Also known as adding pepper to the password, write down your pepper somewhere so you don't forget, and make sure it too is randomly generated for maximum security - - additionally use MFA/2FA where you can, always
@@YinYangTarotByJay 2 factor, or multi-factor authorisation. It's where you require another factor than just something you know (ie a password), such as something you have (e.g. a time based code on a physical device) The most common 2FA set up is a password and a either a one time code sent via text or email, or a time-based code generated by an app on a mobile device. But there's plenty more, such as physical security keys like yubikey.
Basically have multiple a failsafe. Maybe a physical notebook. A password manager. Maybe an encoder/decoder for the combination of these two above. Listen, no locks are ever enough. What you are trading is your convenience for your security. You have 10 points, how you distribute them between convenience and security is up to you.
That is a neat method I think this would be better if the extension to the password included other characters or stuff. (like a mini password). Or that you have a select few to choose from, instead of 1. Either way, your method still makes the password longer, which makes it harder to crack. (which is good)
Thanks bro, I agree, it can be as long and complex as you want, just a balance between convenience and security especially if you need to remember multiple!
@@Sam10X what if you had to remember just one but instead of being the last part of every password its an encryption code for the last 4, 6, 8 characters. you just remember "c4g8", c being the 3rd letter of the alphabet you add 3 to the corresponding number or letter, so a 3 becomes a 6 and a D becomes a G and etc. hows that sound?
I think that sounds great, you’re transforming the characters in a consistent way! Only difficulty is it’s less convenient to use and you have to know/see what you’re changing from each time 🤔
Good point. I think firstly you should have 2FA. Then more than one password needs to be leaked for someone to come to that conclusion because there’s no way to tell what part of the password your horcrux is i.e. how long, or location as it doesn’t have to be at the end or your password. And if your password manager itself is compromised you should probably change all your passwords anyway, so this gives you another layer of defence!
That's actually a really good way of fixing security flaws with password managers that sync to all devices. it's such a hassle to use offline secure password managers that don't sync between devices, but it's so much safer too
I’m not sure if I understand your question… the password manager shouldn’t be constantly asking you to update 🤔 and the password manager shown is Bitwarden
@@Sam10X Yes I use bitwarden, example my password abcdefg written in bitwarden, then I log in, then I add my salting such as 1234, after log in success, bitwarden always ask, do you want to update the password. So Im looking password manager that support salting or how to turn off the bitwarden ask to update password.
Basically, you need to create your own password. It doesn't matter if you use a password generator or a manager. *There is a saying in the CIA, never store your passwords digitally and always change them monthly/weekly if it's weak and never change them at all if it's extremely strong* as you'll end up with a weaker password after changing it. Note that, you need to have an extremely strong password to not change it for years. *Generally, it's recommended that you change your most socially active accounts password after an year... basically the accounts which you use on websites or social media.* Extremely long or extremely short passwords are easier to hack considering you'll get more accurate hits, *so keep it balanced and less predictable to both humans who know you socially and computers which are good with algos, logic etc.* So never use numbers from your phone no, people you follow on social media, your favourite stars etc in your password. *Never enter your personal info, phone number, email, Google photos linked email etc anywhere.* *Btw, using your pendrive in a local printer shop is the best way to get a shit ton of malware...* that's where typical foreign Intelligence or hacker guys go for spreading/infecting. Cheers! 🥂
They could also just have your whole password otherwise? Haha and yes, they could keep guessing as they could have anyway, but they don’t know what they don’t know and it makes it all harder for them
This could link you to accounts in data breaches. Even though you’re not using the same password which is how this is usually done. If you change your name, email address, physical address. Using data analytics in theory run it through a keyword search and deduce this is the same person. This is how they catch criminals…
Perfect is the enemy of good, there is no such thing as 100% security, but improvements are worth making to protect yourself and mean that your account won't be the low hanging fruit
Agree with both these points, this is probably more a quick win rather than solving for everything in the grander scheme of things. Great to highlight this though 👌
@@Sam10X no one or group can decrypt military / bank AES - 256 encryption LoL. Trusted password managers have multiple layers. It would take a quantum super computer to break the encryption lol and would take many many many many many lifetimes.
Yeah that’s interesting, I agree 🤔 I think this is less about directly cracking the password itself, and more about hackers getting access to the stored passwords through other means
huh? sure if they get just the encrypted database itll be gibberish, but not if they actually enter in with the master key or whatever the actual user of it has
The idea is to just use the one, otherwise you end up basically having unique passwords to remember again - I’ve made another video that goes into more detail 👌
Whoa mannn.. something so simple yet so smart
Genius stuff
Get onto it man! 👌
totally agreed !
