We all know you shouldn’t recycle passwords (no need in trying to be ecological here).
Every now and then, you will need a password that you do have to remember by heart (e.g. the BW master password or your device login). It would be stupid to have those most critical doors be the ones with the weakest passwords… Especially if you use BW for your TOTP’s too… this would imply that BW itself is not TOTP protected.
So what’s your approach here? I’m already sharing mine.
Passwords that I have to humanly remember? Here’s my magic potion:
- Take a lyric of a song you like and can easily remember.
- Say those lyrics in your own dialect.
- Phonetically write the dialect.
Now you tell me what algorithm is going to find “OooohYaGonnaCall?Gostbustaz!!” in less then a 100 years? Is a digit required? Then find yourself a song where you could squeeze in a digit (YaDa1thatIwantOoohOoohOooh!).
Now every time you have to type in your password, you’re using a strong and secure password… Your mood always gets lifted up a tiny little bit because you’re singing your happy song mentally again
Oh… and adding TOTP if possible will make everything a huge factor stronger (but obviously you can’t use Bitwarden’s TOTP to log into BW - that’s partially why I’m not using the BW internal TOTP here)