For me it’s the paranoia surrounding webcams. People outright refuse to own one and I understand, until they go on and on about how they’re being spied. Here’s the secret - unplug the damn thing when you think you won’t use it or haven’t used it in a while.
They, whoever it is, can’t really spy on you on something that’s already off and unplugged!
Password managers. People will use anything but that: paper, notes app (without any security), using the same password everywhere…
I keep trying to convince my parents. Then they say but what if I forget the master password? I say they won’t with a passphrase but they don’t believe me.
Also I don’t have experience with PW managers other than 1Password, Bitwarden and Roboform. I personally didn’t like Bitwarden. I think it’s UI is janky and oldschool. Roboform is so bad I don’t even know where to start complaining. So I keep using 1Password even though the UI has been getting worse but it still works for me because of the good integration into the Apple ecosystem. But it’s rather expensive for managing the 20 something passwords my parents have. I read about breaches on other PWMs sometimes so I don’t really know what to trust and recommend.
Came to say this exact thing.
FFS I have 100’s of passwords saved in my keepass DB, they are all different.
Passwords will only autofill on the correct site, so look alike sites are captured by that simple bit of security.
Eh, I don’t trust any 3rd party enough to give them all my passwords and I don’t trust myself enough to secure a server for self hosting a password manager.
I know all my passwords, can’t forget em, no paper or notes, no repeat passwords.
Keepass. Password database is a local file.
Yes, and personally I use syncthing to sync newest file to all devices when they connect to my home network.
If you know all your passwords and can’t forget them, I’m assuming your using some sort of pattern to remember them in which case you have a major issue in case of data breaches as your other passwords can be guessed.
Just as a heads up, sometimes the pattern is not that easy for computer to brute force. As an example, my old password contains a birth date but with an alternating shift making them a combination of digit and symbol.
The issue is if you are a) targeted, and b)involved in multiple breaches. If they can get the pattern, they potentially get everything.
Is it worth it? That depends. Are you willing to risk it NOT being worth it to a random guy in Africa earning a few $ a day?
Yeah, a fair point
Fucking THANK YOU.
A very good friend of mine doesn’t use any password manager. I’ve often in the past told them why don’t they? They argue that then all their passwords would be gone if they forget that one master password. Okay, I say, how the fuck is having to remember 1 password harder than having to remember 20 passwords?