Brute force protection

@memes

  • sloppy_diffuser@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    1
    ·
    9 months ago

    I do a passphrase like the comic followed by 56 characters of gibberish using an https://onlykey.io/ (acts as a USB keyboard) that has a 10 digit pin (6 characters to choose from) and a kill switch pin (if I were ever forced to unlock it). I use this method for my disk encryption, main account login, and password manager.

    I also use a https://www.themooltipass.com/ for vendor diversity (4 digit pin but all hex characters). I prefer the onlykey.

    I rotate the gibberish monthly and the passphrase 2-3 times a year.

    Once a year I change up the pin codes.

    I figure that gives me enough entropy from brute force on all my systems with a balanced level of convienence and security. I literally don’t know a single one of my passwords.