
A password keeping approach for mortals - nerdthoughts
https://nerdthoughts.quora.com/A-password-keeping-approach-for-mortals?share=1
======
nerdthoughts
I'm looking for feedback on this approach. Usability or security wise.

~~~
gmuslera
Not all passwords are alike. Some are meant to be remembered (your password
manager one, the mail account for recovering passwords, and/or a few more)
while others can be stored in a password manager and just pasted in the
password field without ever thinking on what they actually are.

The first group is the one that should be easy to remember for you but very
hard to guess, specially with brute force/automated attacks (and if you want,
have measures to be shared with your loved ones on your death). The xkcd
approach is a good default for picking them, but you can do your own variation
as long you remember it.

And the second one shouldn't be generated with a fixed schema that could be
figured out if one or even several of the sites you have an account on gets
hacked and retrieved your plain text password.

~~~
nerdthoughts
Good point.

How do you use your password manager to allow loved ones access if something
happens to you?

~~~
gmuslera
Is a just a encrypted file with a master password. Any mechanism that enables
me to leave to someone else that master password (or a key part of it) would
work.

