mudcat.org: BS: Those Problematic Passwords
Lyrics & Knowledge Personal Pages Record Shop Auction Links Radio & Media Kids Membership Help
The Mudcat Cafeawe

Post to this Thread - Sort Descending - Printer Friendly - Home


BS: Those Problematic Passwords

CupOfTea 15 Apr 16 - 12:00 PM
Nick 15 Apr 16 - 12:32 PM
Steve Shaw 15 Apr 16 - 01:12 PM
Ebbie 15 Apr 16 - 01:14 PM
Will Fly 15 Apr 16 - 01:28 PM
Bainbo 15 Apr 16 - 04:09 PM
Rapparee 15 Apr 16 - 09:19 PM
Sandra in Sydney 15 Apr 16 - 10:22 PM
Sandra in Sydney 15 Apr 16 - 10:23 PM
DaveRo 16 Apr 16 - 03:18 AM
BobL 16 Apr 16 - 03:42 AM
Stilly River Sage 16 Apr 16 - 09:39 AM
Sandra in Sydney 16 Apr 16 - 10:33 AM
DMcG 16 Apr 16 - 10:39 AM
Black belt caterpillar wrestler 16 Apr 16 - 11:48 AM
Kampervan 16 Apr 16 - 12:16 PM
MGM·Lion 16 Apr 16 - 02:59 PM
leeneia 16 Apr 16 - 04:01 PM
mg 16 Apr 16 - 05:20 PM
Gurney 16 Apr 16 - 07:25 PM
Bill D 16 Apr 16 - 10:11 PM
CupOfTea 16 Apr 16 - 10:42 PM
Mr Red 17 Apr 16 - 02:43 AM
DMcG 17 Apr 16 - 05:33 AM
Mark Clark 17 Apr 16 - 01:41 PM
DMcG 17 Apr 16 - 03:42 PM
Rapparee 18 Apr 16 - 07:44 AM
Vashta Nerada 18 Apr 16 - 08:49 AM
Senoufou 18 Apr 16 - 12:08 PM
DMcG 18 Apr 16 - 12:55 PM
DMcG 18 Apr 16 - 01:10 PM
DMcG 18 Apr 16 - 01:25 PM
DaveRo 18 Apr 16 - 01:55 PM
Penny S. 18 Apr 16 - 05:02 PM
leeneia 18 Apr 16 - 07:42 PM
Mr Red 19 Apr 16 - 03:24 AM
Mr Red 19 Apr 16 - 03:25 AM
Rapparee 19 Apr 16 - 08:40 AM
PHJim 19 Apr 16 - 11:18 AM
DMcG 19 Apr 16 - 01:17 PM
Rapparee 19 Apr 16 - 06:29 PM
BobL 20 Apr 16 - 03:36 AM
Lyrics & Knowledge Search [Advanced]
DT  Forum
Sort (Forum) by:relevance date
DT Lyrics:






Subject: BS: Those Problematic Passwords
From: CupOfTea
Date: 15 Apr 16 - 12:00 PM

I just spent the last hour trying to establish, or possibly re-establish, membership on another forum and encountered roadblocks with retrieving a forgotten password for a name I'm not sure I was using. With each forum, bank account, credit card, utility payment, tax account, webpages, emails, wifi, etc,etc, and on and on, you may have a different name and password. One work account expects me to change a complex one about every 3 weeks!

How on earth do folks keep track of all of these? I'm starting to have them listed as I create them now, but where to keep it safe, yet easily accessible? Do you have a system to organize and record them? Have name and passwords in different places? I would dearly know how folks manage it without going bonkers. I also realize that since anonymous posts are no longer possible in the BS section, people might not want to get REAL specific in their replies, but I don't think I can be the only one wrassling with password frustration.

Joanne in Cleveland
(whose Mudcat password is the one leftover from the days before you had to change it all the time)


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Nick
Date: 15 Apr 16 - 12:32 PM

We use this at work KeePass

You need to be comfortable that it is safe for you. It works well though and I have had no problems or concerns


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Steve Shaw
Date: 15 Apr 16 - 01:12 PM

I have an app on my iPhone/iPad called OneSafe into which you can put all your passwords and which you access by means of just one strong password of your choosing. I haven't got round to putting in my passwords yet, as I can't remember a lot of 'em....


