Where Does Community Stand on "Double Blind" Passwords?

Recently viewed video suggesting for “ultra high sensitivity” sites (Financial, health records) it can be good to implement this technique…start with a very long (20 char) cryptic password generated from BW, but then add an additional word to the end of it BEFORE you save it to the site. You only save the portion BW generated in BW, so technically speaking, it’s not the whole password. You use the same extra word for all sites you set up like this so it’s easy to remember (i.e., beach).

Now, when you go to log on, BW will fill in its portion, and you tack on your portion (the extra word). You’ve set up a “double blind” password (you can’t remember all the BW stuff, and BW doesn’t know your extra word). So now, the password in BW isn’t all there, and therefore if it ever was hacked, and EVEN if someone, somehow, got to your passwords, those with this level of protection STILL wouldn’t work because they wouldn’t know your secret word. I realize that we all feel BW is the most secure option available (hell, I’m a premium subscriber!), but there is still the cloud aspect to it which can still make some nervous. I wouldn’t go so far as to do this on every account - just those that hold all my $ assets, health info., and the like.

I’m not seeing any technical issue this might cause in BW. You’d just have to add your word at the end and then use your 2FA code as usual. If your using a physical key I suppose this is all moot. Any thoughts out there?

1 Like

This has been discussed here

2 Likes