Forum adverts like this one are shown to any user who is not logged in. Join us by filling out a tiny 3 field form and you will get your own, free, dakka user account which gives a good range of benefits to you:
No adverts like this in the forums anymore.
Times and dates in your local timezone.
Full tracking of what you have read so you can skip to your first unread post, easily see what has changed since you last logged in, and easily see what is new at a glance.
Email notifications for threads you want to watch closely.
Being a part of the oldest wargaming community on the net.
If you are already a member then feel free to login now.
One seven three four six seven three two one four seven six Charlie three two seven eight nine seven seven seven six four three Tango seven three two Victor seven three one one seven eight eight eight seven three two four seven six seven eight nine seven six four three seven six lock.
Have you ever seen a security code more secure than this one? I sure have not.
This message was edited 1 time. Last update was at 2015/04/29 14:04:48
INSANE army lists still available!!!! Now being written in 8th edition format! I have Index Imperium 1, Index Imperium 2, Index Xenos 2, Codex Orks Codex Tyranids, Codex Blood Angels and Codex Space Marines!
PM me for an INSANE (100K+ points) if you desire.
There has been some lively discussions on "good" passwords.
What would help is if the majority differentiate on "case" sensitivity which most systems are not.
Phrases are becoming the best because it is the number of characters that decrease brute force attacks and dictionary / rainbow tables.
Like:
"Answer to life the universe and everything: 42" "I'm a lumberjack and I'm ok." "The quick brown fox says ding ding ding." "Site Dakka Dakka User Talizvar Game 40k"
There are many strategies to create a pass phrase that is huge but still easy to remember and enter.
Note: I use none of these types or strategies you crazy hackers you...
A revolution is an idea which has found its bayonets.
Napoleon Bonaparte
This particular password, brute forced, assuming you could input 10000 times (so, not by voice) a second, would still take 9.79978E+70 years to complete. This is assuming an alphanumeric (36 character) set. Given that it's mostly numbers and assuming you know that, you could weight it more heavily to try using permutations that are number heavy first.
LordofHats wrote: I use 16 digit hash codes. Type them in frequently enough and you just memorize them
For a while I used my Windows XP install key. 24 characters. When it came time to renew a password at work, I'd just swap one of the chunks around. The problem was that work didn't deserve me wracking my brain to remember which version of the key I was on. Not to mention requiring it every time I walked away from my desk for five minutes.
daedalus wrote: This particular password, brute forced, assuming you could input 10000 times (so, not by voice) a second, would still take 9.79978E+70 years to complete. This is assuming an alphanumeric (36 character) set. Given that it's mostly numbers and assuming you know that, you could weight it more heavily to try using permutations that are number heavy first.
LordofHats wrote: I use 16 digit hash codes. Type them in frequently enough and you just memorize them
For a while I used my Windows XP install key. 24 characters. When it came time to renew a password at work, I'd just swap one of the chunks around. The problem was that work didn't deserve me wracking my brain to remember which version of the key I was on. Not to mention requiring it every time I walked away from my desk for five minutes.
We ran into this exact problem in the lab. IT required MONTHLY password changes. So password1 became password11, password 111, so on and so forth. It's a locked lab in a locked building in which we were doing research for our dissertations so no big deal. Kind of a ridiculous level of security, made even more ridiculous by the fact that we had to write the damn password ON the console as there were 6 people who needed access to the computers.
Luckily .gov and .mil computers require a CAC (a personal card) for entry, so as long as you've got that thing around your neck, you're good to go. At the same time, you can't leave your desk without taking your card with you. Needless to say I argued against any kind of security clearance that would necessitate a CAC. feth all that noise...
This message was edited 1 time. Last update was at 2015/04/29 04:26:17
I use the same password for all my accounts, even my luggage. Pretty secure IMO
"Bryan always said that if the studio ever had to mix with the manufacturing and sales part of the business it would destroy the studio. And I have to say – he wasn’t wrong there! ... It’s become the promotions department of a toy company." -- Rick Priestly
the problem with passwords is that every site has a separate set of standards for what constitutes a valid password. Some are so limited its impossible to get a strong enough password (for example, a certain major bank through which I've taken a student loan limits its passwords to 8 alphanumeric characters - no special characters, not caps sensitive. How the havent been hacked daily for the past 2 decades is beyond me.
CoALabaer wrote: Wargamers hate two things: the state of the game and change.
Some websites are getting out of control with their password requirements now. Must contain at least one lower case, one uppercase, one numeric, no dictionary words...
Spawning things like this to be sadly not that much of an exaggeration.
"Bryan always said that if the studio ever had to mix with the manufacturing and sales part of the business it would destroy the studio. And I have to say – he wasn’t wrong there! ... It’s become the promotions department of a toy company." -- Rick Priestly
Aerethan wrote: Some websites are getting out of control with their password requirements now. Must contain at least one lower case, one uppercase, one numeric, no dictionary words...
Spawning things like this to be sadly not that much of an exaggeration.
Yeah, Wizards does that for their Magic passwords, and it's stupid. Create a password so complex you'll never remember it.
Password Must Contain:
Minimum of 7 characters
Maximum of 29 characters
Uppercase letter (1 or more)
Lowercase letter (1 or more)
Number (0–9)
Special character (e.g., !, $, *, etc.)
I just write them all down in a notebook and keep it in a drawer. If I ever forget, or the password is fresh, I have that off to the side to remind me. Hackers can't hack paper
This message was edited 1 time. Last update was at 2015/04/29 07:58:24
For myself, my important passwords I remember. I have about 4 that I use for email, paypal, bank etc that require good security and not ever being written down.
