Thoughts on passwords?
Global Justice Alliance

Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Thoughts on passwords?

  1. #1

    Thoughts on passwords?

    I read a recent article about the escalating number of computer passwords people have to remember, sometimes having to think of a new one every 30 days or something, and it reminded me of my own password habits and how they're less than optimal.

    My passwords are often not as strong and as they could be because I have to be able to memorize them, since I don't write them down anywhere.

    I've always avoided password managers because I'm worried that if my master psd is compromised, then I lose everything.

    I also read a different article where a "security guru" suggested actually writing down strong passwords, because the risk of losing a piece of paper stuck in your wallet, for example, is actually much less than the risk of someone hacking a weaker password.

    I guess what I'm pondering this morning is, (1) is it more secure to use a password manager with a strong master password to keep track of many other strong passwords? or is the 2nd option better, where (2) the risk of losing a written list of your passwords is actually less than the risk of weaker passwords being hacked?

    Or is it safer to have several "weaker" passwords with no record of them except in my head, but use the same password for more than one account?

    Anyone else here have any comments, thoughts, opinions?
    Why is everyone who drives slower than me an idiot, and everyone who drives faster a maniac?

  2. #2
    Registered User Full Member san's Avatar
    Join Date
    Aug 2007
    Location
    Confoederatio Helvetica
    Posts
    64
    Quote Originally Posted by canuck31003
    My passwords are often not as strong and as they could be because I have to be able to memorize them, since I don't write them down anywhere.
    maybe about that you should try a diffrent way how to memorize the passwords. instead of memorize the single letter, use a quote which you can remember and build your password from it. for example by using the first latter of each word and replacing some letters by numbers or symbols which may look like the substituted letters. (replace s by $ for example and so on) and then maybe you can capitalize the nouns or whatever to get some capital letters.
    perhaps i should begin doing that too.

    Quote Originally Posted by canuck31003
    (1) is it more secure to use a password manager with a strong master password to keep track of many other strong passwords?
    the main concern about those which i have is: how transportable is it (if necessary)? i mean can you use them on any computer? especially on public ones which may have restrictions that you can't even run those managers. and therefore you can't get your passwords. if it's working who tells you that on those aren't any loggers installed which log everything what you do incl. the passwords.
    i'd so there's no use for those if you aren't sure about your environment where you are using those.

    Quote Originally Posted by canuck31003
    (2) the risk of losing a written list of your passwords is actually less than the risk of weaker passwords being hacked?
    well if you don't lose the list, but can't remember where you leave it. nothing helps you then. writing down passwords is the biggest security hole anyway. if it's not losing then maybe stealing.

    Quote Originally Posted by canuck31003
    Or is it safer to have several "weaker" passwords with no record of them except in my head, but use the same password for more than one account?
    well perhaps now you can improve the weaker ones with stronger ones with the method mentioned above.
    same password everywhere isn't the best thing too, but i'd say on simliar things using the same password is OK. with everthings on the net available you would need hundreds of passwords. just diffrent ones on the more sensitive stuff, where it would really hurt if someone hacks them.

  3. #3
    Administrator Honored Elder jeriddian's Avatar
    Join Date
    Jun 2006
    Location
    Midland, Texas
    Posts
    8,054
    Fortunately, I have a fairly good system. I have been an avid AD&D player in a single game for 28 years now. The same group of guys have been playing it with the same DM all of this time, so everything about that world is ingrained in our minds like real life. It's very easy to draw references from that which I can always remember, like characters' names (thus my name :jeriddian). The passwords are always related very easily to those character names, and all but unbreakable if you are not part of the game I play. And I trust those guys not to steal them.......well, except the dwarven thief guy, I don't know about him. He steals everything, it seems.........:P (j/k)
    "Say the Word"

  4. #4
    Ah... AD&D, that brings back memories. During high school my friends and I were avid players.

    I have been an avid AD&D player in a single game for 28 years now.
    Now that's dedication.

    That using phrases is to generate passwords is a good idea. I'll have to try it.
    Why is everyone who drives slower than me an idiot, and everyone who drives faster a maniac?

  5. #5
    Registered User Exalted Member lunchmeat's Avatar
    Join Date
    Apr 2005
    Location
    The Tick Capitol Of The Known Universe
    Posts
    4,025
    Quote Originally Posted by jeriddian View Post
    Fortunately, I have a fairly good system. I have been an avid AD&D player in a single game for 28 years now. The same group of guys have been playing it with the same DM all of this time, so everything about that world is ingrained in our minds like real life. It's very easy to draw references from that which I can always remember, like characters' names (thus my name :jeriddian). The passwords are always related very easily to those character names, and all but unbreakable if you are not part of the game I play. And I trust those guys not to steal them.......well, except the dwarven thief guy, I don't know about him. He steals everything, it seems.........:P (j/k)
    And here I had been speculating that it had something to do with the Jeri-Dan towtruck company
    Admiral Isoroku Yamamoto - “You cannot invade the mainland United States. There would be a rifle behind each blade of grass.”

