Ingsoc85: This video has some good ideas to pick a password
https://youtu.be/yzGzB-yYKcc I'll check if that has some new information. Many year ago I once used some very long passphrase for encypting a RAR file (e.g. "this_file_is_for_personal_use_only") because I copied it through some public server where someone else might theoretically get a hold of it too, but later I couldn't remember the exact passphrase anymore. :) Maybe the "only" was in the different place, or wasn't there at all originally, or I didn't actually use underscores but wrote it all together, etc. I just couldn't remember anymore. Oh well, I couldn't open that rar file anymore, and I had deleted the original uncompressed source files already. Something that you think should be easy to remember, isn't so necessarily.
By the way, when talking about these "brute force attacks", are people suggesting scripts trying to log in continuously to different GOG.com accounts, or hackers having an offline database with usernames and passwords, and trying to brute-force the passwords out of it? So the antibot measures like "click on all the pictures with penguins in it" do not work, they don't block such bots/scripts from continuosly trying to log in with different passwords?
That occurred to me as Snowden mentioned in that video that a normal 8-digit password can be brute-forced in less than a second. I presume he was referring to a case where you have a whole username/password database in your own possession, not when trying to repeatedly log in to someone's account on some website with a bot script?
So if people believe GOG accounts are being brute-forced, shouldn't it mean the hackers have first been able to copy all the GOG username/password databases from GOG servers? Or?
Ingsoc85: This video has some good ideas to pick a password
https://youtu.be/yzGzB-yYKcc Ok so that video mainly said one should use a long and easily remembered passphrase. Ok then, I already did e.g. with the RAR file many many years ago, too bad I forgot the exact passphrase, only remembering it vaguely. :)