Then I have passwords for forums and random site registration, which is usually one of 2 or 3 options depending on the site requirements. Normally I have Chrome remember these logins and passwords. As sites started getting more uppity with their requirements, I started using a google drive spreadsheet to list sites and their logins because I'll be damned if I'm ever going to remember that some site required my standard password to have a capitol letter hiding in it which was one of the first "new" requirements sites started putting out. All but my lowest security password have numbers in them, but some in the beginning and others at the end and generally involving a combination of either the same letters or the same numbers as other passwords. Example: 12345kpsl, 12345twop, kpsl12345, twop12345. But then to add case sensitivity and requiring at least one capitol letter, it basically doubles the number of passwords I use for non security concern sites. Keeping track of them over the last 15 years of solid daily web use gets tricky, especially for sites that I only visit perhaps once a year when a login is required(my annual Newegg.com upgrade purchases for example).
I loathe having to come up with new secure passwords as it means definitively memorizing them and never writing them down. I don't know about you guys, but I don't have time to sit and memorize new alphanumeric strings all the time on top of everything else I need to keep in my brain.
The only time I've ever had a security issue was around 2009 or 2010 when my WoW account and the email it used(which was my primary email at the time and thus made the issue much more threatening than just some video game account) were hacked. I ran a full virus scan immediately with no results, and changed all my login info as well as ordered a Blizzard authenticator. While waiting for the authenticator to arrive, my email and account were hacked again, meaning I had spyware hiding somewhere on my PC. This time I had a friend I trusted change all of my passwords for me over the phone, so that my PC wasn't doing anything the hacker could see, and then formatted my HDD and reinstalled windows fresh. Haven't had a full on hack since, and to this day can't figure out where I got the spyware from.
"Bryan always said that if the studio ever had to mix with the manufacturing and sales part of the business it would destroy the studio. And I have to say – he wasn’t wrong there! ... It’s become the promotions department of a toy company." -- Rick Priestly
In this day and age many companies and sites get hacked so repeating passwords is silly since it is a simple matter of going out and seeing if you can log into a bank with the same password.
The most important password to keep unique and utterly safe is your main email account.
Once a hacker has that, they can hijack your email and blissfully reset all your accounts and change the passwords.
Your email is the single most scary thing to keep utterly safe or your life will get REALLY interesting.
A revolution is an idea which has found its bayonets.
Napoleon Bonaparte
I always use the same set of passwords on all sites. They are pretty secure though. My e-mail has an unique password that I never get right the first time. I always need to try 2 or 3 times before I get it correct
Aerethan wrote: Some websites are getting out of control with their password requirements now. Must contain at least one lower case, one uppercase, one numeric, no dictionary words...
Spawning things like this to be sadly not that much of an exaggeration.
No dictionary passwords? With mine I just take a regular word and swap out the characters. As in Shrek becomes sHr3K#! (though my real ones are obviously longer). It still keeps the password memorable, but maintains the security. I don't find any of those requirements ridiculous at all given how easy it is to brute force a regular word is even if you've decided to make the odd character upper case.
All that considered most people still use crappy passwords. In that case they really aught to use password management tools if its such a chore. Make them as complex as you can in that case and just let the software deal with remembering them. =P
Talizvar wrote: There has been some lively discussions on "good" passwords.
What would help is if the majority differentiate on "case" sensitivity which most systems are not.
Phrases are becoming the best because it is the number of characters that decrease brute force attacks and dictionary / rainbow tables.
Like:
"Answer to life the universe and everything: 42" "I'm a lumberjack and I'm ok." "The quick brown fox says ding ding ding." "Site Dakka Dakka User Talizvar Game 40k"
There are many strategies to create a pass phrase that is huge but still easy to remember and enter.
Note: I use none of these types or strategies you crazy hackers you...
This is the approach I use too, phrases are the way to go. It helps if I tie in the phrase into the site I'm using. For example my DakkaDakka password is
I use one password for all not-so-important-sites (Dakkadakka, Facebook, games, et cetera), then I have a longer one for a bit more secure websites like YouTube. My mail password is at least 20 characters long...
kronk wrote: I use your mom's measurements for all of my passwords.
HAHAHAHAHAHAHAHAHAHAHAHA!!!!!!!!
You made me laugh.
INSANE army lists still available!!!! Now being written in 8th edition format! I have Index Imperium 1, Index Imperium 2, Index Xenos 2, Codex Orks Codex Tyranids, Codex Blood Angels and Codex Space Marines!
PM me for an INSANE (100K+ points) if you desire.
daedalus wrote: This particular password, brute forced, assuming you could input 10000 times (so, not by voice) a second, would still take 9.79978E+70 years to complete. This is assuming an alphanumeric (36 character) set. Given that it's mostly numbers and assuming you know that, you could weight it more heavily to try using permutations that are number heavy first.
That would actually be 62, assuming your passwords are case sensitive. Which they should be.
That's a fair point that I didn't make a caveat for, but since they're offering it as a voice command with letters in NATO Phonetic, I can only assume that there is no case sensitivity involved.
daedalus wrote: That's a fair point that I didn't make a caveat for, but since they're offering it as a voice command with letters in NATO Phonetic, I can only assume that there is no case sensitivity involved.
"Mr. President, is that a capital Charlie or a lowercase one? The fate of the nation is in the balance. Sir?"
I always feel like an ass when customer service reads back letters to me using NATO Phonetic, but I botched it and couldn't remember what M was so I said mammary...
"Bryan always said that if the studio ever had to mix with the manufacturing and sales part of the business it would destroy the studio. And I have to say – he wasn’t wrong there! ... It’s become the promotions department of a toy company." -- Rick Priestly
~2800 points 
