Time to change your password

Sabre0001

...but not for the usual reason. The guy who told us to create convoluted passwords in the first place, Bill Burr (but a less funny one to the standup), has come out and said that he got it wrong.

It seems he underestimated how ridiculous people would be when it came to creating a secure password, or p$ssw0rd to some. That and it's actually more difficult to crack a random string of words than a jumbled mess of characters.

AH, have you been one step ahead when it comes to password management? Are you still in the camp that believes that "qwerty" is as good as it gets? Or have you now got to come up with a memorable four word sentence?

WSJ article

ED E

If you've still got a password you're behind the curve, its a passphrase you want.

The_Valeyard

Just stick Gandalf in front of it

Mena

Passwords have been out for years. Paraphrase sentence is where it's at.

robinph

Correct Horse Battery Staple

https://xkpasswd.net/s/

http://correcthorsebatterystaple.net/

scamalert

password's are safe in general no need to reinvent the wheel, in the movies they make it look's like couple clicks and im in :pac: in reality to crack 8-10 digit password nowadays its almost impossible.

for example if you try to brute force wifi router by virgin media etc, after 4 attempts wrong think it goes into lock down for 5 minutes, if you still try it goes to 15 minutes or smth to that term.And thats simple protection thats needed its not difficulty of password but limiting attempts to crack it that makes it virtually impossible be it gmail or most other services, also two way authentication nowadays where it asks for either passphrase or random code sent to mobile makes it that extra difficult.

since computers nowadays are fast enough to process couple hundred passwords on regular pc , but if one is limited to 3-5 attempts people look for other ways in.

Steve F

Just use "incorrect" as your password
Then if you forget it,whatever you are trying to log in to tells you your password!!








I'll get me coat

Hector Savage

Capt'n Midnight

ED E wrote: »

If you've still got a password you're behind the curve, its a passphrase you want.

nope - no use against a dictionary attack as essentially all it does is replace an alphabet of 26 characters with a long word with an alphabet with thousands of characters but with a far shorter word.

Capt'n Midnight

scamalert wrote: »

password's are safe in general no need to reinvent the wheel, in the movies they make it look's like couple clicks and im in :pac: in reality to crack 8-10 digit password nowadays its almost impossible.

for example if you try to brute force wifi router by virgin media etc, after 4 attempts wrong think it goes into lock down for 5 minutes, if you still try it goes to 15 minutes or smth to that term..

That only applies if you knock politely at the front door. If you sneak round the back its a different story. If someone steals a list of encrypted passwords from a website they can take all the time they want.


see if it's public knowledge that a web site has leaked your password https://haveibeenpwned.com/



BTW things like WPS vulnerabilities in routers means you can keep trying and some logon web page attacks can sidestep logons, fake AP's can steal your credentials

and there is always this
https://www.explainxkcd.com/wiki/index.php/416:_Zealous_Autoconfig

Irish Halo

Lastpass or 1Password

odyssey06

I don't know what this thread is about. When the computer asks me for password, I type password. Works every time.

It's as secure as the Gates of Moria... speak friend, and enter.
https://www.youtube.com/watch?v=dsBuDQ5Y8Es

Are Am Eye

Atm pin easier to guess. You get three trys. There are 210 combos.

OldMrBrennan83

This post has been deleted.

Dravokivich

Patww79 wrote: »

Lastpass makes up my passwords. Luckily my password for lastpass is 1234 so I don't forget it.

Now all I need is your login ID.

OldMrBrennan83

This post has been deleted.

AllForIt

allonehastodoisthinkofaneasytorememberpassphrase

circadian

At least 16 character comprising of numbers, letters and special characters. Never the same in any two places.

Anyone who thinks that someone is sitting on their laptop or desktop PC and using it to try and crack passwords is mistaken. If they aren't using backdoors and database dumps the brute force attacks are done on bitcoin rigs, at the least.

scamalert

whats the point of having some long ass password if system can be brute forced to try it million times.

atm example is good thou its not 210 tries but 10^4. which is 10,000.

since only 3 tries are allowed more then likely anyone guessing would get locked out and thats how proper system should work.

Since theres documentary on youtube about guy half decade ago or so when logged into apple store or whatever crap it is noticed digits at the top of the page and by changing numbers he could jump to other's people account's < now that's a hole, think guy got locked up even thou disclosed it when found :cool: quite easy mistake that show's password strength isn't an issue.

Django99

Are Am Eye wrote: »

Atm pin easier to guess. You get three trys. There are 210 combos.

Why 210? Surely it's 10,000?

lazybones32

I used change mine regularly but stopped since i stopped doing important stuff online and closed accounts, changed cards, etc. What russian mobster wants to hack my boards account? I post nothing of value...nothing!


P.S. I'm not clicking on the link you supplied op, it's an anagram of 'sjw' and i don't care what they say...

Biggest lickspittle on boardz

Public safety announcement: Be very wary of using those 'HOW SAFE IS MY PASSWORD' websites that return how strong your password is. Some are harvesting your passwords for naughty purposes.

Are Am Eye

Django99 wrote: »

Why 210? Surely it's 10,000?

Sorry, I was rounding down.

Capt'n Midnight

^^^^

Check if your credit card has been used online
http://ismycreditcardstolen.com/

robinph

Django99 wrote: »

Why 210? Surely it's 10,000?

It will be a bit less as they won't allow you to have 1234, 0000, 1111, 2222, and other sequences like that.