#PSA: The latest release of #pass 1.7.2 fixed a fairly major security hole: In prior versions, if an attacker could write to your ~/.password-store directory, they could exploit a bug in pass' regex to add a new GPG key, potentially granting access to the passwords.
Though rare, it's worth updating ASAP.
I'd rather type it as st?UY?ld?ST?le?DT?507 because there's less chance of making a typo.
Well, your dictionary is probably bigger than 256 words, so maybe some more variation in case and special chars would be needed to compensate, but still, I prefer using a word as a mnemonic for 1-3 characters rather than typing the whole word.
@Wolf480pl @firstname.lastname@example.org Yes, the current pass-gen default dictionary is bigger than 256 words—it's 8,429 :D
So (since the search space grows exponentially) to get the same/better security you'd need 10 words. Would `st?UY?ld?ST?le?DT?ay?PO?tg?LD?507` still be easier to type?
Maybe it would, but I'd think it'd be harder to say and up the odds of typos.
Nevertheless, it's worth thinking about how pass-gen could support the use of mnemonics. I'll put some thought into it for a future version
@Wolf480pl @email@example.com Hmm, our muscle memory must work differently! I have a much easier time typing out full words that are part of my normal vocabulary than I do typing out (even short) strings of characters that don't form words.
In any event, you've convinced me to add support for some sort of mnemonic-based system. I'll let you know when I've added it.
Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.