Douglas Muth on 7 Jan 2017 15:57:17 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Lastpass - friend of foe

On Sat, Jan 7, 2017 at 5:03 PM, Rich Freeman <> wrote:
On Sat, Jan 7, 2017 at 3:53 PM, Paul Walker <> wrote:
> It seems intuitive to just memorize extremely difficult to crack passwords.

No argument that this is far more secure, but right now Lastpass is
tracking 426 different passwords for me, almost all of which are
strong and random and unique to a single site.

If you can keep that in your head, this is of course better.

You can always use a tiered approach, like memorize a few strong
passwords and use those for your most critical sites (banking/etc),
and then let lastpass/etc manage the bazillion web forums you
occasionally browse, which probably is more secure than just using one
password across all of them.


What Rich said.  I too have many many passwords, and LastPass does help me keep track of them all and use unique passwords per site. (also, I recommend using 2FA with LastPass)

As for password generation, I am also a fan of the "diceware" approach, which involves high-entropy passwords that consist of common words.  This makes them much much easier to remember.  To show off the approach, I built a demo:

Feel feel to check that out, download my source, etc.

-- Doug


Philadelphia Linux Users Group         --
Announcements -
General Discussion  --