On February 4, 2017, Eric Oyen wrote: > btw, I use a fairly simple password scheme thats easy for me to > remember and nearly impossible for anyone to guess it. it's how I > managed to keep over 200 passwords in my head. I used to use the site's name inserted into my password prefix/suffix, so if my prefix was "maul4wafted" and my suffix was "^mage18", my Amazon password would have been "maul4waftedAmazon^mage18". Which is a pretty good password if the site is responsible with using strong salted hashes to store them. However, I've seen enough breaches where best practices were *not* followed, so if a password such as that were leaked, it wouldn't be hard to deduce that my Twitter password might be "maul4waftedTwitter^mage18" The other problem with that is certain sites got bought-out and changed names, so then I'd have to remember that, even though I'm logging into First United bank currently, I have remember that it used to be Farmers & Merchants bank and that's what I used to create the password. So after seeing a couple such breaches and fighting to remember name-changes, I stopped using that method and switched to outsourcing my passwords to a manager where I only needed to remember one master password. > still, the older I get, the harder this will get. so, an additional > outboard tool or two won't hurt me in the least. And with my 40th coming up all too soon, I'm more than willing to let the computer do most of the remembering for me. (grins) -tim _______________________________________________ Blinux-list mailing list Blinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/blinux-list