Passwords

holnrew · January 2015

beed84 said:

I just let my mac generate and save mine for me. Saves a lot of energy of trying to remember, forgetting, the website telling you you've put the wrong password in, then having to go through the hassle of "forgotten my password" ordeal, then having to go through further hassle of thinking up a new password that no one will get, settling on one, typing it in the box only to be confronted by the website explaining to you that the passwords don't match, typing them again until they do, pressing enter, and a day later wondering why you didn't write the password down...

I hope you've read the terms and conditions...

bingefeller · January 2015

I normally use words and numbers in my passwords and employ a memory palace technique to remember them by. All I have to do is associate a physical place with the website and I can then recall the passwords.

littlegreenman · January 2015

bingefeller said:

employ a memory palace technique

You are Hannibal Lecter and ICM5£

bingefeller · January 2015

littlegreenman said:

bingefeller said:

employ a memory palace technique

You are Hannibal Lecter and ICM5£

haha, it was only when I read Derren Brown's book a few years back when I started to use it. Hannibal Lecter's memory palace seems too complex and detailed.

littlegreenman · January 2015

bingefeller said:

littlegreenman said:

bingefeller said:

employ a memory palace technique

You are Hannibal Lecter and ICM5£

haha, it was only when I read Derren Brown's book a few years back when I started to use it. Hannibal Lecter's memory palace seems too complex and detailed.

Nice place for a holiday though

equalsql · January 2015

What you need is KeePass
I find this a great way to keep track of all my different passwords. Plus you can copy and paste them into your sites...which gives even greater security from key-logger trojans.

beed84 · January 2015

holnrew said:

beed84 said:

I just let my mac generate and save mine for me. Saves a lot of energy of trying to remember, forgetting, the website telling you you've put the wrong password in, then having to go through the hassle of "forgotten my password" ordeal, then having to go through further hassle of thinking up a new password that no one will get, settling on one, typing it in the box only to be confronted by the website explaining to you that the passwords don't match, typing them again until they do, pressing enter, and a day later wondering why you didn't write the password down...

I hope you've read the terms and conditions...

Sorry @holnrew, that's completely lost on me. Which ones?

EDIT: Just got it. Have a wis'.

Zodiac51 · January 2015

Axe_meister said:

Fine if your password has to stay the same. In my job deal with about 10 different clients. Each client has a different password policy, each with different timeout policies.
So it is guaranteed that when I go back to a client. after a month or two I will have forgotten my password and have to call the help desk. Due to some of our clients having very strickt security policies I can't even use a secure password store (which in itself is very insecure) not even allowed mobile phones or laptops on site.

You allowed a fag packet or the back of an old envelope on site

Myranda · January 2015

Emp_Fab said:

I use the first letters from song lyrics and change i's and o's to zeroes and ones - e.g. using the first line from Motorhead's 'The ace of spades', you'd get 1yltg1ty1ym (If you like to gamble, I tell you I'm your man). You can also alternate upper and lower case if you want to mix it up a bit more. Pretty secure as far as passwords go and despite looking cryptic, it's a piece of piss to remember. All you have to do is remember which account has which song associated with it !

As a windows password it will take a handful of minutes to brute force that password*... as will any combination of numbers/letters/symbols/uppercase or lowercase shorter than 15 characters is not worth using if you want to secure your machine.

As for writing passwords down - If someone has broken into your house and is at your PC you have bigger issues than them being able to see what porn you last looked at... If for some reason you don't like password managers there is some evidence to suggest writing passwords down will allow you to use more complicated, longer passwords without forgetting them... but seriously. Use a password manager (then write down the password for this, and keep it elsewhere...). Oh, and change the password manager password regularly. Just make sure you choose a proper key manager.

There are plenty of sites and companies that have maximum password lengths, which frankly is an invitation to suffer security breaches.

Also, "complex" password systems are often used only to require 1 capital letter and 1 number so "Password1" is complicated enough... Pasword1 will appear in a "dictionary" file for password cracking software - as will pretty much any combination of characters making up password (pA5$w04D for instance)

Oh, and don't trust password strength checkers - many are innaccurate and don't take into account the techniques used by hackers (brute force alone is not the only tool).

I was going somewhere with all this, but fell asleep in between... so... meh.

Howdy, Stranger!

Categories

In this Discussion

Become a Subscriber!

Passwords

Comments