Protect what matters – even after you're gone. Make a plan for your digital legacy today.
Forum Discussion
Solved
Do account usernames need to be as complicated as passwords?
I was recently reading about account security, and the author said using your name, email address or anything close to those items was not very smart these days. The author advised that you should go...
@ 1P_Dave
That helps a lot. Thank you, Dave!
[Citation not needed, but would be welcome]
There are some cases in which treating both of the two strings of text as effective passwords makes sense and the process of logging in remains optimal when using a good password manager such as Bitwarden or Proton Pass.
While there are no strict criteria, this can be a good approach for services where the username is inconsequential and not revealed. For services such as this forum it's probably counterproductive.
I do this for some of my accounts and for services which I host.
Given that leaked, breached, stolen, pwned, purloined, ... credentials are by far the greatest source of abused credentials and that brute force password guessing has become almost negligible for various reasons [Citation needed, but not provided], having a random or complex username is largely inconsequential, especially since many such breaches also include email addresses and other more valuable information.
To answer the question in the title: No, and not just because usernames tend to be more constrained than passwords.