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Ebbie
Date: 15 Apr 16 - 01:14 PM

I don't like writing by hand so my method is to type the site and its password in a list on the computer, print it off, and then close it without saving it. I make changes by hand on the existing list by date until it gets unwieldy whereupon I repeat the process. The list is kept in my desk drawer where I can refer to it as needed. This seems to me to be about the best method.

All of this is at home, not at the office.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Will Fly
Date: 15 Apr 16 - 01:28 PM

You could try this:

Create a simple text file of all your passwords and the files or folders or things they open.

Download this software:

Meo

Encrypt the password file with Meo - using just one password to encrypt and decrypt the passsword file.

Destroy the text file.

When you need a password, decrypt the meo file, use the relevant password, and then destroy the decrypted text file again.

I've just tested it - it works.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Bainbo
Date: 15 Apr 16 - 04:09 PM

I choose phrases based on "text speak" and initials of songs or phrases that I can remember, using upper case, lower case, and numerals. For instance, if I was a Johnny Cash fan, I might use the opening line of San Quentin, San Quentin I hate every inch of you, and render it as "SQi8eiou", producing a seemingly random stream of characters as my password.

On my list of passwords, I could then write it as Mudcat – Cash to remind me what I'd used for this site, without writing the actual password.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Rapparee
Date: 15 Apr 16 - 09:19 PM

Good job, Bainbo! As a former system administrator I applaud you! The only change you might make is using a "special character" (if the site accepts them, and most do) or using "LEET" character transforms. Your password "SQi8eiou" could become "5Q!8e1Ou" (that a capital "O", not a zero. Just be sure to be consistent in your usage.

LEET (from Elite): 4 or @=A, 8 or 6=B, 3=E, 5 or $=S, 7=T, 1 or !=I, 9-G, \/=V, |<=K, and you can think of others. Of course, the numbers also stand for lower case and some, like 6=B, are based on a fanciful resemblance of the lower case letter to the number (b=6).

I know some folks who put their password in Roman numerals: 1776 becomes MDCCLXXVI, in upper or lower case or both.

Just be consistent. This way you CAN reuse passwords for different sites and still remember them AND they will be reasonably secure.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Sandra in Sydney
Date: 15 Apr 16 - 10:22 PM

Like BinboI have a written list with cryptic notes

trouble is, one was so cryptic I wasn't sure what it referred to, but after a fair bit of head-scratching my guess was right when I entered it!

sandra (breathing again)


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Sandra in Sydney
Date: 15 Apr 16 - 10:23 PM

oops, I didn't preview


Like Bainbo I have a written list with cryptic notes

sandra (with apologies to Bainbo)


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: DaveRo
Date: 16 Apr 16 - 03:18 AM

Will Fly wrote: Create a simple text file of all your passwords and the files or folders or things ...
I do something similar - put I use pgp-based programs rather that Meo.

I would be wary of using a proprietary program like Meo. Before selecting that I would want to be sure that I could recover my file if my computer blew up and that company had disappeared. For example I might keep a copy of the Meo installer on CD and periodically test whether I could install Meo and decrypt the backup on a friend's machine.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: BobL
Date: 16 Apr 16 - 03:42 AM

My technique at work, where we had to change passwords every couple of months, was to keep the same keyboard fingering patterns - one each for RH and LH - and just change the starting points which got written in my logbook. For example QP = qwepoi, ZL = zxclkj, A0 = asd098.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Stilly River Sage
Date: 16 Apr 16 - 09:39 AM

Pass phrases are considered a good option now, whether or not they are distilled down into the compact form Rap mentioned. With special characters like he describes.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Sandra in Sydney
Date: 16 Apr 16 - 10:33 AM

some systems demand non-letters, so substituting 1 for i or 5 for s works

sandra


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: DMcG
Date: 16 Apr 16 - 10:39 AM

I've used acronyms from songs about.ovwr the years and have found them very reliable
Unlike some of "password reminder" questions. Recently my wife was asked a question where she had supplied thw answer about four years ago: where was the first place you flew to? Sort of easy enough.but was it Washington or Washington DC or Washington, DC? Or even America?


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Black belt caterpillar wrestler
Date: 16 Apr 16 - 11:48 AM

I knew someone who used two words from a poem concatenated together. All he had to do was note down a word count number for how far through the poem he had got when changing to a new password. He did not tell anyone which poem he had in mind.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Kampervan
Date: 16 Apr 16 - 12:16 PM

I'm not telling you what I do, because I want to keep it secret.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: MGM·Lion
Date: 16 Apr 16 - 02:59 PM

I'll gladly tell you what I use. It's my old army number from National Service in the 1950s.
So now you know that, hack in to your ❤s' content...

