Okay.
See here’s the thing:
You have to remember:
- BIOS password (you’re supposed to set one, right? I mean… so your that sibling/roomate/kids/family doesnt mess around and replace your OS with a malicious OS)
- Full Disk Encryption password and then finally
- The user password
Like that kinds breaks my brain
Do y’all just put those in your password manager… then only have to remember
- Master Password to password vault and
- Phone lockscreen
Is this the “Standard Operating Procedure”?
But if you are paranoid and set a full alphanumeric password/passphrase… then you have to remember two differen passphrases…
Or couldn’t you just simplify it to like just ONE, like:
Can you have the same password for Phone Lockscreen as the Password Vault Master Password?
So that you Only ever need to remember exactly ONE password
Is this a good idea?
My head hurts from this…
Idk how to do this…
I wanna simplify my digital stuff… my stuff is so disorganized…
You should not use lockscreen password as your master password. Chances are, your lockscreen password is much simpler than your master password. Reason why you can get away with it is because your mobile devices usually have some form of well-integrated isolated environment that can throttle brute force attacks. Your password managers probably cache your vault offline, which may be vulnerable to brute force attacks unless it utilises TPM in some way. Same goes for FDE. Online vaults probably have some sort of rate limiting so that isn’t much of an issue.
One thing I strongly recommend is being realistic with your goal. Current scheme seems a bit too paranoid.
Other way around I mean.
Like use a 8 word passphrase (not saying I use 8 words just an example) for the phone lockscreen and the master password.
Everyday unlock is just use the biometrics so I don’t have to type it, and I disable biometrics if I’m in an unsafe environment)
Or maybe this is just paranoia… is it okay to juse use a short pin for lock screen?
I mean I read about cellebrite and all that stuff… they say to use alphanumeric password for lockscreen to make it harder to get into…
That’s fine as long as you’re okay with typing it in every now and then. I would find it tedious to be honest. Past a certain point, additional security is meaningless.
Entirely unrelated, but when did xkcd add all those goofy modes in? I just spent more time playing with those modes than I have on their site in a hot minute
I mean my thought process is:
If both phone lockscreen and master password is the same… (8 word passphrase) and I have to enter lockscreen password every reboot… then I’d never accidentally forget the master password…
What phone are you using?
Edit: I hit enter too quickly.
The reason I ask is some phones can make a pin very secure. For example, Pixels’ security chip will rate-limit how often a new pin can be entered. So a 6 digit pin has one million combinations and after the 139th failed attempt only one pin can be tried within a 24 hour period. This will take 27 years to enter just 10% of the possible combinations.
I have an iPhone that the carrier gave me for free as some sort of promotion thing, and I have a secondary android phone (Motorola) for using some FOSS stuff and sideloading since iPhone doesn’t allow it.
Right now I’m just remembering 2 lockscreens… but maybe I’m just gonna focus on trying to remember the main one then like put the other lockscreen into the password manager.