Community home

BandOfBrothers · ‎13-09-2015

Hi.

After reading the media piece titled "How to pick the perfect password" from BBC Tech News found here I thought I'd both share the link and bring this to the eForum members to digest.

Excerpt " On Tuesday, the UK government agency GCHQ published new password guidance designed to "improve security, while improving the usability of systems.

Its report challenged some common ideas about passwords and security. So how do you choose, and just as importantly remember, the perfect password? Many websites demand complex passwords with a mixture of upper and lower case letters, numbers and symbols.

The GCHQ report suggested complex passwords may actually be counterproductive, because people often write them down or reuse the same one on many websites."

My Thoughts :

This prompted me to think how often I personally change the Passwords I use and how often I change them. And if any were duplicated for others places.

One option I use is called 1Password "1Password creates strong, unique passwords for every site, remembers them all for you, and logs you in with a single tap."

Also my 'iCloud Keychain' comes into play to remember my Passwords for me making it easier to log into places.

Another Excerpt from the link says ""Passwords are rarely cracked by brute force. They are mostly captured through phishing and malware, and with those attacks it does not matter how long or complex your password is." which brings a little balance to the piece.

Like many others I also follow general advice not to perform actions such as Internet Banking / using PayPal on Public WiFi.

How do you choose to protect yourself.

Picture courtesy of the BBC Tech Page.

Current Phone >

Samsung Galaxy s²³ Ultra 512gb Phantom Black.

froggerty · ‎13-09-2015

Fortunateley my life is quite a bit simpler and have no particular need for these 'facilities'. What you going to do when you've filled your storage quota?, some may say it's unlimited but they are limited. Only takes a glitch on any of the systems and all your stuff may just dissapear into the ether.

Back to he subject, I don't think anyone can ever pick the perfect password, as I said before, there are those that sit and spend their entire time in attempting to access your stuff and if you keep the same passwords for long enough chances are that they will be hacked, that's why I change mine at least once a month.

jeffkinn · ‎13-09-2015

The possibility of one of the services going down is why I have everything stored in multiple locations. The chances of losing everything would require Microsoft and Google to suffer catalysmic events at the same time my house burns down.

What would you do if your home was destroyed and all of your stuff was lost, or burgled and everything swiped? (Sorry for the horrible examples). Unless you are storing data in a different location your protection is limited.

froggerty · ‎13-09-2015

Life is full of 'what if''s and if we let them pray on our minds we'd all be rather paranoid nervous wrecks. My house and contents are well insured, are your storage systems? Woah, woah and thrice woah!

jeffkinn · ‎13-09-2015

I suspect Microsoft and Google are better insured than either of us.

Getafix · ‎13-09-2015

Pick a memorable 5 or 6 character password which includes capitals and numbers.

Then add 2 or 3 characters relevant to the site you are using it on.

For financial or sensitive websites use a different password. Like above but in reverse.

The way you will have unique password for each website.

jeffkinn · ‎13-09-2015

But how do you remember dozens of them without writing them down which negates any security?

Lastpass creates 11 character or bigger passwords with a random jumble of numbers, letters and other characters.

This is an example of a password I've just generated for this posting

FY6TJ8JRX19m8

Getafix · ‎14-09-2015

What dozens?

Say the 7 character password is G3t4F1x.
Then on My Vodafone you can add MVF at the end.
Vodafone Forum VFF and so on.
This gives you a unique password for all your sites and easy to remember.

Hence you don't have to write it down and you are the only one who knows it.

Also if one of the websites is hacked and your password leaked, they will not be able to use it on another one.

jeffkinn · ‎14-09-2015

I said dozens because, as I said earlier, I have over 200 different websites and hence passwords stored in my Lastpass vault. I try and avoid simplistic variants of the same theme in favour of the random jumble of characters. That's far more secure.

froggerty · ‎14-09-2015

The evidence shows that people choose their passwords by association, something that is memorable to them that relates to them, this in itself has its own insecurity as others reading all about you and your daily life on social media, your interests and life in general, then already have a very good basis on which to have a guess at cracking your passwords, if someone should happen across your password to your password storage then you really could be in trouble, that's why a lot of sites that you use for a more financial sensitive nature usually have added security by means of a 'secret question' but even then it's not 100%.

jeffkinn · ‎14-09-2015

That's all true. The word password is still the most common password. That's why the one password I need to remember is a word that is not associated with anything about me. I'm Jewish and so it's a random Hebrew word with a few numbers on the end. The chances of anyone guessing it are infinitesimal. I suppose torture would get it out of me.