The world ended in 1945.
How did he guess my password?
Store them in your autistic brain.
How are you calling someone lazy for not using your technique while also praising your technique for saving someone from the menial task of typing in passwords themselves. I can type extremely fast, and I simply like having access to all my passwords on any device I ever want to use (because it's in my brain). If you want to use your passwords on any external devices you're shit out of luck, unless you back it up into the cloud in that case you have to put faith in whichever hosting service you're using. Unless you self host it yourself, which is respectable but I simply don't want to. I self host a lot of things from my own email server to a matrix chat instance, but I simply don't want to bother with password managers. It's not a matter of laziness, it's just simple and it also enhances opsec and I have a 110 wpm typing speed so I don't give a shit about typing in my password manually every time.
That's the point of the pattern, it's not supposed to be the sitename itself. Mine is incomprehensible gibberish and you wouldn't get the part where the universal part of it ends and the unique part begins. I just gave the example of reverse website name for demonstration purposes. Besides this is such an obscure method that I guarantee absolutely no hacker at all ever attempts to reverse engineer passwords to guess on different sites. It's just not happening.
Cool. It lasted 4 seconds to a combinator attack protected by md5.Just for fun, I tried to see if "mypasswordistotalshit!!" was a secure passphrase (it's not mine, I just came up with it off the top of my head) to see how long it would take a computer to crack. And this is why passphrases are better.
With SHA512 it lasted 7 seconds.
The most compelling reason to use a password manager is that you get to copy and paste your complicated 20+ signs passwords instead of typing them every single time, which, let's be honest, you wont.
Crackers do this with leaked password dumps already. They use the dumps as their core dictionary and start modifying the entries to broaden their attack.
Too bad lots of sites limit the password lengths or won't allow spaces (underscores work ok though).
Best if it's a diy solution not using any salt at all.
Glad to see that you have a robot brain but for us humans with dozens if not hundreds of different accounts, memorizing that many variations requires an easily understood pattern, a huge mental effort every time to keep track of everything, or passwords that aren't nearly complex enough. Typing speed doesn't matter here, you want to use at least some special signs and typing them makes it even more annoying than just a few words.
You won't be bruteforcing 20+ characters passwords over a web service. Locally, sure, but online is another story.
Time.Estimated...: Wed Mar 22 01:32:38 2023 (12 days, 12 hours)
Ok, that made me amend my last post.
True, but only retards think their security is immune against anything yet undiscovered and when the database is dumped the attackers have all the time in the world.
