Doesn’t make the least bit of sense to me either?

Yes, there are still potentially issues. I’ll come back to what I said at the start: passwords are a bad system in general, all methods for handling them are flawed, but password managers have the fewest flaws.

Well that I can actually mostly agree on, IDK how we got into a disagreement on that in principle? For me personally though, I trust myself more, than a software manager. I’m pretty sure my passwords are strong enough, even if a software manager can make even stronger passwords.

That’s true. But how does a randomized password generated by a password manager work when the service is accessed from 3 platforms? Like for instance Windows, Linux and Android?
Seems to me that you need 3 different pieces of software, and just 1 getting compromised would compromise everything.

True, my argument is that in practice it doesn’t matter. How many passwords of REASONABLE strength are brute forced? Opposed to how many are lifted from services with lacking security?

he human brain isn’t capable of keeping track of enough entropy to create a secure password system.

What an idiotic argument, the level of entropy comes from the rules first and foremost, putting a 1 and an A together is the exact same entropy as using 2 and B. Randomizing it one way instead of another doesn’t change entropy much.

More generally, it’s a big red flag when anybody thinks they can make a better system than publicly available and verified systems.

You completely fail to understand the argument. I’m not arguing my passwords are stronger, I’m arguing they are SAFER! because they are not stored on any system, much less 3 different systems, one of which could theoretically have a vulnerability.

Nope, it only helps to not increase it further.

What? What kind of system do you think I have? The only vulnerability is if they can hack my brain.

Your own system is probably worse than what password managers do.

How so? If you use a password manager across 3 platforms, that makes for 3 attack vectors.
My personal system has guaranteed no vulnerabilities. So how do you conclude my system is worse?

Goddammit that’s too funny.
Kim Jong un-bans hotdogs. 😜

Based on what? That you don’t know it?
https://www.rfa.org/english/

I don’t see anything particularly wrong with it on the surface.

https://en.wikipedia.org/wiki/Radio_Free_Asia

The service, which provides editorially independent reporting,[6][7][8][9][10][11] has the stated mission of providing accurate and uncensored reporting to countries in Asia that have poor media environments and limited protections for speech and press freedom.

6 references to the Independent reporting part! Seems pretty OK to me.

Just try yourself, the claim is obviously false.

https://www.bing.com/search?pc=MOZI&q=bullshit
https://www.google.com/search?q=bullshit

The results here are nothing alike.
Her I have the first result on Google being “Prime video”, which does not occur on the first page of Bing.
On Bing the first result is Wikipedia English, where Google has Wikipedia Danish as 2nd result, and the English not occuring on first page.

Misleading users is definitely harmful. Since this is obviously done on purpose, I’d say it’s malicious.

The point of having a high entropy password is to protect against hackers brute forcing a leaked database of hashes.

Seems a bit stupid if a database of passwords or other sensitive information can be brute forced.

just use a password manager

I will never do that, I have a system instead. I never understood why people would want to use a password manager. To me it seems it ads an attack vector, where you could lose EVERYTHING!

Something that can possibly be deduced knowing personal information, like a birth date.

It’s actually nice they have underscore. 😀
Yes because if you choose 8 characters at random, with 25 small + 25 big letters and 10 numeric, it* only 60^8 = 167,961,600,000,000 combinations.
I think the problem is more if the system allows brute force with thousands of erroneous attempts.
Then statistically any hacker can attempt several accounts, and ultimately get lucky. But by all means, put the responsibility to the user, users are the experts right!?
I never got the frantic excessive entropy mindset, when the problem is much simpler to not allow crackers endless attempts. You can allow 50 attempts, and chances would be very slim to guess even pretty moronic passwords.

What’s even worse is when they REQUIRE big and small and numbers to maximize entropy, they actually make statistically FEWER attempts necessary to brute force it.
A standard Microsoft introduced in the 90’s, and FUCKING almost everybody is using, despite it’s a 100% moronic requirement.
Instead just warn against passwords that can be guessed by logic, or can be found in a dictionary.

The aspect ratio of the two sides is the square root of 2 since you otherwise couldn’t divide it again and again and get sizes with the same aspect ratio.

Thanks, that’s very interesting. I always thought that was a common thing, but very clever. 👍 😎

I’ve had Google Maps added as a search option for years. Because I use Qwant for search, and the maps functionality in Qwant sucks.

Thanks, it must be amazing for Americans to have a president who won’t sign a standard ethics agreement.

Ah, corruption to facilitate more corruption.
That sounds like a Trump thing.