undefined | Better HN

0 pointsBoorishBears8y ago0 comments

>Is having a bunch of passwords that you don't actually know all in one place more secure than having a smaller bunch of passwords that you do actually know that, still, can at most be leaked one at a time?

It’s been repeatedly demonstrated that yes, it is.

0 comments

david-cako8y ago

>It's been repeatedly demonstrated

Meaning you have consulted a sea of research that has compared the risk posed by password managers to keeping a mental catalogue of long, not-random-but-pretty-good character strings, using 2fa, and exercising proper security habits?

I don't think you could ever come to an objective conclusion, since the 99%-user doesn't have a near-autistic obsession with security like most of us.

BoorishBearsOP8y ago

I don’t have an obsession with security, it’s just so easy and cheap that I don’t get why you wouldn’t do it (the people with an obsession with security probably don’t even trust 1Password to sync that encrypted file anyways)

My mom, who is as far removed from tech as you can get, understands why not sharing passwords might be a good idea when one can get hacked and set of a domino effect.

And your comparison is a straw man, the real comparison is trying to remember 50 random passwords to using a password manager because there is a sea of research showing that good passwords should be truly high entropy and random.

Using a password manager doesn’t stop you from using 2fa like your comparison is worded to imply.

j / k navigate · click thread line to collapse