I read other posts, but none of them seemed to cover my main concern as password managers being a single point of failure.
What exactly is the difference of using **(A)** the same 25-long password for all my important logins (email, banks, personal documents), and **(B)**, a 25-long password as the master key to my password manager with different keys to my individual logins?
A malicious user would take the same amount of time to crack that 25-long password in my password manager and my bank account. In scenario A the attacker would crack the password and have access to my other logins (since they are all the same), and in scenario B the attacker would crack my password manager, therefore exposing all my other logins. So what exactly is the difference here?
I understand password managers help the general population in the sense of enforcing a stronger password. But if you already use a very strong password (i.e. 25 characters) for all your log-ins, I don’t really understand the difference to having a password manager, where I would use that same password as the master key, which technically leads to the same catastrophic scenario.
Help me understand.
In: 5
they don’t bother to crack your password, they hack some website that shares with facebook…you know when some site says “log with Facebook or Google”
So that 3rd party site gets phised and hacked and they access logins.
Then they try that password with banks, ebay, or job. just as so many people use 12345 or ‘password’ so do lots of folks use the same one for different sites.
I get really annoyed with sites that require military grade passwords dingbats and all, nobody remembers them so we either write them down, or go through a password reset routine that depends on whatever weakass security you have on your end.
Latest Answers