Also known as adding pepper to the password, write down your pepper somewhere so you don't forget, and make sure it too is randomly generated for maximum security - - additionally use MFA/2FA where you can, always
@@TT77705 2 factor, or multi-factor authorisation. It's where you require another factor than just something you know (ie a password), such as something you have (e.g. a time based code on a physical device) The most common 2FA set up is a password and a either a one time code sent via text or email, or a time-based code generated by an app on a mobile device. But there's plenty more, such as physical security keys like yubikey.
Basically have multiple a failsafe. Maybe a physical notebook. A password manager. Maybe an encoder/decoder for the combination of these two above. Listen, no locks are ever enough. What you are trading is your convenience for your security. You have 10 points, how you distribute them between convenience and security is up to you.
Good point. I think firstly you should have 2FA. Then more than one password needs to be leaked for someone to come to that conclusion because there’s no way to tell what part of the password your horcrux is i.e. how long, or location as it doesn’t have to be at the end or your password. And if your password manager itself is compromised you should probably change all your passwords anyway, so this gives you another layer of defence!
Basically, you need to create your own password. It doesn't matter if you use a password generator or a manager. *There is a saying in the CIA, never store your passwords digitally and always change them monthly/weekly if it's weak and never change them at all if it's extremely strong* as you'll end up with a weaker password after changing it. Note that, you need to have an extremely strong password to not change it for years. *Generally, it's recommended that you change your most socially active accounts password after an year... basically the accounts which you use on websites or social media.* Extremely long or extremely short passwords are easier to hack considering you'll get more accurate hits, *so keep it balanced and less predictable to both humans who know you socially and computers which are good with algos, logic etc.* So never use numbers from your phone no, people you follow on social media, your favourite stars etc in your password. *Never enter your personal info, phone number, email, Google photos linked email etc anywhere.* *Btw, using your pendrive in a local printer shop is the best way to get a shit ton of malware...* that's where typical foreign Intelligence or hacker guys go for spreading/infecting. Cheers! 🥂
That is a neat method I think this would be better if the extension to the password included other characters or stuff. (like a mini password). Or that you have a select few to choose from, instead of 1. Either way, your method still makes the password longer, which makes it harder to crack. (which is good)
Thanks bro, I agree, it can be as long and complex as you want, just a balance between convenience and security especially if you need to remember multiple!
@@Sam10X what if you had to remember just one but instead of being the last part of every password its an encryption code for the last 4, 6, 8 characters. you just remember "c4g8", c being the 3rd letter of the alphabet you add 3 to the corresponding number or letter, so a 3 becomes a 6 and a D becomes a G and etc. hows that sound?
I think that sounds great, you’re transforming the characters in a consistent way! Only difficulty is it’s less convenient to use and you have to know/see what you’re changing from each time 🤔
@@Sam10X no one or group can decrypt military / bank AES - 256 encryption LoL. Trusted password managers have multiple layers. It would take a quantum super computer to break the encryption lol and would take many many many many many lifetimes.
Yeah that’s interesting, I agree 🤔 I think this is less about directly cracking the password itself, and more about hackers getting access to the stored passwords through other means
huh? sure if they get just the encrypted database itll be gibberish, but not if they actually enter in with the master key or whatever the actual user of it has
The idea is to just use the one, otherwise you end up basically having unique passwords to remember again - I’ve made another video that goes into more detail 👌
They could also just have your whole password otherwise? Haha and yes, they could keep guessing as they could have anyway, but they don’t know what they don’t know and it makes it all harder for them
I’m not sure if I understand your question… the password manager shouldn’t be constantly asking you to update 🤔 and the password manager shown is Bitwarden
@@Sam10X Yes I use bitwarden, example my password abcdefg written in bitwarden, then I log in, then I add my salting such as 1234, after log in success, bitwarden always ask, do you want to update the password. So Im looking password manager that support salting or how to turn off the bitwarden ask to update password.
That's actually a really good way of fixing security flaws with password managers that sync to all devices. it's such a hassle to use offline secure password managers that don't sync between devices, but it's so much safer too
This could link you to accounts in data breaches. Even though you’re not using the same password which is how this is usually done. If you change your name, email address, physical address. Using data analytics in theory run it through a keyword search and deduce this is the same person. This is how they catch criminals…
Perfect is the enemy of good, there is no such thing as 100% security, but improvements are worth making to protect yourself and mean that your account won't be the low hanging fruit
Agree with both these points, this is probably more a quick win rather than solving for everything in the grander scheme of things. Great to highlight this though 👌
Whoa mannn.. something so simple yet so smart
Genius stuff
Get onto it man! 👌
totally agreed !