Also known as adding pepper to the password, write down your pepper somewhere so you don't forget, and make sure it too is randomly generated for maximum security - - additionally use MFA/2FA where you can, always
If you know, you know 😉
What’s 2FA And MFA?!
@@YinYangTarotByJay 2 factor, or multi-factor authorisation. It's where you require another factor than just something you know (ie a password), such as something you have (e.g. a time based code on a physical device)
The most common 2FA set up is a password and a either a one time code sent via text or email, or a time-based code generated by an app on a mobile device. But there's plenty more, such as physical security keys like yubikey.
Including cheese macaroni too.
U mean salt
perfect sync!!! THANK YOU
You know it 😉
Its useful unless you are using autofill 😂😂
Use what works…😂👌
Thats a great idea, thanks for sharing!
Glad to hear it Marcos 🙏
Bro write them down on a piece of paper
*Never watched HP. But this method is brillant!*
Love it! ⚡️
Useful...tanks allot
Great to hear 👌
Great idea! Thanks!
You're welcome 🙌
Basically have multiple a failsafe.
Maybe a physical notebook.
A password manager.
Maybe an encoder/decoder for the combination of these two above.
Listen, no locks are ever enough. What you are trading is your convenience for your security.
You have 10 points, how you distribute them between convenience and security is up to you.
So true, great points! 🙌
simple and sweet. Thanks
🙌
That’s clever!
Glad you think so 🤓
Thats genius
🤓
Haha because otherwise...haha! Love this method, makes so much sense!
Right?! Game changing stuff Ash!!
Great advice
👌
Mind blown!
Informative, useful, Harry Potter reference! Brilliant!!
🤯 Love it!
That is a neat method
I think this would be better if the extension to the password included other characters or stuff. (like a mini password). Or that you have a select few to choose from, instead of 1.
Either way, your method still makes the password longer, which makes it harder to crack. (which is good)
Thanks bro, I agree, it can be as long and complex as you want, just a balance between convenience and security especially if you need to remember multiple!
@@Sam10X what if you had to remember just one but instead of being the last part of every password its an encryption code for the last 4, 6, 8 characters. you just remember "c4g8", c being the 3rd letter of the alphabet you add 3 to the corresponding number or letter, so a 3 becomes a 6 and a D becomes a G and etc. hows that sound?
I think that sounds great, you’re transforming the characters in a consistent way! Only difficulty is it’s less convenient to use and you have to know/see what you’re changing from each time 🤔
Nice idea friend thanks
Game changer 👌
this is genius, thanks
🙌
Smart!! Just subscribed
Love it! ❤️
EXCELLENT! Great idea!
Haha yes! ✌️
Thank you for the great idea! Looks like we need to use a local "form-filler" to automate the secret "keyword" part!
If you find it secure! 👌
Nice trick man thanks
🪄
wow very genius although simple
The best kind!
what if it gets leaked somewhere and now they know all your other horcruxes
Good point. I think firstly you should have 2FA. Then more than one password needs to be leaked for someone to come to that conclusion because there’s no way to tell what part of the password your horcrux is i.e. how long, or location as it doesn’t have to be at the end or your password. And if your password manager itself is compromised you should probably change all your passwords anyway, so this gives you another layer of defence!
Listen Harry Potter was never perfect 😂
Thankyou very much, this is a great idea ❤😂😂
You’re most welcome 👌
I like this ALOT
🙌
defeats the whole purpose of having a pm.
Omg, thats a great idea
🙌
this works for sure but if they break main frame server that store your passwords this no use
Every bit helps…!
@@Sam10X true
Actually it's very smart of you
🤓
thts a big brain move
You know it 😉
Bitwarden is end to end encrypted
Just a little something extra for peace of mind 😉
Where is the link to the full video?
ruclips.net/video/GcUqb7oB8vg/видео.html
That's actually a really good way of fixing security flaws with password managers that sync to all devices. it's such a hassle to use offline secure password managers that don't sync between devices, but it's so much safer too
Absolutely, helps us stay in control 🙌
This is upp my ally.
Love it 🙌
Great :)
👌
just use keepass...
Different strokes for different folks 👍
Your right I use KeePass with a hardware two factor authentication and I have three copies of them in three different locations.
How to stop password manager always asking to update your password? What do you used password mgr mostly?
