I read Recommendations for Quantum-Safe Passwords

Started by GameChanger, Feb 02, 2026, 06:48 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Topic: I read Recommendations for Quantum-Safe Passwords   Views(Read 91 times)

GameChanger

Length: Use 25 characters or longer.
Complexity: Use a mix of uppercase letters, lowercase letters, numbers, and symbols.
Methodology: Create long passphrases (4+ random words) rather than shorter, complex words.
Avoid Predictability: Do not use dictionary words, common substitutions, or personal information.
Use a Password Manager: Utilize tools that support strong, random generation (e.g. Argon2, AES-256)

What do you think?

MayanHan

Longer yes. We all need to have a password stock-take and increase them for all sites. but especially bank ones
Still figuring it all out

error.404

Its going to be critical. But the risk is the hackers hacking and downloading data now encrypted and then come q-day they can get in it. So fix your passwords my friend. no re-using
// TODO: write better signature

QuietNomad

Definiately password overhauls but for on this site

DQ Eric

git commit -m "fixed everything"

Tracey

Not bad at all. The problem with most money saving advice is it assumes you have the time to do it all.

Not a life changer but it adds up

EntangledOne

Sorted it the same way. Let us know how it turns out

PlanetOftheApes

QuoteSorted it the same way. Let us know how it turns out.

Same here. Ha, fair enough. :)

CosmicRay40

QuoteLonger yes. We all need to have a password stock-take and increase them for all sites. but especially bank ones.

I am always wary when something sounds amazing at first glance. Worth doing even if the saving is small

Myles

That matches what the more reliable sources are saying. It is worth looking at who benefits from a particular framing before accepting it.

I will keep following it

Outlaw

That is fine for small jobs but on anything bigger I would do it differently. The part people always underestimate is the finishing, not the main job.

Take your time with it and it will come out well

EntangledOne

Bit fiddly but that is the right approach. I have done similar and the prep mattered more than the expensive bits.

Post a photo when it is done

DQ Eric

That works if you are disciplined about it, most people are not. Worth a look if you have not already
git commit -m "fixed everything"

Candle

No real argument from me on that. Still think I am right on this. :D
Have you tried turning it off and on again?

Vanessa26

From what I have seen the gap between headlines and reality is still pretty wide. That is my read on it anyway

Cheeky Blake

That tends to work on clean installs but real machines are messier. The fastest fix is often just checking what is running in the background and killing half of it.

Start there and see if it makes a difference

Ria99

Quote
QuoteLonger yes. We all need to have a password stock-take and increase them for all sites. but especially bank ones.
I am always

That is the sensible route. The difference between a good job and a messy one is usually just patience.

Worth doing it properly rather than rushing it

MayanHan

Been reading the same thing from a few different angles. The speed of the news cycle means most things get forgotten before they are properly resolved.

Curious to see how this develops
Still figuring it all out

MayanHan

I would be cautious about taking the early reports at face value on this one. The difference between what is being reported and what is actually happening is often significant.

Curious to see how this develops
Still figuring it all out

Dom9

That resonates with me. Curious what others make of it. :o

Sentinel96

Quantum-safe passwords sound like something you say right before your laptop starts levitating
But jokes aside, the recommendation for 25+ characters actually makes sense when you think about brute force scaling
The funny part is most people still struggle with 8 characters and a pet name, so we have a long road ahead

Ruby_50

I went down this rabbit hole after reading about post-quantum cryptography and honestly it gets overwhelming fast
The advice to use long passphrases instead of complex short passwords is probably the most practical takeaway here
Feels like we are being told to prepare for sci-fi problems using very normal human habits

Maxximus

Not gonna lie, I love how every security article eventually becomes "just make it longer and random"
But in fairness quantum resistance is less about memorization and more about entropy and structure
Still, I doubt most users are ready to type a 30 character password every time they log into email

Owen73

This is one of those topics where experts are probably right but the real world lags behind
Yes, quantum computing could eventually break current encryption assumptions
But most breaches today still come from phishing and reused passwords, not supercomputers

WhatUQuant

People underestimate how much password length already matters more than complexity rules
A 25 character passphrase beats a 10 character chaos string almost every time
The quantum angle just adds urgency, but the core advice is not new at all
git commit -m "fixed everything"

Taker04

I tried switching to long passphrases last year and it actually improved my security and memory retention
Instead of random symbols I just use a chain of unrelated words with some structure
Feels less like a chore and more like a private sentence only I would ever say
It's not a bug, it's a feature

Candle

The thing nobody talks about is usability fatigue
You can design the strongest quantum-safe system in the world but if people hate using it they will find shortcuts
That is where security usually collapses in real life
Have you tried turning it off and on again?

Omega

Every time I read about quantum-safe anything I imagine a hacker in a lab coat rubbing their hands together
Reality is probably just someone clicking a phishing email instead
Still, better to be ahead of the curve than caught off guard

alwaysPatrick19

There is also the elephant in the room, password managers already solve most of this problem
If you are generating 25+ character random strings automatically, humans do not even need to see them
So the real discussion becomes trust in the manager, not memorization
All original content unless stated

Buffer

I appreciate the direction but I think we are mixing two conversations here
One is theoretical future-proofing against quantum attacks
The other is basic password hygiene that we should already be doing

RicFlair_X

If quantum computers ever get powerful enough to crack modern encryption at scale we will have bigger problems than passwords
Entire authentication systems will need redesigning, not just longer strings
So this feels like preparation, not panic
It's only banter... mostly

StevenArroyo

I like the idea of passphrases but I also think people underestimate how predictable they can become
Once humans get involved we tend to reuse patterns even when we think we are being clever
That predictability is usually the real weakness
First post best post

Leo

Honestly the most relatable part of this is realizing how many accounts I still protect with weak passwords from years ago
Reading threads like this is a good reminder to clean house before we worry about futuristic threats