Also known as adding pepper to the password, write down your pepper somewhere so you don't forget, and make sure it too is randomly generated for maximum security - - additionally use MFA/2FA where you can, always
If you know, you know 😉
What’s 2FA And MFA?!
@@TT77705 2 factor, or multi-factor authorisation. It's where you require another factor than just something you know (ie a password), such as something you have (e.g. a time based code on a physical device)
The most common 2FA set up is a password and a either a one time code sent via text or email, or a time-based code generated by an app on a mobile device. But there's plenty more, such as physical security keys like yubikey.
Including cheese macaroni too.
U mean salt
Its useful unless you are using autofill 😂😂
Use what works…😂👌
perfect sync!!! THANK YOU
You know it 😉
Basically have multiple a failsafe.
Maybe a physical notebook.
A password manager.
Maybe an encoder/decoder for the combination of these two above.
Listen, no locks are ever enough. What you are trading is your convenience for your security.
You have 10 points, how you distribute them between convenience and security is up to you.
So true, great points! 🙌
Thats a great idea, thanks for sharing!
Glad to hear it Marcos 🙏
Bro write them down on a piece of paper
*Never watched HP. But this method is brillant!*
Love it! ⚡️
what if it gets leaked somewhere and now they know all your other horcruxes
Good point. I think firstly you should have 2FA. Then more than one password needs to be leaked for someone to come to that conclusion because there’s no way to tell what part of the password your horcrux is i.e. how long, or location as it doesn’t have to be at the end or your password. And if your password manager itself is compromised you should probably change all your passwords anyway, so this gives you another layer of defence!
Listen Harry Potter was never perfect 😂
defeats the whole purpose of having a pm.
This is just password salting and you just renamed it horcrux being a Harry Potter fanboy.
🧙♂️🪄
Haha because otherwise...haha! Love this method, makes so much sense!
Right?! Game changing stuff Ash!!
Misinformation. Reported
Thats genius
🤓
Except password managers have zero knowledge and are encrypted
Just a little bit more peace of mind…
Useful...tanks allot
Great to hear 👌
Basically, you need to create your own password. It doesn't matter if you use a password generator or a manager.
*There is a saying in the CIA, never store your passwords digitally and always change them monthly/weekly if it's weak and never change them at all if it's extremely strong* as you'll end up with a weaker password after changing it. Note that, you need to have an extremely strong password to not change it for years. *Generally, it's recommended that you change your most socially active accounts password after an year... basically the accounts which you use on websites or social media.*
Extremely long or extremely short passwords are easier to hack considering you'll get more accurate hits, *so keep it balanced and less predictable to both humans who know you socially and computers which are good with algos, logic etc.* So never use numbers from your phone no, people you follow on social media, your favourite stars etc in your password.
*Never enter your personal info, phone number, email, Google photos linked email etc anywhere.*
*Btw, using your pendrive in a local printer shop is the best way to get a shit ton of malware...* that's where typical foreign Intelligence or hacker guys go for spreading/infecting.
Cheers! 🥂
Great things to keep in mind! Usually need to balance with convenience unless it’s super sensitive. Thanks for sharing 🙏
That is a neat method
I think this would be better if the extension to the password included other characters or stuff. (like a mini password). Or that you have a select few to choose from, instead of 1.
Either way, your method still makes the password longer, which makes it harder to crack. (which is good)
Thanks bro, I agree, it can be as long and complex as you want, just a balance between convenience and security especially if you need to remember multiple!
@@Sam10X what if you had to remember just one but instead of being the last part of every password its an encryption code for the last 4, 6, 8 characters. you just remember "c4g8", c being the 3rd letter of the alphabet you add 3 to the corresponding number or letter, so a 3 becomes a 6 and a D becomes a G and etc. hows that sound?
I think that sounds great, you’re transforming the characters in a consistent way! Only difficulty is it’s less convenient to use and you have to know/see what you’re changing from each time 🤔
Bitwarden is end to end encrypted
Just a little something extra for peace of mind 😉
Lmfao. Stop misinforming people. If a hacker gets into a password manager, they get nothing but encrypted gibberish. Emails maybe.
Fake news? 😂 it’s an extra layer of security and peace of mind regardless, and who knows if they can get it decrypted…
@@Sam10X no one or group can decrypt military / bank AES - 256 encryption LoL. Trusted password managers have multiple layers. It would take a quantum super computer to break the encryption lol and would take many many many many many lifetimes.
@@Sam10X also, 256 AES level encryption has never in history been cracked.