≈M≈


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: leeneia
Date: 16 Apr 16 - 04:01 PM

I use a phrase I will remember, but add a special character, a capital letter in an odd place, or numbers that I will also remember

suggestions:

names of plays or books you like
old addresses of you or family
names of fictional characters
names of towns
names of grade school teachers

Then make a document which provides hints only you will understand.

Yes, the experts say a good password is something like
"8r0@m*(5MVE!" , but the trouble with that is that you have to write it down, and then an enemy might find it.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: mg
Date: 16 Apr 16 - 05:20 PM

I got so sick of it at work that I took a fat magic marker and wrote down the passwords on my desk....some of the more sensitive ones are in code that a thief would not ever figure out with spaces missing etc...it sort of works but I can't find anything that removes all the magic marker...


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Gurney
Date: 16 Apr 16 - 07:25 PM

Like MGM-Lion, I use numbers from my army number, which you quote often enough when young so that it is embedded forever. So far.

I also remember two of my Dad's motorbike registration/licence numbers from 70 years ago and my Mum's and Gran's Co-Op numbers (Poms will know) but I can't remember any numbers specifically mine. My bank suggests your Mum's maiden name.

One advantage is that, so far, I can leave notices to myself such as 'Ebay = Mum's Co-Op' that are reasonably impenetrable.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Bill D
Date: 16 Apr 16 - 10:11 PM

Look at this.... which most sites would consider a faitly good password....3edcvbgt54rf

Now, trace it out on your keyboard (no, that's not mine) There are many, many patterns like this, easy to remember, but starting in different places and using more or fewer characters.

Then, if that's not secure enough for you, you can use this (in Windows-I have no idea if it can be done on a MAC) Rototexter and do a 2 step confusilation doing first an ROT-13, then a ROT-47 on your already strange combination. Or, *shrug*...just ROT-47 some word or phrase...qF8D3F??J62ED42CC@ED... when UN-Rot-47 is bugsbunnyeatscarrots.

The idea is to use a combination of characters that is easy for YOU to unscramble, but which makes no sense to anyone else, using some easy to apply pattern.

Being a woodworker, I have for 15 years used a very odd combination of botanical terms, mixed with a couple of relevant (to me) numbers.

Get creative! and... I have NO idea how these tricks work for anyone who has to enter passwords on a smart phone!


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: CupOfTea
Date: 16 Apr 16 - 10:42 PM

This is a much more interesting subject than I'd anticipated, with plenty of practical solutions, for which I am thankful, very. Now I must confess that my solution to the problem that sparked the flame of long frustration was in my spam box. Three times. So now I have both that password problem resolved with a side order of humble pie, and a head start at developing my own system for generating passwords.

Many thanks to all of you who think in an orderly way about obscuritianism.

Joanne in Cleveland who has 16 or so passwords to get organized


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Mr Red
Date: 17 Apr 16 - 02:43 AM

I use FireFox Portable and have, as my homepage, an HTML page on the same memory stick.
The page has all the data I need with passwords suitably disguised. And more importantly hyperlinks to the correct page to log in.

but I do edit in HTML & with Dreamweaver as soon as I use a new password.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: DMcG
Date: 17 Apr 16 - 05:33 AM

I should say that when I use an acronym from a song, I usually pick a song relevant to the site where possible. So, for example, for Apple it might be an apple tree wassail (it isn't), for Netflix a fishing song, and so forth. I find that the best way of avoiding having the same password for everything. I do also use various special character tricks of the kind mentioned above.


Some years back I mentioned a password I had about forty years ago : hzhzzzhzhzhzna. Even knowing it is a song acronym it might take a few moments to work out.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Mark Clark
Date: 17 Apr 16 - 01:41 PM

I use (and recommend) a software product called mSecure which is available For Apple (iOS & OS X), Windows, and Android devices. It will generate very secure passwords for you and keep them very safely encrypted. mSecure also includes its own secure browser so you can just click on a stored account and be logged in. Of course you can click to copy your password and paste it into any other app as well. mSecure offers syncing across devices using Dropbox so your passwords are always available to you and the encryption used to store your passwords is very, very secure.

