Importance of Proper Password management

[Zlantann]

Experiences is quite an harsh teacher so is better you learn from others mistakes than yours.

Further recommendations would be appreciated. 

I saw your thread in Meta about forgetting your password. You went through a very rough time to recover your account. Using different passwords for all your accounts is ideal but remembering them all is also very important. Relying on our brains to store all our passwords is risky. The brain could malfunction due to health and other reasons. Alzheimer's disease, Parkinson's disease and ALS could cause brain loss. I have sometimes forgotten my password due to stress and anxiety. I am not very technologically inclined so I usually choose the simplest best option. I write down my important passwords and keep them in different locations just as I safely keep my wallet information. But I am open to new safer ways of keeping my information and I might implement some of the best options in this thread.     

[hd49728]

BTW, I think that the image from statista is outdated, as I don't believe that a password with only 11 lowercase characters + 1 uppercase would take only 300 years to get cracked by a malicious person nowadays. If that was the case, we could even think of writing our passwords down in a personal diary instead of anywhere online (much like our private keys or seeds).

Hive systems has its update on password security every year. This one is for 2024 update and you can bookmark it for future updates in coming years like 2025 and beyond it.

Just in case, long alphanumeric passwords with uppercase, lowercase and symbols is the way to go. And, as suggested by malwarebytes, enable 2FA when possible.

Set up a strong password is important and everyone should do it properly.

2FA is not a magical solution to secure your account if you don't know how to do it properly like your password. A bad practice of 2FA is don't back up the 2FA activation code (like don't back up your password), and install 2FA application on a same device on which you log in your email, your account. This practice will destroy your account and related fund, if that device is compromised or lost somehow.

[Lucius]

~snip~
What I'm saying is, like was said in the quoted section. It is good to use different password for different platforms for security purposes but we shouldn't rely on our brains alone but take proper record and a secured password manager can help with this (mind you is not the only method in keeping passwords).

I would not agree with the way you wrote it, because it seems to me like a very frivolous suggestion - the only correct thing would be to say that you should never use the same password anywhere, and I would also emphasize that you should always remember not to use any simple passwords or those that an attacker could "crack" if he has enough information about us. To clarify, if the attacker knows that you have children named Bob and Melinda, and if he knows their dates of birth, then he will definitely try to use a combination of those characters.

BTW, I think that the image from statista is outdated, as I don't believe that a password with only 11 lowercase characters + 1 uppercase would take only 300 years to get cracked by a malicious person nowadays. If that was the case, we could even think of writing our passwords down in a personal diary instead of anywhere online (much like our private keys or seeds).
~snip~

I checked with one of the tools that test passwords, and to brute force such combinations would only take 7 months. If you add only one number to that combination, that time increases to 6 years, and with two numbers to 57 years. Of course, the time can vary depending on how many resources someone would invest in trying to brute force a password.

[Kamustapo]

Password Managers

You should really consider adding Bitwarden to that list.

Thank you very much for the guides. I'll make a bookmark of it.
I'm sorry for asking questions that already have an answer, that was my mistake a s beginner.

You should also take a look at Bitwarden and the reviews.

Also you should bookmark https://ninjastic.space/search and https://search-beta.ninjastic.space/ for better search in this forum
They have the potential to get you a lot of info, since a lot of beginner things were already asked in the past.

I have read that some people mentioned about ninjastic several times, but I kinda stuck with it and I'm still trying to figure how to use it effectively.

There are still a lot of things that I have to learn from this forum.

[Aanuoluwatofunmi]

The management of password is what we should take with serious caution, its not by where or how the password is being store alone, but in what is used in storing them, many will think of the use of a password manager for storing their keys and passwords which is a complete wrong approach because they operate online and under a central authority, our password should be be only us can have access to without involving a third party in securing it.

[Tmoonz]

Using different passwords, is a good thing and the best way to maximize the security of your passwords. What most people fail to understand that the human memory is due to mistakes and sometimes when we don't often make use of a particular term in this case passwords, it might mix the whole thing up. So we tend to forget. This is another reason why I don't advise brains wallets at all. We can't always rely on our memory as it sometimes fails. Using password managers is the best method to store your different passwords as well as increasing the security of your passwords.

I really agree with you on this, completely relying on our brain to store information that might be use frequently can be very problematic to remember, indeed a good proper password management can be very helpful since we can easily fall back to them at the time of need, storing off line in different locations should also be encouraged since we can not completely rely on our brain all the, and most times when the brain undergoes certain level of stress we are prone to forget something at the time we needed them the most. We shouldn't learn the hard rather we should learn from other people mistakes.

[Rockstarguy]

I believe password management is one of the most important things for anyone who register accounts at various sites. I personally use different passwords on each platform only so I can be safe from data breaches.

I don't prefer any password manager to the ones who have a air gapped setup because they can literally save all their passwords as a text file and then save it on their air gapped system. It's that simple.

When it comes to password management it is better when you are your own password manager than relying on a password management that was designed by someone else. I think with this there is no privacy. It is very important that people needs to to take care of their password by themselves in a way that it will be safe and accessible all time. Though I haven't use any password manager app before to see how it works but I don't feel okay with this style of saving password.

Password management is what people shouldn't take for granted because when it is not been taking care properly is either someone else can have access to it or it can be lost which may never be recovered again.

[Peanutswar]

With these our browsers offering their password manager so you don't need to retype your password every time you will use it but of course make sure that your device will not be comprise as possible use a license software to prevent possible malware and keep updating your device too at the same time to prevent possible vulnerabilities. Personally I do always check the IP address of my BTT account so I make sure no one will access ^[1] just for additional safety of my account of course. AFAIK google before makes a check for the password vulnerabilities that they recommend you to update your password.

Code:

[1] https://bitcointalk.org/myips.php

[SamReomo]

Password management is what people shouldn't take for granted because when it is not been taking care properly is either someone else can have access to it or it can be lost which may never be recovered again.

Very true, those who take password management for granted often end up losing their passwords or someone else might get their passwords with black hat methods.

I believe passwords are more like ones assets and properties that one should look after, if someone avoids taking care of the passwords then that person will regret when someone stoles his/her passwords and use those to empty their accounts.

[PX-Z]

Password management is what people shouldn't take for granted because when it is not been taking care properly is either someone else can have access to it or it can be lost which may never be recovered again.

Very true, those who take password management for granted often end up losing their passwords or someone else might get their passwords with black hat methods.

I believe passwords are more like ones assets and properties that one should look after, if someone avoids taking care of the passwords then that person will regret when someone stoles his/her passwords and use those to empty their accounts.

This is true, your assistant tool become your enemy if this happens. That's why it needs to regularly using it. While i don't usually use password manager since i always use a password with combination of site's name and numbers, with email categories so if i cant remember it i will just use forget password using the email i usually use dor such kind of websites.

[hd49728]

When it comes to password management it is better when you are your own password manager than relying on a password management that was designed by someone else.

If you are a programmer, coder, you can go for it by programming your own password manager. You can believe it is good because it is built up by yourself but in quality and security, no guarantee that your own-built password manager is actually good.

If you have to use a third-party password manager, it is not actually bad if you choose an open source one to use.

I think with this there is no privacy.

If it is open sourced, verified and got good reviews by community, it's good. And if you use it offline, it's another good practice.

It is very important that people needs to to take care of their password by themselves in a way that it will be safe and accessible all time.

Password managers are better than simple available tools so people use it and rank it is better choice. You are saying the opposite to the truth. Password managers are similar to Bitcoin wallet softwares. People need to filter many available ones, pick good one to use and have good practice at the end.