Yeah that’s interesting, I agree 🤔 I think this is less about directly cracking the password itself, and more about hackers getting access to the stored passwords through other means
huh? sure if they get just the encrypted database itll be gibberish, but not if they actually enter in with the master key or whatever the actual user of it has
Mind blown!
Informative, useful, Harry Potter reference! Brilliant!!
🤯 Love it!
this is genius, thanks
🙌
That’s clever!
Glad you think so 🤓
Smart!! Just subscribed
Love it! ❤️
Nice trick man thanks
🪄
💀💀💀💀💀💀💀🤣🤣🤣🤣🤣
😈
This is useless, most sure limit your max character count🤦
Unfortunately not too great for the character limited ones 🙁
Nice idea friend thanks
Game changer 👌
Thank you for the great idea! Looks like we need to use a local "form-filler" to automate the secret "keyword" part!
If you find it secure! 👌
wow very genius although simple
The best kind!
just use keepass...
Different strokes for different folks 👍
Your right I use KeePass with a hardware two factor authentication and I have three copies of them in three different locations.
NIce trick. Do u use one horcrux for all websites? Or you memorize a horcrux for every website (too much horcrux to memorize lol)
The idea is to just use the one, otherwise you end up basically having unique passwords to remember again - I’ve made another video that goes into more detail 👌
I was about to dislike this, but I watched and actually seems like a good idea.
Glad you stayed for a few extra seconds 🙌
Thankyou very much, this is a great idea ❤😂😂
You’re most welcome 👌
Just got hacked and somehow saved my Facebook and Instagram account.
I wish i could have found this video sooner
Did your password manager get hacked?
@@ItzDelano I am pretty sure hacker somehow hacked my Google Chrome passwordmanager
Never going to use it again it is bad
That’s very unfortunate to hear…better late than never to improve security! 👌
But they still have most of your password, so they can start with that and then run software to guess the rest?
They could also just have your whole password otherwise? Haha and yes, they could keep guessing as they could have anyway, but they don’t know what they don’t know and it makes it all harder for them
the worst 'gotcha' to ever be thought
Actually it's very smart of you
🤓
Great advice
👌
this works for sure but if they break main frame server that store your passwords this no use
Every bit helps…!
@@Sam10X true
simple and sweet. Thanks
🙌
Great idea! Thanks!
You're welcome 🙌
😂😂 its for the rich people
😂
Where is the link to the full video?
th-cam.com/video/GcUqb7oB8vg/w-d-xo.html
Nice
I like this ALOT
🙌
How to stop password manager always asking to update your password? What do you used password mgr mostly?
I’m not sure if I understand your question… the password manager shouldn’t be constantly asking you to update 🤔 and the password manager shown is Bitwarden
@@Sam10X Yes I use bitwarden, example my password abcdefg written in bitwarden, then I log in, then I add my salting such as 1234, after log in success, bitwarden always ask, do you want to update the password. So Im looking password manager that support salting or how to turn off the bitwarden ask to update password.
Ah yes, just go to settings > options, and uncheck “ask to update existing login”, see if that helps 👍
Omg, thats a great idea
🙌
EXCELLENT! Great idea!
Haha yes! ✌️
Great :)
👌
Salty
🧂
This is upp my ally.
Love it 🙌
thts a big brain move
You know it 😉
That's actually a really good way of fixing security flaws with password managers that sync to all devices. it's such a hassle to use offline secure password managers that don't sync between devices, but it's so much safer too
Absolutely, helps us stay in control 🙌
They will just brute force the one word on the end , that's why you use 2fa with the password manager and on the site
Yes, need that 2FA!
No one can brute force the all mighty 6969
@@darklight6030 your right it's just not possible
How would they brute force the one missing word if they think they have the complete password 🤔
@@R26Roman my point is brute forcing an extra word or 4-6 characters isnt going to make much difference.
wtf
😂
I was thinking wtf….. why didn’t I think of this!!!
This could link you to accounts in data breaches. Even though you’re not using the same password which is how this is usually done. If you change your name, email address, physical address. Using data analytics in theory run it through a keyword search and deduce this is the same person. This is how they catch criminals…
Perfect is the enemy of good, there is no such thing as 100% security, but improvements are worth making to protect yourself and mean that your account won't be the low hanging fruit
Agree with both these points, this is probably more a quick win rather than solving for everything in the grander scheme of things. Great to highlight this though 👌
Love from india
Too bad I don’t understand. Talks too fast.
They need to add a half speed option...
Great
👌
Genius stuff lol
Big brain moves 🤓