When those changes do occur, they often select a secret that is similar to their old memorized secret by applying a set of common transformations such as increasing a number in the password.
Well, there’s the problem. Why are people using memorized passwords? And why are they picking passwords that could be easily guessed?
Literally, the only password that one should memorize is for their password manager that has strong 2FA enabled.
This recommendation seems to cater to users who already have poor security habits, rather than offering best practices. That’s my opinion, anyway.
Well, there’s the problem. Why are people using memorized passwords? And why are they picking passwords that could be easily guessed?
Literally, the only password that one should memorize is for their password manager that has strong 2FA enabled.
This recommendation seems to cater to users who already have poor security habits, rather than offering best practices. That’s my opinion, anyway.
edit: spelling