How secure are you?

Grayson

Just wondering how secure you are when it comes to online communications?

Do you use encrypted apps? Have you got decent anti virus? A pin on your phone? Is the phone or computer memory encrypted?

Do you use a passphrase?

I'm pretty secure but I'm also lazy. I tend to use the same password for multiple sites. I've started to change it up a bit and at the same time keep it simple.
So if my standard password was PASSWORD then my facebook password would be PASSWORDfacebook. I also have two separate passwords that I use. One for stuff like boards which is simpler than the one for gmail or amazon. I try to change them every so often but it's not an easy thing to do.

My bank account was hacked last year and a few hundred was taken. I got it back but none the less it's worrying that it happened. Recently my skype account got hacked and everyone on my contacts list got sent a spam message.

frozenfrozen

you should use a password manager and have it automatically generate a new password for every service. then have 2 factor authentication on everything that will use it.

gramar

I have about 7 or 8 different passwords that are more or less variations of the same thing and bar the sites I visit often I haven't a notion of which one it is. That's not to mention pin numbers, access codes, secret handshakes and magic words. It is a royal pain in the hole.

MeatTwoVeg

I always try to keep my password and username the same as it's only one thing to remember as opposed to two.

frozenfrozen

my password is ******

edit: omg boards stars out your password!!!!!@!11!!!1!

my password is actually hunt.e.r.2 without the dots just in case you were wondering!!!!

Atari Jaguar

frozenfrozen wrote: »

you should use a password manager and have it automatically generate a new password for every service. then have 2 factor authentication on everything that will use it.

2 factor authentication is one of the worst things you could use. Not only are you left at a hackers mercy when he clones your SIM card (which isn't hard) if you lose or break your phone you're not able to log into any of your accounts. If you decide to change your number for any reason you need to deactivate 2 step log in on EVERYTHING you had it on and by god you'll forget something and then you're screwed. I almost got locked out of my iCloud account because the iPhone I logged in with was broken and my phone number had changed since then set it up, was a bloody nightmare. I could've lost my apps, music everything I've purchased or saved on iCloud. Photos, contacts, the lot.

Atari Jaguar

frozenfrozen wrote: »

my password is ******

edit: omg boards stars out your password!!!!!@!11!!!1!

my password is actually hunt.e.r.2 without the dots just in case you were wondering!!!!

*cracks knuckles* ur getting hacked fool

Stasi 2.0

Grayson wrote: »

So if my standard password was PASSWORD then my facebook password would be PASSWORDfacebook. .

I don't use facebook

That means I beat you

Grayson

gramar wrote: »

I have about 7 or 8 different passwords that are more or less variations of the same thing and bar the sites I visit often I haven't a notion of which one it is. That's not to mention pin numbers, access codes, secret handshakes and magic words. It is a royal pain in the hole.

For pin numbers I use variations on maths sequences. So lets say the standard number is "1234" then I multiply that by the first number on the card (say 5) and use the first 4 digits (In that case it would be 6170). That way it's different for most cards and if I forget it I can multiple it out and figure it out.

gramar

Grayson wrote: »

For pin numbers I use variations on maths sequences. So lets say the standard number is "1234" then I multiply that by the first number on the card (say 5) and use the first 4 digits (In that case it would be 6170). That way it's different for most cards and if I forget it I can multiple it out and figure it out.

Wha?

Pinch Flat

So, "Password1234" is not secure then?

frozenfrozen

Atari Jaguar wrote: »

2 factor authentication is one of the worst things you could use. Not only are you left at a hackers mercy when he clones your SIM card (which isn't hard) if you lose or break your phone you're not able to log into any of your accounts. If you decide to change your number for any reason you need to deactivate 2 step log in on EVERYTHING you had it on and by god you'll forget something and then you're screwed. I almost got locked out of my iCloud account because the iPhone I logged in with was broken and my phone number had changed since then set it up, was a bloody nightmare. I could've lost my apps, music everything I've purchased or saved on iCloud. Photos, contacts, the lot.

You should look up yubikey, SMS 2 factor is not the be all and end all (but don't knock it, unless you're a high priority target nobody is going to clone your number. if anything they would just sniff the sms and log in before you.

If I lost my phone I could still get into accounts with once use codes which are on cold storage.

Definitely reconsider 2 factor. It's all about making yourself more difficult than the next person in the queue

josip

5 lever mortice locks, front and back

Grayson

gramar wrote: »

Wha?

I have multiple pin numbers but the way I remember what they are is by having one pin and just multiplying it by different numbers.

So if I forget what my pin is, I can just get the original number and multiply it out . Then I know what my actual pin is.

Grayson

Pinch Flat wrote: »

So, "Password1234" is not secure then?

I could hack that in a few minutes with my computer. If I had a gaming computer it would be way less (A lot of hacking programs use the graphics card to run brute force attacks so a gaming computer is better than a normal one).

_Kaiser_

- Password manager with random complex secure passwords
- Bitlocker encrypted hard drive
- Phone PIN and fingerprint
- 2 factor wherever available
- Bitdefender Antivirus
- Don't use Skype (I miss MSN ) but Whatsapp and Viber are both encrypted now too
- Multiple email addresses for different things (forums etc on one, "official"/proper comms on another etc)

Stigura

I just accept that GCHQ are tracking everything I type. Say on or near my phone. And that down loading anything remotely concerned with accessing 'The Dark Web' would send massive alarm bells to them, the FBI and god alone knows who else.

Bear that in mind and trying to be Lex Luthor about ye passwords sort of comes into focus