Here is an example (no, not one I am using) of what a password of mine may look like:
WW91IEtub3cgSG93IFRvIFNjYXJlIE1lIFNoaXRsZXNz
And no, it is not hard to remember at all.
I use offline, non-caching Base64 coders.
https://www.base64decode.org
#privacy #encryption #passwords
Also wanted to test linking a Mastodon post of mine to my Lemmy account.
If anything bungles up, sorry in advance!
“You Know How To Scare Me Shitless” is 33 characters and a decent passphrase on its own.
Base64 brings the length to 44 characters, but you might be better off by just using a longer passwphrase (eg. “You know how to scare me shitless and you do it every day, dear student of mine!” is 80 characters long, not much more difficult to remember that the 33-char one and way easier to type than the 44-char base64 one).
I’m sorry, but even though you undoubtedly mean well, you’re giving thoughtless advice by recommending someone use an 80-character passphrase over a 33-character passphrase. The only difference between the two is that the 80-character passphrase is longer; it is not more secure in practice. A 33-character passphrase will not be brute forced, period, and your suggested passphrase, “You Know How To Scare Me Shitless”, is not “decent”—it is unbreakable.
I wasn’t recommending OP to switch to an 80-character passphrase (see the very first sentence in my comment)… I was just showing that passphrases are about length and not about (real or perceived) randomnesshow difficult they are to memorize or type.
Also, if I may, one shouldn’t throw terms like “unbreakable” around: security is a game where you trade usability for resilience to attacks and what how much security is enough security depends on your specific circumstances and risk profile… absolute terms like “unbreakable” picture security as something different than the compromise it is and should be left to marketing people.
“You Know How To Scare Me Shitless” is 33 characters and a decent passphrase on its own.
Base64 brings the length to 44 characters, but you might be better off by just using a longer passwphrase (eg. “You know how to scare me shitless and you do it every day, dear student of mine!” is 80 characters long, not much more difficult to remember that the 33-char one and way easier to type than the 44-char base64 one).
All in all, IMHO base64 is not the best idea.
I’m sorry, but even though you undoubtedly mean well, you’re giving thoughtless advice by recommending someone use an 80-character passphrase over a 33-character passphrase. The only difference between the two is that the 80-character passphrase is longer; it is not more secure in practice. A 33-character passphrase will not be brute forced, period, and your suggested passphrase, “You Know How To Scare Me Shitless”, is not “decent”—it is unbreakable.
I wasn’t recommending OP to switch to an 80-character passphrase (see the very first sentence in my comment)… I was just showing that passphrases are about length and not about
(real or perceived) randomnesshow difficult they are to memorize or type.Also, if I may, one shouldn’t throw terms like “unbreakable” around: security is a game where you trade usability for resilience to attacks and what how much security is enough security depends on your specific circumstances and risk profile… absolute terms like “unbreakable” picture security as something different than the compromise it is and should be left to marketing people.
edit: (see correction above)