Few months ago (maybe more than 12) I created a project for myself and then I decided to make it public. I did not promote it but maybe you know about it. The application helps you create passwords for your accounts with few hints.
Let’s be honest, we all have a good password that we know.
OK, maybe two or three. Let’s say your password is “george”
The password for your Facebook account can be created from
(1) george (2) account (3) facebook
Generated password: za3M690<,<4rY,\089d<;
The password for your GMail account can be created from:
(1) george (2) account (3) gmail
Generated password: 6873r,zr<2M7&LzpZL=<.a
Now, why I created this tool?
The password for FTP mywebsite.com
(1) george (2) ftp (3) mywebsite.com
Generated password: p<\L’r9q5aM8L,[1YM9&Z2;
You get the point.
The main feature is that the password is generated from the string, not random.
So, each time you enter
(1) george (2) account (3) facebook you will get za3M690<,<4rY,\089d<;
Just for clarity, for anyone reading, the way I understand this:
The service does not retain and manage passwords, per se, but is a generator
The service creates a complex password by taking your input (known word/key, type of account, url)
The same password will be generated from those same inputs each time you use it, so as long as you remember your inputs / use a pattern, you can just go there and use the tool to recreate your password.
That all said, I can’t see a use for this. You can’t use a simple word, as you’re going to have the same password as other people.
It isn’t convenient - you’d need to go fetch them every time you want to login.
Unless of course you save them, in which case why not just generate a random string and save that instead of using this particular tool, or use a fully featured password manager that does random passwords, plus saving them for you, autofills, etc?
What is your use case for this? I might be missing something.
The use of complex passwords is to avoid brute-force (and not only). You do not want to have the password “George” for
your FTP account. Like I said, the purpose of this was to create strong passwords for my FTP accounts.
you can store the script on your server and change all default settings (length and no. of answers)
the point is not to use a single word, you may use some generic password AND something else so, I doubt you will have the same password with someone else if you use this tool the right way
True, this is the biggest issue BUT you do not have to remember a complex password, just few concepts and a simple rule.
That’s the point, to avoid keeping your passwords stored
Although I do agree that having a strong password is a very good thing, I think this service might be more of an “awareness” thing rather than it being anything of real value. i.e. it will demonstrate what characteristics a strong password should have but would be cumbersome to use regularly.
That is, I would be unlikely to remember the generated password and I would prefer to not rely on a third party to provide it.
True, I could write it down in a notebook or save it another way, but even though it might be strong it is not easily memorable.
* note
I use “one-off alternating caps” for my passwords eg.
instead of “remember” it would be “4#j#jG3$”