Passwords. Passwords everywhere... sick of them!

Capt'n Midnight

Deleted User wrote: »

Just use an md5 hash tool and your password becomes 994292055d6a1a9b21f61e03bd4b577c

Google is a great reverse md5 lookup

also
https://isc.sans.edu/tools/reversehash.html

and
http://www.md5rainbow.com/994292055d6a1a9b21f61e03bd4b577c

md5 hash is just obstruction unless the original password is really secure.
Unless you believe that no one out has tables of hashes of hashes



security through obscurity only works when it's really obscure, of the "three men can keep a secret if two are dead" sort of obscure

Xivilai

I use a portable Keypass installed on my Dropbox, with a password to access it and a keyfile stored on my usb drive. Safe out

pickarooney

It would take a desktop PC about A tresvigintillion years to crack your password

Pity it's too late to name my firstborn this

YellowFeather

Yeah. I'm fed up remembering passwords. Especially with work generated ones which I just have to learn off. Then social media accounts, banks stuff, every single the feck everything that also requires a password. And, for some reason, Verified by Visa is the worst of them all.

Biometrics for everything please!!

InReality

I don't see the point of password managers.
For sites that aren't important I just use the same password.

For ones that have payment info for me , i.e. credit card details ,and gmail, I use a more complex one.

Senna

Pick one 8+ digit word that has a capitial letter, a lower case letter and a number, then use that for every site you don't care about.
I use the same one for forums, email, shopping, ebay etc. It's only banking, PayPal etc that has different passwords.

Charlie19

Avantcard must have the worst system albeit probably fairly secure. Password and memorable word for their site and a different password when making online purchases.

lightspeed

o1s1n wrote: »

What drives me mad is having to change my password in work every 8 weeks or so.

It can't be a password I've used before. I've been here 6 years and have run out of new ideas!

I feel your pain. We have 2 different pieces of software and both seem to screw up and block you out after changing to a new password until it reset again by someone with manager access. Pain in the hole is an understatement.

I have had almost the same password for over 2 years now. I just change a number at the end each time. Well into double digits but easier to remember and dont have to wait for IT for the guts of an hour to fix it.

Capt'n Midnight

Capt'n Midnight wrote: »

Google is a great reverse md5 lookup

also
https://isc.sans.edu/tools/reversehash.html

and
http://www.md5rainbow.com/994292055d6a1a9b21f61e03bd4b577c

md5 hash is just obstruction unless the original password is really secure.
Unless you believe that no one out has tables of hashes of hashes



security through obscurity only works when it's really obscure, of the "three men can keep a secret if two are dead" sort of obscure

True, it just depends on just how far you want to go to secure your passwords, I have so many now, it's hard to remember them all.

Plus that md5 one has a little extra spice in it when I use it as well, in other words it's not hex. so it can't be reverse engineered.

I had the misfortune a few years ago of having a password cracked that was used for more than one site, spammed all the other users of another site. Since then I use unique passwds for all the sites I use.

Have to use the " forgot password " often as well but what the hell..#

IvaBigWun

fergiesfolly wrote: »

I run the password off the username, the username off the ID number and the ID number off the password.
Never had any problems.

:pac:

whirlpool

I don't understand using password managers. You're giving every single one of your passwords to one program. Seems dodgy as f ck!

ciaran12

I tend to be wary of those 'How secure is my password?' things

I know they don't get your email, but they could easily add your password to a Rainbow Table

I wonder if there's a github pages based one, so you can see the source?

Oink

ciaran12 wrote: »

I tend to be wary of those 'How secure is my password?' things

I know they don't get your email, but they could easily add your password to a Rainbow Table

I wonder if there's a github pages based one, so you can see the source?

Honestly I assumed that was a joke. No way in hell I'd type my password on a website just "to check that it's secure".

And a magic "secure application" that holds all my passwords?? If I ever do that I will lose my tinfoil hat priviledges, and rightly so.

Capt'n Midnight

Botnet ZeroAccess alikuwa kuhusu 1.9m kompyuta katika hivyo kwamba miaka 64,000 ni siku 12 tu.

