You missed this bit out:
"But wouldn't something like “D0g” be in a dictionary, even with the 'o' being a zero?
Sure, it might be. But that doesn't matter, because the attacker is totally blind to the way your passwords look. The old expression “Close only counts in horseshoes and hand grenades” applies here. The only thing an attacker can know is whether a password guess was an exact match . . . or not. The attacker doesn't know how long the password is, nor anything about what it might look like. So after exhausting all of the standard password cracking lists, databases and dictionaries, the attacker has no option other than to either give up and move on to someone else, or start guessing every possible password."
I''m sorry old bean but I just need to point out that "Did you take the dog out today?" is not a strong password. It will take a few seconds for a machine to guess that. The first thing anyone does when trying to guess a password is a "dictionary attack" they simply try words and combination of words from a dictionary. When a machine is doing this it takes a few seconds or maybe a few minutes at the most to run through it all.
This is a strong password "5m*ljS4mC#RKEg@6UfTfO09sHxuVs3Y6Z5BZ9#" and as any normal person will know, there is no hope of remembering it. That is why we use Lastpass. It means you can use a different password like that on every site and you never need to remember it and nobody will be able to guess it.
I use Lastpass and it's brill, but I do worry about having so many passwords in one information silo
If Lastpass gets hacked it's going to be brutal
Not correct. You're still not biting. As pointed out by others - this whole thing of using umpteen special characters etc is becoming hackneyed ill-thought-out farcical bollocks. It will not take seconds for a machine to plough through the password teddyBear gave simply because it is not a simple case of ploughing through combinations of dictionary words in the manner that you describe. If it were then I would agree. What about the question mark at the end? And the white spaces between words, which are perfectly valid as password characters (see myth #8 in the link below)? And that the word lengths will be unknown? I am fairly certain this is adequately secure, but am more than willing to be corrected on this.
Have a look at this: Ten Windows Password Myths | Symantec Connect
I imagine you could increase the strength of that password by simply messing the spelling of one of the words - e,g, did you take the dge today. I can't even imagine how long it would take a random generator to crack that, as it would mean it cannot rely on dictionary alone. Or swap one of the words with a foreign equivalent - did you take das dog out today
Use a modded hosts file with a decent up to date blocking list, for network wide ad blocking - use a raspberry Pi with pi-hole installed.
Always use an Antivirus program such as defender - you can use this in a sandboxed mode so it's even more secure.
Don't download dodgy software or open email attachments from people you don't know.
Always check the url of any email you receive to make sure it came from where it says it does.
Always use different passwords on each site - and change them regularly - use phrases such as 'Did you take the dog out today?', as these passwords are long and very difficult to hack.
Don't answer spam calls, and don't give any details to anyone via a phonecall - unless of course you have phoned the company yourself such as a bank and they need to verify who you are.
Open unknown/new programs in a sandbox first, so they can be verified to be what they are - and can't damage your OS.
Probably switch to Linux - such as Ubuntu, this is far more secure than windows and doesn't contain all the 'spying' software that windows uses.
Your Encryption Will Be Useless Against Hackers with Quantum Computers
Fast forward a few years and without too much thread drift...
IBM makes 20 qubit quantum computing machine available as a cloud service
Check out the D-Wave Industry application page....
Industries | D-Wave Systems
Passwords will be a thing of the past soon.
When passwords become ineffective, any other form of personal security won't be far behind, as they're all just a string of 0's & 1's when it comes down to it.