  6. #6
    Administrator Honored Elder jeriddian's Avatar
    Join Date
    Jun 2006
    Location
    Midland, Texas
    Posts
    8,054
    Quote Originally Posted by canuck31003 View Post
    Ah... AD&D, that brings back memories. During high school my friends and I were avid players.

    I have been an avid AD&D player in a single game for 28 years now.
    Now that's dedication.
    Truthfully, you have no idea how dedicated......You would not believe the scope of this game.....IMHO, the greatest on the planet........seriously.

    Quote Originally Posted by lunchmeat View Post
    Quote Originally Posted by jeriddian View Post
    Fortunately, I have a fairly good system. I have been an avid AD&D player in a single game for 28 years now. The same group of guys have been playing it with the same DM all of this time, so everything about that world is ingrained in our minds like real life. It's very easy to draw references from that which I can always remember, like characters' names (thus my name :jeriddian). The passwords are always related very easily to those character names, and all but unbreakable if you are not part of the game I play. And I trust those guys not to steal them.......well, except the dwarven thief guy, I don't know about him. He steals everything, it seems.........:P (j/k)
    And here I had been speculating that it had something to do with the Jeri-Dan towtruck company
    I've seen those tow trucks around. But no, they weren't the basis of the name.:P
    "Say the Word"

  7. #7
    Most of my passwords are the same or slight variations of the same. In cases where a hacked account would really hurt (like Gmail or MySpace), I come up with a completely different password. In cases where I won't really care about a hacked account, I just pick something really, really simple.

  8. #8
    Registered User Elite Member Cloud23465's Avatar
    Join Date
    Feb 2007
    Location
    Chesapeake,Va
    Posts
    1,437
    I have a standard password that I use for most fourms and websites and other non important things... but anything that is tied to money... the passwords get different and unique.

  9. #9
    Registered User Exalted Member kyojikasshu's Avatar
    Join Date
    Dec 2005
    Location
    Metro Detroit
    Posts
    2,499
    My favorite password to use is brilliant in its simplicity. It's unique to me because it comes from a project I worked on, offline, back in the 1990s, and nothing regarding that project has ever seen the light of day; never published, shared, or disseminated in any way, shape, or form.

    I only use that one password for personal accounts, usually for message boards. For any account that actually involves monetary transfers, for example, I have a different series of passwords; for work, another entirely different series.

    And then there are times where I use a different password for the heck of it.

  10. #10
    Well, speak of the....

    I came in to work this morning and find this in my inbox:

    October is National Cyber Security Month and to celebrate, we’re launching... Tip of the Month series.

    Today we introduce the concept of using a pass phrase instead of a password. Why?...because Pass Phrases are MORE SECURE and EASIER TO REMEMBER! Did you know that some agencies have already switched to pass phrases and that the Federal government may soon require all agencies to use them? Why not create yours now?

    What’s the difference? When you think of a password, people generally think of a word like “Password” or a string of random symbols, such as “R*n]2eB%d” or a combination of the two such as “P@s$w0rd”. Pass phrases typically have spaces between words and are longer than the majority of words.

    Examples of pass phrases:
    My lizard eats 6 crickets daily!
    Mix peanuts & oil 2 make peanut butter
    shopping @ Macys 4 new furniture
    2 much talking = big cell phone bills

    Why is a pass phrase better? From the standpoint of password guessing or cracking, a 5- or 6-word pass phrase is roughly as strong as a completely random 9 character password. Most people can remember a 6-word pass phrase much easier than a totally random 9-character password.

    How can you make a real secure pass phrase? Be creative. Make it personal to you--even funny.

    Select a phrase that is more than 4 words—preferable 6

    Stay away from common phrases or quotes

    Mix short and long words and remember that sentences need not be intelligible

    Character substitutions and/or misspelling strengthen the pass phrase

    Mix languages

    Exclude some of the spaces between words.
    Truthfully, you have no idea how dedicated......You would not believe the scope of this game.....IMHO, the greatest on the planet........seriously.
    Do you have one DM, or do you switch with different campaigns?
    Why is everyone who drives slower than me an idiot, and everyone who drives faster a maniac?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •