In password security, the longer the better. With a password manager, using more than 24 characters is simple. Unless, of course, the secure password is not accepted due to its length. (In this case, through STOVE.)

Possibly indicating cleartext storage of a limited field (which is an absolute no-go), or suboptimal or lacking security practices.

  • 4grams@awful.systemsEnglish
    6·
    24 hours ago

    Yeah, I’m up to 40 hide my addresses for that same reason. Figure if the password sucks, at least the email can be unique and obscure.

    • mic_check_one_two@lemmy.dbzer0.comEnglish
      3·
      13 hours ago

      I just use a catch-all email domain. It’s functionally similar to a hide-my-email address, except the email addresses are much easier to read and remember.

      Every single email that hits my domain goes to the same inbox. So Target@{my domain} and Walmart@{my domain} both hit the same inbox. And if I start seeing spam addressed to Target@{my domain} then I know Target sold my info. I can easily filter everything to that address straight to spam, with the exception of any senders ending in “@target.com”

      It means my shit gets automatically sorted into neat little folders before it ever even hits my inbox. I can still get the birthday coupons, while all of the spam quietly vanishes into the spam inbox abyss.

      • sudneo@lemm.eeEnglish
        1·
        9 hours ago

        I used to do this, but then why revealing even my domain. I have bitwarden integrated with simplelogin, and I get [email protected]

        This way I can easily filter with prefix matching (if I want to), but don’t reveal anything at all about me. Also much easier to be consistent, block senders etc. Plus, I can send emails from all those addresses if I ever need (e.g., support).

      • 4grams@awful.systemsEnglish
        2·
        12 hours ago

        I had delusions of trying to keep track of which address is sold by who which is why I did the hide my email addresses. But I’ve always kept separate personal and spam accounts. This was my attempt at combining to a single account.

        https://xkcd.com/927/

    • AA5B@lemmy.worldEnglish
      3·
      19 hours ago

      168! Don’t hold back - everything gets a unique email address, a generated password, unique username and profile info.

      It’s only the damn phone number that can be used to connect my data. Can’t do anything about that.