I recently stumbled upon this sweet password trick from Password Bits, and I’m geeking out over the sheer genius of it: salting passwords.
Some people don’t trust password managers (which is totally fine). Maybe you don’t like them if they aren’t open source, or you’re uncomfortable with the fact that a password manager is putting “all your eggs in one basket.”
What if you could have your cake and eat it too? You can use any password manager you want by manually salting your passwords. A “salt” is any random data you add to an input to make it more unique, and thus more secure.
So when you use your password manager to generate a new password for a website, copy and paste it into the website form. Then, add a word at the end or beginning to salt it. This can be any word you want, like “bacon.”
But don’t add the salt to the password in the manager, just type it manually when you sign into a website. That way, even if the password manager gets hacked, and your passwords leak, they will still be safe because the hacker won’t know to add the extra word.
[How to Use macOS Keychain Access to Beef up iCloud Keychain]
2 thoughts on “Try Salting Passwords if You Don’t Trust Password Managers”
Other potential problem is that such “salt” could be cracked with brute force, giving access to all passwords inside the Password Manager. Oops!
Absolute genius. Thanks! The only problem is if you forget your “salt”, of course.