phone/laptop gets stolen.

5423542342351y ago

People used to memorize a few phone numbers, likely less than 10, and used notebooks made specifically for writing down phone numbers to keep track of the rest.

Phone numbers of the people you called the most (the 10 you memorized) were overwhelmingly likely to be local numbers, so you were only memorizing (3 number chunk) + (4 number chunk). Password rules are all over the place. Memorizing numbers, letters, whole words, the capitalization of those letters and words, and special characters, that are far longer than ye olde timey phone numbers, is orders of magnitude more difficult.

I have over 100 passwords in my password manager. They are all unique, so if any one is compromised, it is contained. My password manager is protected by strong 2FA, so someone would have to physically interact with my property to gain access. In the real world, there is no scenario where memorizing all your passwords is more secure.

watwut1y ago

They did not. They had papers with all those numbers written down next to landline phones. They also had little notebooks they carried everywhere with them with those numbers written down. You could buy those little notebooks in any store and they fitted into a pocket.

Moreover, those numbers did not changed for years and years. Unlike passwords that change, like, every 3 months.

userbinator1y ago

Vary the password per site based on your own algorithm.

jay_kyburz1y ago

AKA, put the name of the site in the password :)

Sohcahtoa821y ago

"MyPasswordIsSecureDespiteNotBeingComplexBecauseItIsLong_BobsForum" is great until Bob's Forum gets hacked and it turns out that they were storing your password in plain text and your password of "MyPasswordIsSecureDespiteNotBeingComplexBecauseItIsLong_Google" becomes easily guessed.

1 more reply

userbinator1y ago

Not necessarily, but just a pattern that only you would likely remember.

2 more replies

tshaddox1y ago

That algorithm becomes analogous to the password to your password manager.

soupbowl1y ago

Most people can surely remember beyond one password.

defrost1y ago

Not to mention they're like underpants, you can use the same one forwards, backwards, inside out, and inside out backwards.

bende5111y ago

They can remember O(1) passwords, but they need O(n) passwords

chipsrafferty1y ago

Surely not more than 1 or 2

j / k navigate · click thread line to collapse

0 comments

cardanome1y ago

5423542342351y ago

People used to memorize a few phone numbers, likely less than 10, and used notebooks made specifically for writing down phone numbers to keep track of the rest.

watwut1y ago

Moreover, those numbers did not changed for years and years. Unlike passwords that change, like, every 3 months.

userbinator1y ago

Vary the password per site based on your own algorithm.

jay_kyburz1y ago

AKA, put the name of the site in the password :)

Sohcahtoa821y ago

1 more reply

userbinator1y ago

Not necessarily, but just a pattern that only you would likely remember.

2 more replies

tshaddox1y ago