• itslilith
    link
    fedilink
    arrow-up
    3
    ·
    2 months ago

    Use that, but only for the handful of passwords that you

    a) need to remember regularly, even when you don’t have access to your password manager b) need to be really secure

    I’d say email and banking are the obvious ones. For everything else, rely on a good (self-managed, open source) password manager. Sure, a passphrase beats any human-memorable password, but it doesn’t stand a chance against my 250bit entropy machine generated passwords. And thanks to KeepassXC I never have to type any of them. And sure, you can secure your password manager’s database with a passphrase, if you’re so inclined