I read other posts, but none of them seemed to cover my main concern as password managers being a single point of failure.
What exactly is the difference of using **(A)** the same 25-long password for all my important logins (email, banks, personal documents), and **(B)**, a 25-long password as the master key to my password manager with different keys to my individual logins?
A malicious user would take the same amount of time to crack that 25-long password in my password manager and my bank account. In scenario A the attacker would crack the password and have access to my other logins (since they are all the same), and in scenario B the attacker would crack my password manager, therefore exposing all my other logins. So what exactly is the difference here?
I understand password managers help the general population in the sense of enforcing a stronger password. But if you already use a very strong password (i.e. 25 characters) for all your log-ins, I don’t really understand the difference to having a password manager, where I would use that same password as the master key, which technically leads to the same catastrophic scenario.
Help me understand.
In: 5
If your password is long enough that you can remember it: Not secure (or you are one insane superhuman.
If your account uses an algorythm to be created .. e.g. your name + phonenumber+first 5 letters of the Service: NOT secure.
If your password is used at more than one service: NOT secure, because that site could have been compromised.
best security ? md5-hash sized passwordlength (32 characters) using all possible letters in the UTF8-Alphabet.
Latest Answers