overly complex passwords just means that users will write them down. ugh. but at least we have a plethora of password managers now for people to use... and write down their master password 😆
the amount of people that used to write their passwords on post-it notes at my office and say things like "i know im not supposed to do this, don't look" as they pull it out when i was at their desk was too damn high.
When I migrated from memorized passwords (all of them shared the same mnemonic — terrible security) to Bitwarden as my password manager, I came up with a long complex master password. I proceeded to forget it and literally sat down for two hours trying to remember, shitting my pants that I might have just lost everything. Luckily I finally remembered and will never forget now (unless I get a serious head injury).
Ugh. I know that feeling. Passwords are a pain. I like what the FIDO alliance is doing.
What's FIDO alliance doing?
Passwordless authentication. FIDO2 uses a variety of methods, including biometrics, public key cryptography, and secure elements, to create a secure and user friendly authentication experience instead of using passwords.
KeePass, look into it
