How many more passwords of this format can you construct? `have` is fixed, the `!` at the end is a classic, and the 12 number is pre-determined by true cats and the 3. So the only degrees of freedom you have are:

- the entity number (3)

- the kind of entity (Cats)

- the kind of part (Legs)

and that's not a huge number of combinations.

replies(1): >>41879329 #

3. mangodrunk ◴[18 Oct 24 13:30 UTC] No.41879288[source]▶

>>41879233 (TP) #

Why mention memorizing passwords? Most people have dozens of passwords, and most people would have trouble memorizing even a simple word for dozens of passwords. I have a lot of trouble with those annoying security questions which one would assume would be constant and easy to answer.

replies(1): >>41882318 #

4. mr_mitm ◴[18 Oct 24 13:32 UTC] No.41879303[source]▶

>>41879233 (TP) #

The vast majority of passwords does not need to be easy to memorize because they should be stored in a password manager. In fact, I'd argue that the harder it is to memorize, the stronger the password.

Yet they still need to be typed on cell phone keyboards, TVs, or communicated over phone (shared passwords are the best compromise if asymmetric cryptography is not an option), in which case you usually need to spell it out anyway.

replies(1): >>41879352 #

5. bayindirh ◴[18 Oct 24 13:35 UTC] No.41879329[source]▶

>>41879283 #

"My4BikesHave9WheelsBecause1IsATricycle?" is a valid one for example?

replies(2): >>41879439 #>>41879624 #

6. bombcar ◴[18 Oct 24 13:38 UTC] No.41879352[source]▶

>>41879303 #

Cell phone keyboards should have a "QR code input" and then you could just use a QR code generated by your password manager dynamically.

7. nothercastle ◴[18 Oct 24 13:46 UTC] No.41879439{3}[source]▶

>>41879329 #

You have to type that all in without error and the archaic app needs to actually support that many characters

replies(2): >>41879461 #>>41879748 #

8. bayindirh ◴[18 Oct 24 13:49 UTC] No.41879461{4}[source]▶

>>41879439 #

I write longer passwords than that periodically. Archaic applications will get shorter variants. No two app will share the same password.

All are no problems for me. With or without a password manager.

9. Dilettante_ ◴[18 Oct 24 14:08 UTC] No.41879624{3}[source]▶

>>41879329 #

The question mark makes this look like it's the title of a new hit light novel

10. BobaFloutist ◴[18 Oct 24 14:22 UTC] No.41879748{4}[source]▶

>>41879439 #

Typing that all in without error is considerably easier than typing TMJ0ltu*zif52Cb& in without error.

11. samatman ◴[18 Oct 24 18:48 UTC] No.41882318[source]▶

>>41879288 #

Have you not memorized the password to your password manager?

How would that even work?

replies(1): >>41887328 #

12. gregjor ◴[19 Oct 24 11:59 UTC] No.41887328{3}[source]▶

>>41882318 #

FaceID or YubiKey

replies(1): >>41895663 #

13. samatman ◴[20 Oct 24 14:41 UTC] No.41895663{4}[source]▶

>>41887328 #

Ok, but if there isn't a high-entropy sequence of "something you know" somewhere in the system, you've created some pretty bad failure modes. 1Password requires a master password periodically, but can otherwise be unlocked by AppleID (presumably also true for secure-element biometrics on other platforms).

I maintain that a good secrets management system has a number of passwords which should be memorizable (and memorized) which is greater than zero. Possibly by only one element.

replies(1): >>41900679 #

14. gregjor ◴[21 Oct 24 04:23 UTC] No.41900679{5}[source]▶

>>41895663 #

Every password manager I know of, including Apple's, requires a strong password to unlock the vault. FaceID or YubiKey allow me to bypass typing that so often, but anyone trying to get into my accounts or password manager would have to know the strong password and get past the physical/biometric 2FA.

↑