Best way to make an uncrackable passphrase, using What3words

dogmaryxx

Checked my easy to remember password as you suggested.
 Result 
Time to crack your password:

32 trillion years

Review: Fantastic, using that password makes you as secure as Fort Knox.

 :Will stick with it as I'll be long gone by then.:

John_Gray

How long would it take to crack your password?

I cracked it immediately simply by looking at your post, where you have written it down...

SteveJW

I usually look around at letters, leaflets etc etc and pick three random words translate a couple of words to a foreign language in Google translate, say Thai and then use the pronunciation words add a couple of numbers and special characters

victor2

SteveJW said:

I usually look around at letters, leaflets etc etc and pick three random words translate a couple of words to a foreign language in Google translate, say Thai and then use the pronunciation words add a couple of numbers and special characters

Why not just let a password manager generate passwords for you?

double_dutchy

I'm always a bit sceptical about password security.

Most of the fraud I read about involves either scammers phoning you up and persuading you to move your own money, or it's card fraud where somebody has copied or cloned your credit/debit card and/or somehow got your card details by other means.

Neither of these involve breaking any passwords AFAIK

Is there any information available about how many people lose money due to their password being compromised versus those other methods I've listed above?

PHK

You are confusing fraud with security.

Someone who has your password(s) can take over part or all of your digital identity. 

From the trivial things such as using your Netflix account, through more serious things like buying things on your Amazon account to setting up accounts in your name to do illegal things that end up with the police knocking at your door.

More prosaically, do you want your information sold on the dark web? Strangers reading your emails? Contacting all your contacts with phishing that looks like it's coming from you?

That's just some of the things that can happen with weak password security.

SteveJW

Why not just let a password manager generate passwords for you?

Some websites will not let me copy and paste passwords

I like many people struggle to remember a string of random numbers, letters and characters

I can remember three words even if in a foreign language or phonetic, combined with a year and a couple of special characters

poppellerant

IvanOpinion said:

victor2 said:

SteveJW said:

I usually look around at letters, leaflets etc etc and pick three random words translate a couple of words to a foreign language in Google translate, say Thai and then use the pronunciation words add a couple of numbers and special characters

Why not just let a password manager generate passwords for you?

While I use one, I no longer include high security passwords in it (e.g. bank account, trading accounts etc.) - I have become more wary since a couple of recent high profile hacks, and discussions with real security experts.

There is an argument that if someone uses a password manager then you only need to hack a single password to gain access to all passwords. On the other hand there are much simpler ways to gain access.

If you're that weary, surely you could download a password generator from somewhere and generate your passwords offline?

I use online passwords to generate my Wi-Fi keys of 30+ characters.  I must admit this can make entering the key for the first time interesting.

outtatune

IvanOpinion said:

victor2 said:

SteveJW said:

I usually look around at letters, leaflets etc etc and pick three random words translate a couple of words to a foreign language in Google translate, say Thai and then use the pronunciation words add a couple of numbers and special characters

Why not just let a password manager generate passwords for you?

While I use one, I no longer include high security passwords in it (e.g. bank account, trading accounts etc.) - I have become more wary since a couple of recent high profile hacks, and discussions with real security experts.

There is an argument that if someone uses a password manager then you only need to hack a single password to gain access to all passwords. On the other hand there are much simpler ways to gain access.

Use an offline password manager that runs on your computer instead of a cloud based one. Keepass for example.

double_dutchy

PHK said:

...do you want your information sold on the dark web? Strangers reading your emails? Contacting all your contacts with phishing that looks like it's coming from you?

That's just some of the things that can happen with weak password security.

Hello thanks for replying.

No I don't want those things happening....but my point was about the relative chances of my passwords being broken against fraudulent access to my cards/accounts facilitated by other means. I haven't seen anything to convince me that the risk of the former is anything other than miniscule.

I have read that some people suffer serious injury getting out of bed in the morning, but I don't personally take any steps to mitigate such risks because I believe the odds of it happening to me are vanishingly small.