What's The Big Deal?
Passwords are important if you didn't know already. Everyone has at least a single password unless you've never used a web service in your life. Now I really don't care if you decide to use "
p@ssw0rd" or something like that as a password. But if you didn't know already, passwords get cracked easily and very quickly using something called a computer. And these bad boys can crack an 8 character password within minutes.
Okay so? I'm not gonna switch my passwords because I'm too lazy
Then why are you reading this?
That sounds bad... Tell me more?
Don't worry, there's plenty of ways to fix your simple passwords. Now here I'll give you some tips down below on what you should and not do. Because there's lots of different types of authentication. So I'll be going over stuff like Password Managers, Biometric Passwords and just plain how to make a good password.
What you should avoid doing
Now okay, I know that something like
likliklik is easy to remember and to type because they are close together on the keyboard. But don't use these as they are probably in some Russian hacking database already just because the sheer amount of people using it for the sake of convinience.
Basic passwords with a word then some numbers at the end are obviously not safe. They are too short and simplistic. It doesn't matter if your password is a random bunch of characters or not. What matters is the length and different random characters.
What you should be doing
Coming up with a password isn't easy. You need a password something like:
Enw4QJk^E@sH6BB!zFRY or something along those lines. Have a password over at least 16 characters long.
You can easily generate a password by typing "Password Strong [number]" into DuckDuckGo. And there are plenty of Password makers out there.
I can't remember that. What am I supposed to do?
You need a password manager to keep track of all the passwords you have. The good thing about password managers are that you can keep track of the amount of passwords you have and the amount of accounts you got.
Passwords Managers you should Avoid
Browser Password Managers
So did your web browser just save your password for you? If Google saved your password, that means they know your account password.
Now I don't really know for sure if Google knows your Passwords and they don't say. But what's sketchy is that instead of keeping your passwords locally, they will upload your passwords onto their servers. So that's a red-flag to start with.
FYI, this goes for any browser saving your passwords. That includes any Chrome-based or Firefox-based browsers. I don't care, anything with Sync means you are uploading your personal passwords somewhere.
Password Manager Services
Now you might think okay, since the Browser option sends my password to Google or Mozilla. I should instead go for a Password Manager application. Half right, but first of all. I'll show you the stuff you should avoid.
Dashlane says that your master password isn't sent through the internet while saying your master password isn't saved on your device. Now that's fishy because if it's not saved in your device then where the hell is it stored? Their servers?. Also Dashlane is closed-source meaning no one can see their code meaning you really don't know what the fuck they're doin. I think your passwords are stored locally or else the service wouldn't work online. But it's constantly synced with their servers.
What you need to know before using any password service
Any password manager that is not open source, not encrypted, demands an internet connection and isn't saved locally means it's probably being sent to their datacenters and you'd have a security risk when they suffer a data breach. So don't trust these services.
Although hard to crack. I wouldn't send my fingerprints, FaceID, iris details to a company.
The ways to save your passwords.
So what can I do now, nothing's safe?
No? You have two options. There's a safe option and the safest option.
The safe option
There's a password manager called KeePass, and there are plenty of different versions. The most important thing is that it doesn't need an internet connection, it's encrypted and works in Android, Windows, MacOS and Linux. (Sorry iPhone fanboys)
It's hundred percent safe because it doesn't sync with anything and it does what it's supposed to do. Save your login creditentials.
It even gives you space to add a description where you can put anything from a recovery key to some login questions.
All of your passwords are saved in a .kdbx file format which is unique to KeePass itself. The only flaw I see is that if you forget your master password, theres no option to change it. But then again, the function of changing passowords is a security flaw in itself. So make sure to keep your master password simple and something you can really remember. Unless a hacker has physical access to that file, they can't get your passwords.
The safest option
Pen and paper. Not much said.
The only people that can hack you that way is by having physical access to that piece of paper. I like using it because it's the best option? It's even cross platform.
Use KeePass with a simple master password and keep your twenty characters of random gibberish in KeePass. Or write down those complicated passwords in a piece of Paper.
External LinksDuckDuckGo's Password Maker
Check if your Email's on a Hacker Database
Check if your Password's on a Database