• Quick note - the problem with Youtube videos not embedding on the forum appears to have been fixed, thanks to ZiprHead. If you do still see problems let me know.

I know what your password is and you are an idiot

[obligatory Spaceballs reference]

President Skroob: "Did it work? Where's the king?"
Dark Helmet: "It worked, sir. We have the combination."
President Skroob: "Great. Now we can take every last breath of fresh air from Planet Druidia. What's the combination?"
Colonel Sandurz: "1-2-3-4-5."
President Skroob: "1-2-3-4-5?"
Colonel Sandurz: "Yes!"
President Skroob: "That's amazing. I've got the same combination on my luggage."
 
rjh01 said:
The problem is that that method would help you remember one password. Now try doing that for 100 passwords some of which are hardly ever used. No the only solution is to write them down, maybe using some software for this purpose.
Click to expand...

Well, I do both. I make memorable passwords and store them in an encrypted KeePassX file. The thing that aggravating are the password requirements a lot of site have: requiring a special character or number or uppercase letter, or only allowing absurdly short passwords (16-20 characters!)
 
Last edited:
Axiom_Blade said:
Well, I do both. I make memorable passwords and store them in an encrypted KeePassX file. The thing that aggravating are the password requirements a lot of site have: requiring a special character or number or uppercase letter, or only allowing absurdly short passwords (16-20 characters!)
Click to expand...

I use KeePass as well. Was going to look at LastPass for a decent cross-platform solution, but there doesn't seem to be a good/reliable migration path from KeePass, or at least there wasn't when I looked at it a few months ago.

I've heard of some sites not even handling passwords in a case-sensitive way. What's that about?

Helpful hint: Those "security questions", like "what's your father's middle name" or "what was the name of your first pet" - you don't have to tell the truth on those. KeePass is good for keeping track of lies as well. Don't tell anyone, but my dad's middle name was not "Meep Meep Skittle-Me-Do, Mrs.".
 
elgarak said:
I do use simple passwords at certain sites, too.

Never use the same password for different purposes, though (that's the reason why I chose simple passwords for certain less important sites, so that they're easy to remember). Point is, hacking one of my accounts won't give people access to other accounts. Not even a hint what the password of other accounts might be.
Click to expand...

Please, tell me more. :boxedin:
 
jnelso99 said:
I use KeePass as well. Was going to look at LastPass for a decent cross-platform solution, but there doesn't seem to be a good/reliable migration path from KeePass, or at least there wasn't when I looked at it a few months ago.
Click to expand...

The latest version of the LastPass plugin for Firefox has a KeePass import function. For other browsers LastPass recommends you use Firefox to import because it is easier to use than the import functions in the other browser plugins.

I've never used KeePass but I did see a LastPass forum post pointing out that some people do not have URLs associated with some passwords in KeePass. When there is no URL LastPass imports it as a secure note instead of a web site password.
 
Does anyone know a good migration process from RoboForm Everywhere? I've been using that for ages, but it seems to have developed a few bugs in recent years.
 
Very similar to other lists of "most popular passwords" I had seen before -- password1, asdzxc, asdfghjkl, ****you, etc. But what the hell is "kazuga"?
 
alfaniner said:
I really hated the insistence of our work logon to change our passwords every 90 days. It required a super-strong password, and if it was too similar to any of your previous 12 passwords it wouldn't allow it.

Thereby ensuring that every single person had their current password written down somewhere.
Click to expand...

This. My previous company went to 90 day password renewals with the then sooper sekret standard: 8 characters at least one each: alpha lc, alpha uc, symbol, number, and no repeat nor too much similarity of/to any of your previous three passwords.

We had 50,000 users worldwide. You could walk into any office and "hack" (or should that be "H@ck1nto") half the computers because the recently changed passwords were on Post-It notes on the monitor screens.

When I go into my current bank, they have them re-setting passwords on three different systems... different green-screen apps. And they all keep all their passwords on note pads next to their terminals. My bank!!!!


What I currently do: I have to use mnemonics to remember the five passwords I rotate. But I use them everywhere. If I try three times and get booted off (I have no sites that kill you forever for missing more than x times), I just wait my twenty minutes (or whatever time required), log back on, and try the other two passwords.

More important, though.... my bank account info is "read only". No one can do anything with it. No other sites have anything that would equal more than a nuisance to me if they got hacked. I just don't do electronic transactions.
 
For completely unimportant things I have a throwaway password; for anything personal (email, forums, social media, etc) I use 70-80 bit passwords that I'm confident can only be brute forced. Not easy to come up with and remember, but I'm glad I take the time. For financial stuff, I use more secure public/private key system that require both my personal information, a code/PIN and e.g. my phone or credit card.
 
Mine are fairly basic alphanumerical 9 character passwords. I truly couldn't care less if they got hacked, although I wouldn't post them inviting trouble.

Bluesjnr, your email has been hacked - so what?

Bluesjnr, your bank account has been hacked - did the hacker feel sorry for me and leave me a fiver?

Bluesjnr, your credit card account has been hacked - Its maxed out. Good luck with getting an increase.
 
For my home network I actually used a 16-digit code (slightly modified) that came printed on an AOL disc. Nice to know they are useful for something besides drink coasters!
 
alfaniner said:
I really hated the insistence of our work logon to change our passwords every 90 days. It required a super-strong password, and if it was too similar to any of your previous 12 passwords it wouldn't allow it.

Thereby ensuring that every single person had their current password written down somewhere.
Click to expand...
With us it's 30. Many people terminate their LAN password with a number and simply increment it every month.
 
You must log in or register to reply here.

Back
Top Bottom