A PasswordCard is a credit card-sized card you keep in your wallet, which lets you pick very secure passwords for all your websites, without having to remember them! You just keep them with you, and even if your wallet does get stolen, the thief will still not know your actual passwords.

A very cute idea, well implemented.

Your PasswordCard has a unique grid of random letters and digits on it. The rows have different colors, and the columns different symbols. All you do is remember a combination of a symbol and a color, and then read the letters and digits from there. It couldn’t be simpler!

A chain is only as strong as its weakest link. It’s far safer to pick secure passwords and write them down, than it is to remember simple and easy to guess passwords. You already protect your wallet very well, and even if it does get stolen the thief will still not know which of the many thousands of possibilities on the card is your password.

  • TaviRider@reddthat.com
    link
    fedilink
    arrow-up
    16
    ·
    1 year ago

    This is a terrible idea. It’s negligibly better than writing down the passwords, because it’s trivially easy to try every password represented on this card. Once someone has the card, your entropy is just two characters, which is the two characters you memorize for the site. In effect, you have a 2 character password.

    • jet@hackertalks.comOP
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      https://github.com/LordDarkHelmet/PasswordCardWordListGenerator

      I see what you’re saying. But it’s just a tool. You can use the card for any mapping pattern you like. This GitHub link has a nice animated image, I’ve tried to include it here in line, that shows different options you could use. Giving you more than just a two character password of entropy

      • tpyo@lemmy.world
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        It’s an interesting idea. I’m not here really to give my input either way, but I just wanted to note on my client, the animation is a static image and when tap on it I get this message:

        It’s not an issue, but it ends up opening the in-app browser and from there plays as a video

        Also, the app has some info it includes when trying to open files, not sure if it’s useful:

        It’s not a big deal at all and if you don’t care I apologize for wasting your time. But people here seem to like puzzling out little issues on the fediverse.

        Thanks again for the original post, though! It’s a fun approach