Password security
 

As a follow on to the recent banking security thread there was a rather interesting article in the guardian on password security.

There was a recommendation to use one of those password managers even though the article included the reference to the one recommended as having been compromised.:blink:

It seems there's nothing safe. :ohmy:

There were a few interesting ideas though. The first line of a song, maybe. Or an expression.

Such as I log on to British Expats daily at 9
Which would become IlotBEd@9
You need a way of recalling where the caps are but this example is easy.

Then you could take the first two and last two letters of the website you're logging onto. So sign on to Amazon and you have AMIlotBEd@9ON. Or Barclays becomes BAIlotBEd@9YS.

The theory is that passwords are all unique to whichever ever sites you sign on to, with no issue about forgetting them.

But if you get hacked, is it possible that a repeated website input - the IlotBEd@9 - gets picked up?

What about copying and pasting passwords that you have somewhere on your computer - disguised, of course.

Let's say you have a document of some "poems": The Amazon Jungle. The Barking Dog. Ode to a Twit. (see the clues in the title for Amazon, Barclays and Twitter? :lol:)

The third line in the second verse (or whatever) could be the password and you just copy and paste into the password box.
Perhaps this has the advantage of no keystrokes to pick up?

It could be anything, not just poems. Football results from a tournament, perhaps. A list of favourite movies in different categories. The third or fourth movie in each category is a password to copy/paste.

Anyone have any thoughts, warnings or tips?

Re: Password security
 

Bristol @ post #1

I didn't understand any of that

On passwords, why not just have zero similarity for any passwords used anywhere, from & to, including .... on line Banking or accounts with anyone, utility websites, social media accounts, Yahoo, Amazon, Best Buy, paypal, DHGate etc etc

Re: Password security
 

What's your method for A) remembering them and 2) which sites they belong to?

Re: Password security
 

My "secret question" for some banking thing or other is "knee pads, an airline bag and?"

Re: Password security
 

what i dont get is that you are not allowed to choose your own passwords..how many times is your password rejected because it doesn't have a capital letter a number and some other ! or ? in it... surely it is up to me what form my password takes regardless of how secure it is or not :sneaky:

Re: Password security
 

call me simple

In my case, my only on line passwords are for my email account + BE, both are totally different.

Should I remove myself from BE, it would be the email account log in only & I'm considering dropping the email account

No on-line banking, I do not purchase on-line, so that I do not have a registered account with say Amazon/Best Buy/Airline/Aeroplan etc. No social media or facebook, no frequent/loyalty program accounts

I do not have a paypal account, nor a utility company account

Although I have a credit card for emergency backup that I rarely if ever used, even that is not tied to an on-line account

I am one of a few that is not tied to on-line anything

Maybe others on BE are the same?


.

Re: Password security
 

your weight, colour of your eyes, when you first had sex, where & who with :rofl:

Re: Password security
 

I really suspect that, in these days, you are an exception rather then a common fact.

Re: Password security
 

If you use a password manager, back up your passwords through an alternate method too, because if you lose the master password, then your whole life (that is password-related) is wiped out. Ditto if the database file gets corrupted.

For the master password, print a list of things that each result in one or two characters of the password that only you can know the answer to. Example, the number of the house you grew up in; the first two letters of the first place you worked; etc. Make it varied so nobody could ever get them all however well they know you.

Re: Password security
 

Even though I'm a retired Engineer that worked in a Telecommunications, Broadcasting & (IP) Intellectual property industry, I'm a real idiot when it comes to stuff like this (from my years of protecting what I know from others), especially when I don't do all of the on-line things that most folks do that require them to have multiple (do I remember to forget the) passwords

So, my take on all this complicated user names & passwords - might that be like putting all your passwords on a word document then saving them to a USB stick, that you carry on a string around your neck?

Or maybe tattoo that 'master password' on your foot or another place on your body so that single 'master' password would then open to all the other passwords?



.

Re: Password security
 

What happens when you want to change your password, as it's suggested we do periodically ?

Re: Password security
 

in the real world one master password embedded on your body somewhere to the one single entry linked to all the others that you can change

OK, so suggesting changing a password frequently (those that have so many) results in the same 'where is it, do I remember it, can I remember my 'secret hint' - a trauma to a knock on the head - a person can forget everything

Way way over the top for such a simple exercise

Back before IT, or anything requiring passwords - how did folks manage to exist?

Big brother is watching & we are all so trusting, just like the folks that applied for jobs at McD's whose personal information was compromised, or the recent other events Cdn Tire, Shoppers.....

Want to add, that when I was working my office supplied computer did not have a password on it - because I had nothing to hide that was personal, nor did I do anything on that computer that was personal, nor was there a lock on my office door, desk or filing cabinet

I do not have a cell phone/smart phone either - wife has a calling only cell phone with no camera or texting/data capability

I'm a dinosaur

.

Re: Password security
 

I needed a PID (personal identity device - credit card style thing with magnetic strip) and a password to access DSS/DWP computer long before I ever went on line and I was accountable (not unreasonably) given the information I was accessing and processing. :nod:

I never knew such a thing existed. :lol:

Re: Password security
 

in all of that - as I posted previously....I'm a dinosaur & have managed to outwit the technology that I do not believe is necessary to the extent to be part of my/our lives, work or play.

KISS principle

I trust that all the folks with their tech devices, their passwords or access to whatever it is that controls their lives are able to sleep at night as well as to make sure that they never lose their connection to reality

Sleep well knowing you are secure, that all they systems around you never go down or that you have been compromised.

Re: Password security
 

I use this app on my phone to store all my passwords https://1password.com/features/

To open the vault I use the Apple fingerprint sensor thing, no long complicated password to get into it. Although it is written down somewhere just in case.