Ask Lemmy
A Fediverse community for open-ended, thought provoking questions
Rules: (interactive)
1) Be nice and; have fun
Doxxing, trolling, sealioning, racism, toxicity and dog-whistling are not welcomed in AskLemmy. Remember what your mother said: if you can't say something nice, don't say anything at all. In addition, the site-wide Lemmy.world terms of service also apply here. Please familiarize yourself with them
2) All posts must end with a '?'
This is sort of like Jeopardy. Please phrase all post titles in the form of a proper question ending with ?
3) No spam
Please do not flood the community with nonsense. Actual suspected spammers will be banned on site. No astroturfing.
4) NSFW is okay, within reason
Just remember to tag posts with either a content warning or a [NSFW] tag. Overtly sexual posts are not allowed, please direct them to either !asklemmyafterdark@lemmy.world or !asklemmynsfw@lemmynsfw.com.
NSFW comments should be restricted to posts tagged [NSFW].
5) This is not a support community.
It is not a place for 'how do I?', type questions.
If you have any questions regarding the site itself or would like to report a community, please direct them to Lemmy.world Support or email info@lemmy.world. For other questions check our partnered communities list, or use the search function.
6) No US Politics.
Please don't post about current US Politics. If you need to do this, try !politicaldiscussion@lemmy.world or !askusa@discuss.online
Reminder: The terms of service apply here too.
Partnered Communities:
Logo design credit goes to: tubbadu
view the rest of the comments
You should not use lockscreen password as your master password. Chances are, your lockscreen password is much simpler than your master password. Reason why you can get away with it is because your mobile devices usually have some form of well-integrated isolated environment that can throttle brute force attacks. Your password managers probably cache your vault offline, which may be vulnerable to brute force attacks unless it utilises TPM in some way. Same goes for FDE. Online vaults probably have some sort of rate limiting so that isn't much of an issue.
One thing I strongly recommend is being realistic with your goal. Current scheme seems a bit too paranoid.
Other way around I mean.
Like use a 8 word passphrase (not saying I use 8 words just an example) for the phone lockscreen and the master password.
Everyday unlock is just use the biometrics so I don't have to type it, and I disable biometrics if I'm in an unsafe environment)
Or maybe this is just paranoia... is it okay to juse use a short pin for lock screen?
I mean I read about cellebrite and all that stuff... they say to use alphanumeric password for lockscreen to make it harder to get into...
That's fine as long as you're okay with typing it in every now and then. I would find it tedious to be honest. Past a certain point, additional security is meaningless.
I mean my thought process is:
If both phone lockscreen and master password is the same... (8 word passphrase) and I have to enter lockscreen password every reboot... then I'd never accidentally forget the master password...
Entirely unrelated, but when did xkcd add all those goofy modes in? I just spent more time playing with those modes than I have on their site in a hot minute
What phone are you using?
Edit: I hit enter too quickly.
The reason I ask is some phones can make a pin very secure. For example, Pixels' security chip will rate-limit how often a new pin can be entered. So a 6 digit pin has one million combinations and after the 139th failed attempt only one pin can be tried within a 24 hour period. This will take 27 years to enter just 10% of the possible combinations.
I have an iPhone that the carrier gave me for free as some sort of promotion thing, and I have a secondary android phone (Motorola) for using some FOSS stuff and sideloading since iPhone doesn't allow it.
Right now I'm just remembering 2 lockscreens... but maybe I'm just gonna focus on trying to remember the main one then like put the other lockscreen into the password manager.