GPU ya kuongeza kasi ya juu 100 kutegemea
Algorithm kasoro kutoa speedups pia

Na bila shaka Rainbow Majedwali ina maana kwamba isipokuwa tovuti anatumia ufanisi kuweka chumvi ya siku 12 ya ngozi inaweza kufanyika mapema.

Na crackers password kutumia kanuni ya msingi juu ya kamusi na mchanganyiko kawaida, watu wengi kutumia mitaji au namba au tabia ya pekee kama barua ya kwanza au wa mwisho, idadi ya baadhi ya ni maarufu zaidi.

Lakini speedups kubwa ni kwamba miaka 64,000 ni kwa ajili ya nywila kweli random. . Kulazimisha nywila tata ina maana kwamba passswords ni vigumu aina na kumbuka lakini tu kuongezeka kwa utata kutoka passsword (hakuna nyavu bot, hakuna GPU ya speedups chache) kwa Password1

HeidiHeidi wrote: »

Is that what Swahili looks like when written down?

coffee_cake

o1s1n wrote: »

What drives me mad is having to change my password in work every 8 weeks or so.

It can't be a password I've used before. I've been here 6 years and have run out of new ideas!

Month and year

Capt'n Midnight

Oink wrote: »

Honestly I assumed that was a joke. No way in hell I'd type my password on a website just "to check that it's secure".

And a magic "secure application" that holds all my passwords?? If I ever do that I will lose my tinfoil hat priviledges, and rightly so.

http://ismycreditcardstolen.com/

HeidiHeidi

Capt'n Midnight wrote: »

Botnet ZeroAccess alikuwa kuhusu 1.9m kompyuta katika hivyo kwamba miaka 64,000 ni siku 12 tu.

GPU ya kuongeza kasi ya juu 100 kutegemea
Algorithm kasoro kutoa speedups pia

Na bila shaka Rainbow Majedwali ina maana kwamba isipokuwa tovuti anatumia ufanisi kuweka chumvi ya siku 12 ya ngozi inaweza kufanyika mapema.

Na crackers password kutumia kanuni ya msingi juu ya kamusi na mchanganyiko kawaida, watu wengi kutumia mitaji au namba au tabia ya pekee kama barua ya kwanza au wa mwisho, idadi ya baadhi ya ni maarufu zaidi.

Lakini speedups kubwa ni kwamba miaka 64,000 ni kwa ajili ya nywila kweli random. . Kulazimisha nywila tata ina maana kwamba passswords ni vigumu aina na kumbuka lakini tu kuongezeka kwa utata kutoka passsword (hakuna nyavu bot, hakuna GPU ya speedups chache) kwa Password1

Makes about as much sense to me

Keepan Eye

Yeah - Passwords drive me crazy ---then there are door locks and alarm codes. Me Head's not big enough and the older you get the worse it seems to get. I saw something recently ---Senses your personal Heart Beat to confirm its you. Suppose the Crims will find a way around that too. I appreciate the suggestions LAS pASS ETC ETC

Poochie05

Antar Bolaeisk wrote: »

Where were you born: Yellow
What's your favourite colour: Trampoline
Your mother's maiden name: Timbuktu

Ha ha, I tried this with the real answers but to the wrong questions. Trouble was I couldn't remember which way I put them so had to start again! Especially when they only ask one question at a time...

Luxie

nc19 wrote: »

Are we not all still using 1234????

No. Some us are still on 9999.

kowloon

uch wrote: »

https://howsecureismypassword.net/


Check how secure your Password is.

Apparently 'password' is in the top 10 common passwords!

Muir

Apparently the alphabet as your password would take a desktop PC 48 quintillion years to crack.

Paramite Pie

Antar Bolaeisk wrote: »

That's a bad idea, all it would take would be for one of your passwords to be compromised for them all to be be compromised. You may as well not bother with the change at all as it provides neglible benefit.

In fairness, the password would probably be hacked by an algorithm which wouldn't see the obvious trend. I imagine it's automated by now, with a algorithm that enters the ripped password+username into many other sites automatically.

Correct me if I'm wrong... i'm certainly no expert!:pac: