I can’t really endorse any one over the others. We use LastPass at my workplace, but they were compromised recently. I didn’t use the service though, still reset my passwords just in case.

I would look for a manager that has a policy of transparency. Breaches happen, they are a fact of life. Both the systems being used, and the people using them are not infallible. I would be more comfortable with a service that notified me immediately when they were breached, and provided easy resolution. When LastPass was breached, they were extremely open about it, and notified their users. Plus, if you use a PW manager, it’s pretty easy to go back in all your services and update the passwords, since you have a list of them and a random PW generator easily accessible. It probably took most people less than an hour to recover.

Not bad, but I could see that creating passwords that are too long for some systems, and it would be vulnerable to dictionary attacks. Also, what would you do when the site requires a password reset?

Maybe do your strat, but only do every other, or every 3rd letter as a short word, and use a Caesar cipher, incrementing the cipher once each time you have to reset? Sounds kinda fun, but I don’t think most sane people would do that… Open to ideas though.

Until the password manager gets compromised, or you lose access to your PW manager. In that case, you’ll really wish you had implemented “Zone 3” of my plan.

For absolutely best security, you would change your password to a new, extremely long, randomly generated character string every time you logged in. What the best security options are, and what users are willing/able to put up with has a very small, if any overlap.

As for writing them down, my advice is to obfuscate them. Apply your own secret code to the password, hide it in a poem, get creative. Once an attacker is at your desk, they pretty much own your shit. At that level, the only thing your password is providing is privacy, not security.

As long as your phone is secure, and the manager only stores data locally, I’d say yes. I would still encourage you to have any “reset capable” accounts secured with a strong password and 2FA that is not in your PW manager.

As with all things IT, there is a tradeoff between comfort/usability and security.

Shitty sites that store PWs in plain text, or they get compromised and the password is figured out from the hash. Probably the most common way right now is phishing, and with AI/LLM it’s pretty easy to do spearphishing attacks on a large scale. The target enters their password on a seemingly legit site, but it’s actually an attacker’s site that logs the PW. There are lots of ways to get a password, and password-only authentication is considered pretty weak, even with a “strong” password.

IT, more specifically user support.

Let’s talk passwords. You should have a different password for every site and service, over 16 character long, without any words, or common misspellings, using capital, lowercase, number and special characters throughout. MyPassword1! is terrible. Q#$bnks)lPoVzz7e? is better. Good luck remembering them all, also change them all every 30 days, so here are my secrets.

1: write your password down somewhere, and obfuscate it. If an attacker has physical access to your desk, your password probably isn’t going to help much. 2: We honestly don’t expect you to follow those passwords rules. I suggest breaking your passwords down into 3 security zones. First zone, bullshit accounts. Go ahead and share this one. Use it for everything that does not have access to your money or PII (Personally Identifiable Information). Second zone, secure accounts, use this password for your money and PII accounts, only use it on trusted sites.Third, reset accounts. Any account that can reset and unlock your other accounts should have a very strong and unique password, and 2FA.

Big industry secret, your passwords can get scraped pretty easily today, 2FA is the barest level of actual security you can get. Set it up. I know it’s a pain, but it’s really all we’ve got right now.

In the US, you own the airspace up to the highest point of your property, including structures (and maybe trees). You also technically own your underground property to the center of the earth, but you may not have mineral rights to it.

Some newer (in the last 10 years) smoke detectors use an infrared sensor to detect fire as well as smoke, and it may be going haywire off a reflection of the sun, or intense heating of a spot within its detection area.

If you can, borrow a FLIR or infrared camera and check the area when the detector goes off.

If you post your model of smoke detector, it would be easier to tell if it has this feature.

Simple, if any religion was true and objectively based in reality, why the fuck do they need missionaries to spread it?

If any religion was true, it would have measurable, verifiable, and predictable traits that would be discovered in isolated societies. If all of mankind’s knowledge was erased, we would eventually rebuild our understandings of physics, biology, chemistry and mathematics as they are today. If all knowledge of religions were erased, we would never get the same religions back.

