from Hacker News

World Password Day. Join the Fight Against Cybercrime, One Password at a Time

by dez_blanchfield on 5/2/24, 3:15 PM with 7 comments

  • by interbased on 5/2/24, 3:53 PM

    Ever since I was phished, I’ve updated my password practices to have every single account I have to use a unique password. That way, if any of them are involved in a data leak, the rest of my accounts are still secure.

  • by CM30 on 5/2/24, 4:54 PM

    I think one factor that's often overlooked with this advice is that many devices are designed in such a way that entering a secure password is a tedious and error prone process, and hence we should rethink whether passwords are the best way to secure said devices.

    For example, while your computer or phone may have a password manager, I'm pretty sure your car, TV, games console, etc doesn't, and so having to enter a lengthy and difficult to crack password one letter at a time via a stupidly clunky interface is a usability and security nightmare in of itself.

    And even with a phone, entering a lengthy or complex password via a touch screen keyboard is quite the ordeal. So I wouldn't be surprised if many people don't bother with good passwords simply because it's easier to enter a single word with a few numbers tacked on the end via a touch screen or remote control.

  • by kevincox on 5/2/24, 4:10 PM

    I think we need to simplify for broad audiences (I realized this post is aimed at technical people). The beginning and end of the list should be "use a password manager". Other things are also great, but this first step is huge and I wouldn't even try mentioning the later steps to most people.

  • by robcohen on 5/2/24, 4:25 PM

    The article asks users to make sure passwords include upper and lowercase and special chars.

    This is just wrong. Diceware passwords are better for passwords that need to be memorized.