Strong password AND 2FA?

This might be a dumb question, but if I have 2FA set up, does my password need to be a ridiculous length and randomization?

I’m asking because to sign into my work device, I can’t use my password manager. This device is also set (and locked) to sleep after 20 minutes of inactivity, which means I have to sign in again.

I’m tired of typing my password, so I wondered if I made it less intense, would that compromise security?

Get a mouse jiggler

And use passphrases for you password

1 Like

Yes, but to what degree depends on how much you reduce it by and if you are using a randomly generated password, passphrase or something else.

Does your org allow you to use login PINs? assuming you are on Windows 10+

1 Like

Windows 11 and no pin. Windows 10 we could turn off Require Sign-In, so this wasn’t an issue.

I didn’t think about passphrase. I can do that for sure.

I mean… how much do you care about what that password is protecting?

If your work is forcing you to use a weak password because of their ridiculous settings, that sounds like a them problem, and maybe they’ll find out what the consequences are the hard way :upside_down_face:


I do care. But you just nailed it, and I feel less bad about pondering a weaker password.