Well, no, not really. If I forget a password I’ve only lost access to the one site, and it’s recoverable. Just an partial failure. Not going to lose everything unless I literally die in which case I don’t care about anything anymore. And no one is going to breach my brain short of tying me to a chair, and that’s not really my threat model.

Not recommended. People can and do crib the kinds of things you’re likely to have around you. It can narrow the field of guesses more than you’d think.

Well, no one else comments in these threads, might as well.

I guess what I mean is, it’s a single point of failure. Usually an extremely strong one, granted.

Basically what diceware does. It’s just that humans are really bad at picking random words (“banana” is over represented, for instance) that’s what diceware helps with.

Diceware is a method of generating random memorable passwords.

Password managers are OK but I have hesitations on them personally. I’m leery of putting all my most high-value stuff in one place behind one password. What I do instead is memorize a truly unreasonable amount of passwords, though, which I recognize is not a reasonable expectation for others. For threat models in which you’re not worried about in-person attacks, it may actually be a good idea to just write your passwords down, maybe keep your password book in something with a lock on it. I’m not advocating for any particular method, just putting it out there so people can make an informed decision.

This is what you get for making me admin, I’ve gone mad with power, muhahahahaha!

crimes o-o

Hey, if that’s what’s fun for your group, fuckit, why not?

It’s darn near negligible now, but any company that leaves that $.01 on the table will eventually get eaten alive by a company that didn’t.

Words describe the world, they do not determine it.

Oh no, you weren’t supposed to take me seriously

Wait till you hear about necromancy

See what you do is, you put the peasants in a circle and have them pass a magnet to eachother. Put a coil of wire in the middle and you’ve got infinite free energy!

Turns out Gamma Ray Bursts are just distant peasant railguns

Somewhat pedantical quibble, really just because I find it interesting: It’s not exactly limited by barrel length. We can make faster burning, higher powered propellants, which you can get the full energy out of with a shorter barrel. The reason we don’t is because that means you have a higher pressure inside the chamber and, even if your gun doesn’t explode, you face more erosion from use. Your metallurgy ends up being the limiting factor, as it’s all about how strong you can make your chamber. I just think it’s cool because guns are a great example of how inter-related technologies are and how everything depends on everything else. Take a design for a machinegun back to the Napoleonic era and it will be worthless because without smokeless powder it will jam and clog after a couple rounds. Take back a formula for smokeless powder and it will be worthless because you don’t know how to make brass cartridges. Try to make brass cartridges and you’ll find you lack the precision tooling, and so on.

Every email client I can think of off the top of my head blocks images by default. And I don’t see how that relates to your criticism of the whole idea of anti-phishing training

Clicking the link hypothetically confirms to the spammer that yours is a valid and monitored email address, and that you’re a sucker suitable for more targeted phishing.

Of course, it seems like every random user will also happily type their password into any text box that asks for it, too.

One time I failed a phishing test because I did a message trace and confirmed that it originated from our own internal servers.

Not necessarily!