Andrey on Nostr: Memorable passwords often lack security, while strong passwords can be difficult to ...
Memorable passwords often lack security, while strong passwords can be difficult to recall, leading to increased chances of forgetting them and challenges in regular rotation. Storing passwords on a laptop or phone poses its own security risks. While password managers offer a solution, they still require unlocking, and memorizing or securely storing the master password remains a concern.
One simple yet effective approach could be storing primary passwords (such as those for unlocking devices and password managers) on paper.
This highlights the inherent limitations of passwords as a security measure, which is why two-factor authentication (2FA) and PassKeys have become important additions to strengthen security.
A more robust alternative is to move away from passwords entirely and rely on hardware security keys, like YubiKeys. Using three copies of a YubiKey can eliminate the need for passwords altogether. To prepare for the loss or failure of a hardware key, it's essential to securely store recovery phrases or files for your password manager and email accounts.
What’s your take on this? How do you handle your own secret management?
One simple yet effective approach could be storing primary passwords (such as those for unlocking devices and password managers) on paper.
This highlights the inherent limitations of passwords as a security measure, which is why two-factor authentication (2FA) and PassKeys have become important additions to strengthen security.
A more robust alternative is to move away from passwords entirely and rely on hardware security keys, like YubiKeys. Using three copies of a YubiKey can eliminate the need for passwords altogether. To prepare for the loss or failure of a hardware key, it's essential to securely store recovery phrases or files for your password manager and email accounts.
What’s your take on this? How do you handle your own secret management?