Longer is always better, but a fully random password will always be stronger than a “memorable” password of equal length.
You need exactly one memorable password, and that should be the one to your password manager, maybe two if you need to log into your device first. From there everything else should be long and random. Hell, with most of them you don’t ever even need to know your own passwords, the tool just handles them itself.
XKCD has it right that you need length over complexity, but it’s also from 2011. Today, we very easily can and should get both.
Passwords should be like bad experiences.
The more you remember the worse they were.
Disagree, correcthorsebatterystaple is probably more cryptographically secure than any random password you’re using now, and it’s extremely memorable
Longer is always better, but a fully random password will always be stronger than a “memorable” password of equal length.
You need exactly one memorable password, and that should be the one to your password manager, maybe two if you need to log into your device first. From there everything else should be long and random. Hell, with most of them you don’t ever even need to know your own passwords, the tool just handles them itself.
XKCD has it right that you need length over complexity, but it’s also from 2011. Today, we very easily can and should get both.
My password manager has no master password so I know literally not one of my passwords
Until you remember that dictionary attacks exist and it’s not that complex.
Using passwordmosnster that password is 76 years “to crack” as it is all lower case, English words.
Removing the e from staple increases the time to 98 centuries.
The benefits of changing that l to a capital I or 1 are immense