User Tag List

First 345

Results 41 to 44 of 44

  1. #41
    Senior Member
    Join Date
    Sep 2015
    MBTI
    eNfJ
    Enneagram
    359 sp/sx
    Socionics
    EIE Ni
    Posts
    1,590

    Default

    Quote Originally Posted by EcK View Post
    so you mean I can't figure out your old school's name, pet name etc. by calling your great aunty or something like that and giving her a boggus reason to give away the information ?

    Dude, get real. This is not secure, giving me your personal story won't change how unsecure these ineffective and ubiquitous easy-to-hack security measures are.
    I'm not attacking you personally. I'm happy for you if you make your passes a bit more secure - that still doesn't make the policy a good one. That's akin to saying that cars are perfectly safe because you've never died in one - not a good argument.

    As to the passwords - the classic "ad at least one number and one symbol like !" well first off people will generally use the same symbols (! ? & ) and capitalize only the first letter of their password so it's not like it adds that much complexity to the password. You just set up your password breaking software to start with the most likely combination and it d probably cut down the time needed by a factor of thousands whether you use special symbols and numbers or not.

    Secondly it's obvious the people who set it up are kind of low-level in terms of theory of mind / psychology. It's beyond obvious that you'll choose a shorter password if the site's asking you to setup a non-human-friendly password.+ you'll have to store it somewhere else than just in your brain because who the hell can remember :

    a1rRbo4t& as easily as peachfetchingpricemarket.

    So these passwords are not only in practice less secure by huge factors (generally millions time less secure ) but they're not user-friendly in any way.

    in short - these policies suck and their wide adoption rate is just a testament to how short-sighted and frankly dull when it comes to any other type of intelligence than mathematical many developers are. Theories about what makes people and data safe are entirely irrelevant to what people actually do. Theory is always superseded by fact. .


    Any questions ?
    I honestly don't disagree. I highly doubt that people would have much luck mining enough info on me from my family and friends to reset my passwords. I am too paranoid/private for that.

    But other than that, any real hacker could probably crack my passwords IF he/she really wanted with the right algorithm, random pulling or a keylogger but probably not from something overtly obvious such as knowing my hobbies and interests.

    This thread makes me wanna update all my passwords though. Lol

  2. #42
    Retired
    Join Date
    Jul 2014
    Posts
    1,674

    Default

    password management is one of the most tedious aspects of network security, but you wouldn't believe the vulnerabilities and risks involved with related bad practices. on the enterprise level, access control lists are often insecure, password creation is frequently weak, and swaths of employees leave their passwords written somewhere on or underneath their desks.

    the strongest passwords are made with a long string of randomized numbers, letters, and symbols. why? because phonetic passwords are too easily guessed, and password cracking tools more easily uncover phrases that are made from a single dictionary.

    trouble comes when you can't remember, and applications like lasspass offer easy and effective solutions for memory loss. in addition to my password management software, i also like to carry around an encrypted flash drive that supports the software i use. that way, i can access my online accounts away from home. without encryption, you're vulnerable to keyloggers, simple theft, and registry input.

    here's an example Jet.com - Prices Drop As You Shop

    military grade solutions exist as well.

    another method i like to use when generating a random password i need to remember is to use a 'pass phrase'.

    for instance-

    please
    excuse
    my
    dear
    aunt
    sally

    *converting some letters into symbols and numbers = p3md4$

    why is it important to add complexity to your passwords? why not use reverse psychology and make a simple one?

    because the simple ones exist in dictionaries that attackers use to brute-force their way into your system. here's a list of some of the most common compromised passwords:

    1 password
    2 123456
    3 12345678
    4 1234
    5 qwerty
    6 12345
    7 dragon
    8 pussy
    9 baseball
    10 football
    11 letmein
    12 monkey
    13 696969
    14 abc123
    15 mustang
    16 michael
    17 shadow
    18 master
    19 jennifer
    20 111111
    21 2000
    22 jordan
    23 superman
    24 harley
    25 1234567
    26 fuckme
    27 hunter
    28 fuckyou
    29 trustno1
    30 ranger

    the list goes on.

    you might be thinking: what's the big deal? i don't store anything special on my account...

    you might be right.

    but even lower-level user accounts can be used as an entry-point into surrounding systems, including your own if you reuse passwords for other purposes. additionally, if an attacker uses your account to carry out a malicious act, then victims, administrators, management, or even law enforcement may be pointing the finger in your direction.
    In challenge lies opportunity.

  3. #43
    Analytical Dreamer Coriolis's Avatar
    Join Date
    Apr 2010
    MBTI
    INTJ
    Enneagram
    5w6 sp/sx
    Posts
    16,973

    Default

    Quote Originally Posted by Floki View Post
    another method i like to use when generating a random password i need to remember is to use a 'pass phrase'.
    Most of my passwords are generated in this manner. I use words from songs or poems that are easy to remember.
    I've been called a criminal, a terrorist, and a threat to the known universe. But everything you were told is a lie. The truth is, they've taken our freedom, our home, and our future. The time has come for all humanity to take a stand...
    Likes Floki liked this post

  4. #44
    Who Am I? Forever's Avatar
    Join Date
    Aug 2013
    MBTI
    INTJ
    Socionics
    Just Ni
    Posts
    6,872

    Default

    I memorize my passwords through muscle memory lol. It only is useful though if I am the site quite frequently.
    F O R E V E R


    When it matters, everyone's the same.




Similar Threads

  1. Public Service Announcement to Future Superheroes
    By Qlip in forum The Fluff Zone
    Replies: 4
    Last Post: 10-28-2011, 01:46 AM
  2. Replies: 30
    Last Post: 10-02-2010, 12:43 AM
  3. Public Service Announcement to Paranoid Fi doms
    By simulatedworld in forum Myers-Briggs and Jungian Cognitive Functions
    Replies: 490
    Last Post: 02-01-2010, 10:58 PM
  4. Interesting article on the effects of public schools
    By BlackCat in forum Politics, History, and Current Events
    Replies: 37
    Last Post: 05-09-2009, 08:25 PM
  5. 1Gbps (to the home) Fiber-Optic Service Arrives in Japan on October 1
    By Grayscale in forum Science, Technology, and Future Tech
    Replies: 18
    Last Post: 11-12-2008, 06:20 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
Single Sign On provided by vBSSO