This guy doesn't even know how to breathe without doing something illegal, does he..?
leftzero
joined 2 years ago
Yeah, he meant to say IBS.
I can have 20,000 character long passwords with a password manager
Sure. Most websites will either truncate them or outright reject them due to being too long, but sure.
Most users, however, will use the 12 to 16 characters auto-generated ones, though, which are sufficiently hard to crack (though not as much as an easy to remember passphrase, not that it matters; the easy to remember part is what matters about passphrases).
that makes it significantly less secure
No it doesn't. Even if a few of the passphrases leak, your algorithm, if well chosen, shouldn't be easy to reverse engineer... and unless someone is specifically targeting you (and has access to enough of your passphrases) there's much easier fish to catch; if a leaked passphrase doesn't work in other sites, no one will waste time trying to figure out if it has some logic to it.
I could have 20,000 character completely unique passwords with a password manager
No you couldn't. You'd have one password and one password manager (which would have all “your” other passwords; as would anyone else with access to your password manager).
Until you lose access to your password manager, of course... which is bound to eventually happen, due to hardware or software issues or loss of the device if it's local, or due to network issues, the provider discontinuing the service, or inevitable enshittification if it's online.
And, of course, you'll have a single point of attack from which your password can be leaked (or sold, if it's an online service) or stolen.
vastly more complex passwords
Complexity is practically irrelevant when compared to length when it comes to passwords. That's the point of passphrases.
do you actually expect people to remember 100+ unique phrases
You can have a small number of passphrases and simply choose one and add a word or two based on the site. It's trivial to “remember” an infinite number of unique passphrases if you've got an algorithm. 🤷♂️
Granny Weatherwax looked out at the multi-layered, silvery world.
“Where am I?”
INSIDE THE MIRROR.
“Am I dead?”
THE ANSWER TO THAT, said Death, IS SOMEWHERE BETWEEN NO AND YES.
Esme turned, and a billion figures turned with her.
“When can I get out?”
WHEN YOU FIND THE ONE THAT’S REAL.
“Is this a trick question?”
NO.
Granny looked down at herself.
“This one,” she said.
— Sir Terry Pratchett, Witches Abroad
This assumes a) passwords, and b) poor passwords at that.
Passphrases are easy to remember, extremely hard to crack, and easily customisable for every site, and you don't need no fucking password manager to store them.
Though I'll give you this: password managers are not, after all, necessarily single points of failure.
If you need a password manager to manage your passwords you're a much more vulnerable point of failure than your password management bloatware itself.
Tighten't.
Reality has the bad habit of often being unrealistic.
Paraphrasing Neil Gaiman, LLMs don't give you information; they give you information shaped sentences.
They don't encode semantics. They encode the statistical likelihood that each token will follow a given sequence of tokens.
“Does it have denuvo (or any other form of malware, including microtransactions)” should be the first question.
If the answer is yes, never look at it again, and permanently blacklist both developer and publisher.
If the answer is no, then go on with the rest of the diagram.
The road being frictionless is irrelevant unless it's also in a vacuum.
Chickens are not very good fliers, sure, but even this spherical chicken could probably manage a short flight to whichever side of the road it pleased.