"The implied attack assumes that MFA is not used or has been bypassed. If you can get access to download the encrypted database, like what happens with most password databases that are stolen, you don’t need to deal with MFA (or those pesky password lockouts) when making attempts thereafter."
Passwords that felt secure a year ago might not hold up in 2025. Hive Systems’ updated Password Table reveals just how much faster hackers can break into accounts today.
I gave up using passwords I can remember some time ago - they were too simple. I use long, complex passwords and write them down. No problemo. No one has broken into my house yet.
The easiest way for a "hacker" to get into your system is the most direct, and that is through malicious javascript run on your browser. This works quite well for many purposes...
I think the compromise of having a local password manager program, such as KeePassXC works well. It generates pseudorandom strings of characters of a length you can specify and yet keeps the password file local so that it's less likely to fall into the wrong hands.
tomgrzybow
in reply to Khurram Wadee • • •tomgrzybow
in reply to Khurram Wadee • • •Khurram Wadee
in reply to Khurram Wadee • • •tomgrzybow
in reply to Khurram Wadee • • •