“Passwords are like underwear. You shouldn’t leave them out where people can see them. You should change them regularly. And you shouldn’t loan them out to strangers.”

I sell my old undies always to strangers. They give me more than they were new!

Or use an underwear manager

@petergriffin Really?! Can I sell them online?

@rutee07 Yes you can. Just don't forget to wash it and put it inside a new box :)

Password is really an old technology. It must be changed.

@aviophile Indeed!

Changing passwords has long been debunked as nonsense practice.

Also, the most important hint is missing: don't reuse passwords. Use a different one everywhere. If one platform gets hacked and has botched up password storage, you don't want attackers to be able to capture all your other accounts.

@Fast-Nop This. Password reuse is the single biggest problem with passwords: they only really protect the user when the user is not mentally lazy. Which basically doesn’t happen.

Also, changing a password is only ever beneficial if a) the password sucks (see above), or b) in the event of a breech. The company should handle resetting everyone’s passwords / disabling all accounts in this event, so there still isn’t anything you the user need to do proactively. Unless of course you’ve used the same password elsewhere like a dummy.

Really, changing passwords regularly only means that they’re more difficult for you to remember, so you’re more likely to write them down and keep them somewhere unsafe.

@Root I use 20 character random passwords via the browser, a different one for each account. That solves most of the problems for me.

Except machine logons, and if I have to change the password regularly because e.g. my company relies on that outdated pseudo security nonsense, I circumvent that by just attaching a counter to the actual password.

It's best when you don't have either.

Posting to the rant section and tagging joke and meme is like wearing bra as pants

My pants sit proudly on the washing line for all the neighbours to see.

@Fast-Nop Yeah. Right!

@electrineer I thought it is equivalent to wearing undies as face masks

@electrineer
Incorrect category? No ++!
If it isn’t quality material? --!

Well the change passwords regularly should not be used by some peole. Use a really really stong one and only change it on suspicion of compromise. As it is essentially churning through potential future passwords. Atleast for those who are woke enough to detect a compromise. For all the others changing it is still the best option.

You guys are using passwords still?

16 digit randoms for everything hasn't failed me yet.

@cyberchiranjit
@vintprox
@r20408e122449d
@JFK422

What if I told you there are projects that pull up with massive complexity 'passwords' that authenticate one towards systems?

@scor weird underwear but ok

Just type any long bullshit in password field while signing up, if you get logged out, just reset it.

@scor do u mean breached passwords? Password spraying?

@cyberchiranjit
Nope just password-less
Which in its turn uses heavy cryptography and quite some more tools to secure the 'credentials' exchange

...and should contain a special character, digit and upper and lowercase character...