Ever since the Lastpass breach (thankfully moved to Bitwarden and recycled passwords prior) I’ve had a heightened awareness of the potential for vulnerabilities beyond my paygrade leading to online catastrophe for me. I use Bitwarden to generate a random password for all sites.

If it’s something which could truly cause a headache such as my email or banking however, I’ll usually append the domain name, or a word, or a symbol to the password such that after my phone or PC’s Bitwarden autofill enters the saved password I also need to enter whichever word or symbol for the site. Feels like this gives me some defense if people smarter than me made a mistake, but I guess I have questions for folks who know about hashing/blackmagic/thecyber.

  • Would this have any benefit, if one were to put “google” at the end of their Google password, as far as protecting from a password manager exploit?
  • No, I don’t actually put google or reddit at the end of my password; oops not a question
  • Is that already something baddies would know to try? Or did I just play myself by posting this on the internet?
  • CAPSLOCKFTW@lemmy.ml
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    1 year ago

    “baddies” usually prefer easy targets. So unless you are high profile you will be fine IMO.

    If you’re high profile you should have weekly changing, random, 16+ chars long passphrases that are not stored digitally. At least for the important stuff.