Disclaimer: I use a password manager, so please don’t direct your comments at me.

So I know this person that says they don’t use a password manager because they have a better system like… I’m gonna give an example:

Lets say, a person loves Star Wars, and their favorite character is Yoda. The favorite Their favorite phrase is from The Good Place “This is the Bad Place!”. And their favorite date is 1969 July 20th (first landing on moon).

So here:

Star Wars Yoda = SWYd

“This is the Bad Place!” = ThIThBaPl!

1969 July 20 —> 69 07 20

So they have this “core” password = SWydThIThBaPl!690720

Then for each website, they add the website’s first and last 2 characters of the name to the front of the password…

So, “Lemmy Forum” = leum

Add this to the beginning of the “core” password it becomes:

leumSWydThIThBaPl!690720

For Protomail Email it’s: prilSWydThIThBaPl!690720

For Amazon Shopping it’s: amngSWydThIThBaPl!690720

Get the idea?

The person says that, since the beginning of the password is unique, its “unhackable”, and that the attacker would need like 3 samples of the password to figure out their system.

Is this person’s “password system” actually secure?

  • cRazi_man@lemm.ee
    28·
    4 days ago

    That’s not the point they’re making at all.

    The point is when a website password breeds needs to be changed, then it won’t conform to the system anymore. Now you need to make a new system, or remember this particular exception.

    I had a system with a number in it. Any time a password change was needed then I would add 1 to the number. I might have to try two or the times to get the password right if I’ve changed it for the third time.

    • JeeBaiChow@lemmy.world
      4·
      4 days ago

      Yes exactly. Now the account locks you out after n tries, so yould also encounter problems down the road.