I had a password manager with a biometric lock option that I used exclusively. I hadn’t used the password since I created it and a year later I couldn’t remember it when I was moving to a new device… RIP all my passwords. Fortunately my email was one of the few passwords I memorized and refused to put in the password manager so I was able to recover most of the accounts.
That’s one of the reasons why I don’t use biometrics - you’re kinda screwed if you can’t use it anymore. Another would be that it isn’t as secure as it seems.
Generally I recommend memorable passwords, such as using 6 random words (e.g. generated with a wordlist) for accesses you have the risk of typing in yourself. After 10 or so times it’s easy to remember if you sort of create a sentence out of it in your head.
For passwords that will only be accessed from the password safe I’d just make it random, since you’d have your password safe. Usually the only time you’d want to change your password is there was an unauthorized login or there’s been a breach.
I generally just adopted the amount of words recommended for the EFF’s “long” Diceware list, explained in the accompanied Deep Dive. I don’t use that list anymore, as I just rely on the wordlists provided by password safes, though the habit stuck.
I had a password manager with a biometric lock option that I used exclusively. I hadn’t used the password since I created it and a year later I couldn’t remember it when I was moving to a new device… RIP all my passwords. Fortunately my email was one of the few passwords I memorized and refused to put in the password manager so I was able to recover most of the accounts.
Store you master password in a local fileon a USB stick that is password protected but using a simple password you can’t forget.
Or put a pice of paper inside your pc with the master password.
That’s on you for not writing down the password somewhere safe tbf
That’s one of the reasons why I don’t use biometrics - you’re kinda screwed if you can’t use it anymore. Another would be that it isn’t as secure as it seems.
Generally I recommend memorable passwords, such as using 6 random words (e.g. generated with a wordlist) for accesses you have the risk of typing in yourself. After 10 or so times it’s easy to remember if you sort of create a sentence out of it in your head.
For passwords that will only be accessed from the password safe I’d just make it random, since you’d have your password safe. Usually the only time you’d want to change your password is there was an unauthorized login or there’s been a breach.
6 words is a bit overkill I think. Also just adding a single number and sign to a 4 word combo should be just as safe but easier to remember.
Like word.wordwordword4
I generally just adopted the amount of words recommended for the EFF’s “long” Diceware list, explained in the accompanied Deep Dive. I don’t use that list anymore, as I just rely on the wordlists provided by password safes, though the habit stuck.