643
Has to be 16 characters, #s, Cap and lower case.
(lemmynsfw.com)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 18 Jul 2025
643 points (100.0% liked)
memes
16433 readers
2923 users here now
Community rules
1. Be civil
No trolling, bigotry or other insulting / annoying behaviour
2. No politics
This is non-politics community. For political memes please go to [email protected]
3. No recent reposts
Check for reposts when posting a meme, you can only repost after 1 month
4. No bots
No bots without the express approval of the mods or the admins
5. No Spam/Ads
No advertisements or spam. This is an instance rule and the only way to live.
A collection of some classic Lemmy memes for your enjoyment
Sister communities
- [email protected] : Star Trek memes, chat and shitposts
- [email protected] : Lemmy Shitposts, anything and everything goes.
- [email protected] : Linux themed memes
- [email protected] : for those who love comic stories.
founded 2 years ago
MODERATORS
Who TF isn’t using a password manager in 2025? Like how would you even function?
EDIT: Y’all need to stop replying with your password generation strategies. JFC it’s like you’re asking someone to pwn your shit.
My employer, a fortune 500, blocks password managers and all other add-ons.
When will he be hacked.... Let's place bets everyone!
Can I register your bet for 27 dollars or euros?
Sure, I'll bet in Dollars and take the number equivalent payout in Euros
My employer, a 12 people big company, nowhere near any fortune list, mandates the use of 1password for all company related accounts.
Ah but you see there's the problem, you don't have a committee to launch a working group that puts together investigative teams to research and write reports on the benefit of the solution, the ROI of the solution, the training costs of the solution, stakeholder buy in of the solution, and potential alternatives to the solution. You need at least a 10 month process before one jackass says they don't want the solution so the committee can recommend to management that the solution be abandoned.
God damn, you sure you're not a politician?
Insinuating that I may be a politician is the most insulting thing someone has said to me in a while, well done. And no I'm not, I'm just a guy who spent over a decade self-employed then went into the corporate world and tried to bring my innovate quickly mindset with me and very quickly found out that even a simple change requires that only affects my department required 5 different people from outside our department to sign off on the change and each one of them assigned 1 or more people to research and report on the change. Losg story short, after a while I found out what was going on and why nothing ever got adopted and I being a snarky asshole learned there corporate buzzwords and started stringing them into the proposals.
Wasn't intended as an insult, just a joke at your sarcasm reminding me of how politicians talk
I was also joking, I assumed you were joking.
Federal and State jobs you can’t use password managers.
My federal job came with one pre-installed.
Depends on your clearance level/what you have access to.
Not gonna get specific, but, I have access to a shitload of sensitive personal data. It's more likely you ran into an agency policy rather than a federal policy.
No it is literally determined by clearance level. It is mandated.
Yeah. My agency doesn't use clearance level to determine security requirements. It's likely your password manager policy is agency-specific.
are you trolling or do you not realize this is massive liability?
I think they believe getting their fingerprints and having a background check means they have a security clearance or something.
Health records for veterans don't require a security clearance to be managed. (Personnel records for active military only require a Secret level clearance) You'll wanna take it up with whoever manages security for the VA about the 'massive liability' involved.
https://www.va.gov/securityinvestigationscenter/frequently_asked_questions.asp#q006
Lol so you do not have a security clearance.
Got it.
FYI if you had a security clearance, posting that you have one in your personal Lemmy account would absolutely be grounds for it to be revoked.
If you'd paid attention, you'd notice that I never said I had a security clearance. Hell, I even outright said "My agency doesn't use clearance level to determine security requirements".
The fact that you put so much effort into proving me wrong that you lost sight of what I was actually saying says more about you than it says about me.
At this point I am certain you do not know what a security clearance is.
This is how you get in my block list.
Yeah idk about that. I've worked in state govt for a very long time and our cybersecurity controls essentially mandates we use one. I'm also in our security audit team and have to talk to state offices about our NIST controls regularly. And the NIST DOD controls are even more stringent than ours. Something sounds off.
Okay so remember the one or two ones you need there (try a passphrase!)
For everything else - password manager.
Federal I had about 15 passwords. The State job I had about half that.
Yep.
I use pass phrases filtered through a mess of cyber chef.
Those are hackable too through
I have passwords I don't care about, passwords I keep on the manager, and then important ones I enter manually every time
Don't ever use lastpass and the likes, when good open source ones exist.
Like Bitwarden.
Because they seem to fall into two categories. Those that have been compromised
And those who haven't.... Yet
I use modified “HorseBatteryStaple” style passwords. I have a couple base phrases that I always remember, with special characters and numbers inserted. I modify them bit by bit for different sites, and keep a list of the changes - only the changes. Anyone who looks at the list would see random words, numbers, or symbols without context; only I know how it all fits together.
For example, let’s pretend HorseBatteryStaple1! Is my default password. I may have “cell phone, machine 5” on the list. That would mean the password for my cell phone’s payment website modifies the default password by changing one of the words in HorseBatteryStaple to “machine” and the number 1 to 5.
I know password managers exist, but I like to try to remember my own passwords. Especially since I may need them across different devices, including my work laptop that I can’t download new programs onto.
Caution, reusing parts of your passwords like that significantly reduces the effective entropy.
If someone finds HorseBatteryStaple1! in a plaintext leak, then they only need to guess one word and one number to get your phone password (assuming they know your format or use a matching heuristic).
So using a combination of this comment and an existing leaked DB (trust me, your credentials have leaked somewhere at some point), all your accounts could be trivially cracked.
I basically use a childhood limerick in leetspeak. Easy to remember, tough to Crack. Like for example, Peter Piper pickedna peck of pickled peppers becomes "P3t3rP1p3rP1ck3d4P3ck0fP1ckl3dP3pp3rz!" Of course I never used that particular one, but you get the idea.
So you have the same password for everything? Which would mean a single password leak would compromise all of your accounts?
Brah
I function by only having 2 accounts I actually care about. Bank and e-mail. The rest get the same password over and over because I legitimately don't care about them and never give them real personal data.