Another nugget I’ve heard, is if you include some random chunk in all of your passwords, like “*****” or something, even if it’s predictable, just the sheer character count it adds already gives you a huge boost to entropy. At the end of the day, character count is king. (And the best way to remember long character count strings, especially when they are all unique per service, is a password manager. That’s the actual real secret.)
my master password is a long sentence with a few non-dictonary words in it that mean something to me (one is a compound word one is sci-fi shit). i mix it up sometimes (about every year).
Another nugget I’ve heard, is if you include some random chunk in all of your passwords, like “*****” or something, even if it’s predictable, just the sheer character count it adds already gives you a huge boost to entropy. At the end of the day, character count is king. (And the best way to remember long character count strings, especially when they are all unique per service, is a password manager. That’s the actual real secret.)
my master password is a long sentence with a few non-dictonary words in it that mean something to me (one is a compound word one is sci-fi shit). i mix it up sometimes (about every year).
Unless the attacker knows you do that.