Can we talk about password managers versus the 'passphrase' method?

I see a lot of people pushing password managers as the only safe way to go, but I disagree. For years, I used a well-known manager, but a breach at the company that made it left me feeling exposed. I switched to creating my own long, unique passphrases for each site, like 'correct-horse-battery-staple-2024-bank'. It takes a bit more memory, but I control it completely. The manager was convenient, but it felt like putting all my keys in one digital lockbox that someone else held. My method might not be for everyone, but after that scare, I trust my own system more. Has anyone else moved away from a manager after a bad experience?

2 comments

2 Comments

leerobinson7d ago

Honestly, that breach you mentioned is a huge reason some folks avoid managers. Tbh I read an article last week about how a lot of people are moving to a hybrid system. They'll use a manager for most random sites, but then make a really strong, unique passphrase by hand for their main email and bank accounts. It splits the risk. Ngl, remembering a few key passphrases feels safer than having one master password unlock everything, even if that master password is strong. Your method makes total sense after getting burned.

nina1477d ago

My own master password is a 15 word phrase about my cat's weird eating habits. It's so specific that if the manager gets hacked, the thieves will just know too much about Mr. Whiskers and his love for buttered asparagus. The hybrid method is smart because my brain can handle three great passwords, but not three hundred. After my last breach, I'm basically willing to handwrite passwords for my bank on actual paper.