I’m not sure if I understand your question… the password manager shouldn’t be constantly asking you to update 🤔 and the password manager shown is Bitwarden
@@Sam10X Yes I use bitwarden, example my password abcdefg written in bitwarden, then I log in, then I add my salting such as 1234, after log in success, bitwarden always ask, do you want to update the password. So Im looking password manager that support salting or how to turn off the bitwarden ask to update password.
Ah yes, just go to settings > options, and uncheck “ask to update existing login”, see if that helps 👍
Nice
Just got hacked and somehow saved my Facebook and Instagram account.
I wish i could have found this video sooner
Did your password manager get hacked?
@@ItzDelano I am pretty sure hacker somehow hacked my Google Chrome passwordmanager
Never going to use it again it is bad
That’s very unfortunate to hear…better late than never to improve security! 👌
Basically, you need to create your own password. It doesn't matter if you use a password generator or a manager.
*There is a saying in the CIA, never store your passwords digitally and always change them monthly/weekly if it's weak and never change them at all if it's extremely strong* as you'll end up with a weaker password after changing it. Note that, you need to have an extremely strong password to not change it for years. *Generally, it's recommended that you change your most socially active accounts password after an year... basically the accounts which you use on websites or social media.*
Extremely long or extremely short passwords are easier to hack considering you'll get more accurate hits, *so keep it balanced and less predictable to both humans who know you socially and computers which are good with algos, logic etc.* So never use numbers from your phone no, people you follow on social media, your favourite stars etc in your password.
*Never enter your personal info, phone number, email, Google photos linked email etc anywhere.*
*Btw, using your pendrive in a local printer shop is the best way to get a shit ton of malware...* that's where typical foreign Intelligence or hacker guys go for spreading/infecting.
Cheers! 🥂
Great things to keep in mind! Usually need to balance with convenience unless it’s super sensitive. Thanks for sharing 🙏
But they still have most of your password, so they can start with that and then run software to guess the rest?
They could also just have your whole password otherwise? Haha and yes, they could keep guessing as they could have anyway, but they don’t know what they don’t know and it makes it all harder for them
the worst 'gotcha' to ever be thought
Salty
🧂
They will just brute force the one word on the end , that's why you use 2fa with the password manager and on the site
Yes, need that 2FA!
No one can brute force the all mighty 6969
@@darklight6030 your right it's just not possible
How would they brute force the one missing word if they think they have the complete password 🤔
@@R26Roman my point is brute forcing an extra word or 4-6 characters isnt going to make much difference.
Except password managers have zero knowledge and are encrypted
Just a little bit more peace of mind…
This could link you to accounts in data breaches. Even though you’re not using the same password which is how this is usually done. If you change your name, email address, physical address. Using data analytics in theory run it through a keyword search and deduce this is the same person. This is how they catch criminals…
Perfect is the enemy of good, there is no such thing as 100% security, but improvements are worth making to protect yourself and mean that your account won't be the low hanging fruit
Agree with both these points, this is probably more a quick win rather than solving for everything in the grander scheme of things. Great to highlight this though 👌
This is just password salting and you just renamed it horcrux being a Harry Potter fanboy.
🧙♂️🪄
Lmfao. Stop misinforming people. If a hacker gets into a password manager, they get nothing but encrypted gibberish. Emails maybe.
Fake news? 😂 it’s an extra layer of security and peace of mind regardless, and who knows if they can get it decrypted…
@@Sam10X no one or group can decrypt military / bank AES - 256 encryption LoL. Trusted password managers have multiple layers. It would take a quantum super computer to break the encryption lol and would take many many many many many lifetimes.
@@Sam10X also, 256 AES level encryption has never in history been cracked.
Yeah that’s interesting, I agree 🤔 I think this is less about directly cracking the password itself, and more about hackers getting access to the stored passwords through other means
huh? sure if they get just the encrypted database itll be gibberish, but not if they actually enter in with the master key or whatever the actual user of it has
I was about to dislike this, but I watched and actually seems like a good idea.
Glad you stayed for a few extra seconds 🙌
Love from india
💀💀💀💀💀💀💀🤣🤣🤣🤣🤣
😈
😂😂 its for the rich people
😂
Misinformation. Reported
This is useless, most sure limit your max character count🤦
Unfortunately not too great for the character limited ones 🙁
wtf
😂
I was thinking wtf….. why didn’t I think of this!!!
Too bad I don’t understand. Talks too fast.
They need to add a half speed option...
Great
👌
NIce trick. Do u use one horcrux for all websites? Or you memorize a horcrux for every website (too much horcrux to memorize lol)
The idea is to just use the one, otherwise you end up basically having unique passwords to remember again - I’ve made another video that goes into more detail 👌
Genius stuff lol
Big brain moves 🤓