+Surviving phishing
+------------------
+Password reuse, password managers and strong passwords
+======================================================
Why is Password Reuse a Problem?
--------------------------------
.. image:: password_reuse_1.png
-.. image:: password_reuse_2.png
-.. image:: password_reuse_3.png
+ :height: 6.5cm
+
+Consider the following hypothetical users that reuse a strong password in
+most places:
+
++-------------------+--------------------------+
+| User | Password |
++===================+==========================+
+| Sucker1@gmail.com | QUo5Qt+1Wa/Q1smDJRDbFg== |
++-------------------+--------------------------+
+| Sucker2@gmail.com | +9Hz+/20rVkSkbcsmgdVFw== |
++-------------------+--------------------------+
+| Sucker3@gmail.com | wnYkRcbi7Kkh7Fx2uR8EeA== |
++-------------------+--------------------------+
About password strength
-----------------------
+
How is strength measured?
=========================
'Entropy' `s` depends on the size of the alphabet `a` and the length `n` of the
It's surprisingly difficult for humans to generate good passwords!
+A strong password, as of 2019, has at least 80 bits of entropy.
+
Password Managers to the Rescue!
--------------------------------
Password managers allow you to create a unique and strong password for every
5. Write down your passphrase on paper and keep it somewhere secure
6. If you are 100% confident that you will not forget the passphrase, destroy
the paper by burning
+
+What about phishing?
+====================
+A password manager worth it's salt will refuse to fill out a password on a
+different website, for instance faceb00k.com vs facebook.com
+
+Using different passwords on every service limits your vulnerability even if
+phishing is successful
+
+Other advice
+------------
+In no particular order:
+
+* Only log in on webpages that you navigated to by typing in the url yourself,
+ by searching on google, duckduckgo or some other reputable search engine or
+ from a bookmark
+* Only log in to webpages that are