It’s really a shitty coping mechanism.

Objective reality doesn’t matter to you if you close your eyes, cover your ears and insist on living in a fantasy world.

Let’s put it this way, if I went around basing my entire understanding of reality on Greek gods, people would rightly think I was fucking nuts.

Do it with the bible though…

You’re only seeing the most outrageous edge cases. It’s a weird kind of survivorship bias.

Prom was kinda like graduation to me. It’s a school event, I mostly went because it was important to someone else, and it’s a very common and relatable event in American life. All in, it was a waste of 50 bucks and a few good hours of gaming/relaxing with my GF.

IT

Scripting menial tasks isn’t that hard. You can learn basic shit pretty easy. It’s a nice little dopamine hit when you get even something small that works. Make your computer work for you, not against you.

Also, Excel. If you have to use Excel at all in your job, learn the basics of formulas, formatting, and tables. It will take you maybe a day, and your excel shit will look 100x nicer, and work 100x better than whatever the fuck you are doing now.

Worth pointing out that credit scores are completely detached from the government. They are entirely private industry, that is collecting and selling your financial info without your consent or opt in. If you were born before 2004, then they have also accidentally leaked literally all your personal info to the dark web, with literally 0 consequences.

CYA at this point. Email the relevant info to your boss, bcc a non-company personal email, or print out and store a copy of the email for reference. When shit goes tits up, it probably won’t save your job (big IT event like that usually kills a family business), but it will save you from getting sued or smeared for the catastrophe.

Everybody in the line is part of the problem. If you aren’t passing, move right. You should be checking every 30 seconds or so. Am I passing or going to pass someone in the next minute? No? Move right. Only times I’d consider an exception is if there was an on-ramp lane merging down, or an exit ramp coming up, or if you need the left lane for a turn (and you better have your fucking signal on)

If you get passed on the right, and there is no room to your left, you’ve created a dangerous situation and you need to move fucking right ASAP.

I think we need a car that “weeds out” all the shitty tech that has been integrated and comes “standard” now.

Let’s take my partner’s 2021 Honda Civic for example.

Lane Keep Assist (LKAS) - it’s garbage. The car does not recognize construction zones, and it will actively fight you if you are in those zones, or if you have to make an emergency lane change without signaling, like if a deer, or child runs in front of your car. We turned this feature off.

Collision Mitigation Braking System (CMBS) - This system legit tries to wreck the car. We’ve had it flag and even slam the brakes dozens of times in non-emergency scenarios. It was so bad we took it back to the dealer to have the software updated (which changed nothing) and considered returning the car. The system has to be manually disabled every time we drive the car, we cannot permanently disable it. Slamming your brakes at highway speeds when someone makes a close merge is a real good way to wreck your car and the 6 or so behind you. The risk of causing 12+ accidents to avoid or mitigate 0 is not worthwhile, and it needs to go.

Adaptive Cruise Control - A great way to make idiots fall asleep, and causes left lane lollygagging. I tried using adaptive cruise control for a few long trips, and what I noticed is that there are long lines of cars driving 4 under where they are all using ACC. When the car automatically adjusts it’s speed, you lose feedback on the speed you are actually going, because you never get into that “decision zone” behind a car where you either slow down, or pass the other car. It also makes people feel more confident to let the car drive, so they’ll fuck around on their phones. Get rid of it, you’ll get where you’re going faster and safer if you do.

Auto Dimming Headlights - Turns on by accident all the time, and very hard to turn off. Works ~50% of the time. Could be good, but really sucks right now.

Here are some features that rock, and should stay in.

Keyless entry

Remote start and push button start

Apple / Android phone integration

Brake hold

Backup camera

Thanks for attending my rant.

Nuh uh, it was a body double clone that he operated remotely, and JFK accidentally hit the contingency plan button, detonating a small explosive charge in the skull.