Not a true greentext but I hope I have captured the spirit of it. (First time I wrote smth like this, don’t be harsh on me. >w<)

  • @Zachariah
    164 months ago

    Yes, and the master should be a paraphrase not a password.

    • @[email protected]
      84 months ago

      That’s just recommended to emphasize length. If your password is as long as a passphrase it’s likely more secure (harder to remember though).

      • @Zachariah
        74 months ago

        But if the point is to remember it, then you should use the security from length of series of 5+ random words. It’s easier to remember, write down, and type. All great characteristics of a master passphrase.

        • @[email protected]
          84 months ago

          I don’t disagree, sorry if it sounded like I did.

          There’s just a theoretical weakness since the base word lists are usually public knowledge and bruteforcers could (and probably already have) optimize for that.

          The advantages of a passphrase outweigh though as you mentioned. An attacker would first need your repo anyway.

          • rockerface 🇺🇦English
            64 months ago

            I’m adding obscure memes and anime references to my passphrases. Good luck bruteforcing that

            • ՈրբունիFrançais
              14 months ago

              Separating some of the words with random symbols also isn’t too hard to remember and no chance that can be bruteforced.