• Fangslash@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    arrow-down
    4
    ·
    edit-2
    1 year ago

    I don’t use them. I see this as a putting all eggs in one basket strategy, if my master password was lost, hacked, hosting company shutdown, or for whatever reason refuse to do business with me, my entire life would be screwed.

    Instead I use long passwords made of words, and for each site it will be a few letters off. They’re easy for humans to remember because how similar they are, but due how hash works they are equivalent to unique passwords to hackers.

    • DreamlandLividity@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      1 year ago

      No they are not.

      Also, KeePassXC is an open-source project that saves your password database (encrypted) in a local file. So no company can stop doing business with you. I then use syncthing to sync the database to all devices without using cloud. An excellent solution for sligthly paranoid people :D

    • democracy1984@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Hashing only works if the website stores their passwords correctly. If a single website you use doesn’t hash passwords correctly, and gets their database leaked, then your passwords will all be leaked. Changing a few characters per site may help a bit, but it shouldn’t be relied on.

      Also, if you’re worried about the host shutting down, you should try bitwarden. It’s completely open source, and you can self host it if you want.

      • Fangslash@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Changing even a single letter will completely scramble your password with hash, so for all intents and purpose it is equivalent to a unique password

        Though I do admit it can get a bit tedious, I’ll definitly look into self-hosting, thanks for the recommendation