Sure, it's an extra step, but you have total security without the need to remember complex passwords. Of course you should never, ever write them down.

      - Mark


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: DMcG
Date: 17 Apr 16 - 03:42 PM

of course you should never, even write [passwords] down


While I don't, and some passwords, such as for your banking, certainly not, but as a general rule I am not really so convinced.

Last year I was broken into and several thousand pounds worth of camera equipment was stolen. It was insured, so it was a significant inconvenience, but no more. Now, if there had been a sheet of paper next to the computer would they have stolen it? Probably not: there were other papers and they were left. If they had, just how much of a problem would if be if they accessed my Netflix, or Amazon, or Apple, accounts? Not much, I should think. If they impersonated me on mudcat or Facebook, again a pain, but fairly easy to address.

So I think there are three levels: bank accounts etc, certainly worry about. Sites that hold credit card details rather less: you can stop the cards easily. Most other accounts, do you really care that much? Especially if your list of passwords doesn't say what they are each for.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Rapparee
Date: 18 Apr 16 - 07:44 AM

However, a "brute force" password cracking program can force any of these passwords. It just takes time for it to run through all of the possible combinations. And time is the cracker's enemy.

mg, a product called "Goof Off" will almost certainly wipe out those marker marks.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Vashta Nerada
Date: 18 Apr 16 - 08:49 AM

Written down, but not kept near the computer. And jumbles of letters and symbols that make sense to me.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Senoufou
Date: 18 Apr 16 - 12:08 PM

DMcG, I think your song acronym may be from Jesus Christ Superstar.

I'm afraid I write all my passwords down in a little book. There's no way on this earth I'd be able to remember them, my head is like a sieve. If what my old neighbour used to call a 'burgular' broke in and nicked it, I realise I'd be right in the soup. At least they're all different. I was daft enough when I first started out online to have the same rather nice little short password for everything, until a friend told me I was a prat!


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: DMcG
Date: 18 Apr 16 - 12:55 PM

Yes,indeed it is from Superstar. I didn't really set it as a challenge; more to illustrate that even with quite a lot of information and a very well known song it can still be quite difficult to spot. As we all know from those quizzes that used to go round of the form "88 K on a GP".

And if you use the third line of the sixth verse of a specific version of some ballad...


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: DMcG
Date: 18 Apr 16 - 01:10 PM

I should have added that the other passwords you you never ever right down are those you use for password recovery, because potentially they could be used to get many of your financially sensitive passwords.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: DMcG
Date: 18 Apr 16 - 01:25 PM

Brute force password attacks can still be a problem, but very rarely these days because most systems lock the account either permanently or for a period. Apple, for example, locks the account for 8 hours after about four incorrect attempts. Applied properly, that makes brute force attacks require many years to work through the combinations if the password is more than a few letters long. Of course,if the account doesn't lock out that is another matter.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: DaveRo
Date: 18 Apr 16 - 01:55 PM

Brute force attacks are often used against stolen (hashed) passwords rather than against online sites. So make them long and complex, and above all don't use the same password forseveral accounts.

Bruce Schneier writes on these matters:
Choosing_a_Secure_Password

Better a strong password written down than a weak one remembered IMO - at least for important sites.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Penny S.
Date: 18 Apr 16 - 05:02 PM

I had a very nasty experience with a non-written down password which I forgot while on holiday.
In theory, it should have been recoverable. Two words, which I remembered, on the memory palace principle, but separated by a number, generated from two other numbers, picked from a set of a few easily memorable numbers which I could remember. What I could not remember was exactly which two, and what mathematical process I had applied to them.
I spent the evening with a calculator trying to get into my computer and failing again and again.
So I took it to the local computer shop who did work for us at school back in the day. He has a number of programs which he has used to get into people's computers. I told him the words and the numbers, and a week later he had totally failed to get in.
Fortunately, before going away, I had copied all the files off the thing so it was empty of data, so completely restoring it to factory setting and rebuilding all the software wasn't too much of a problem.
I was quite pleased at having an unbreakable password.

When he and I had done this, guess what? The number presented itself to my mind. I had always felt it wasn't the best number because the maths had produced a number in which two digit patterns were repeated to make the four.
I now have a little list.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: leeneia
Date: 18 Apr 16 - 07:42 PM

Oh gosh, Penny. That sounds awful!

I think it's only rational to write an important password down somewhere safe, perhaps on a paper in your safe-deposit box. Or use a code.

For example, think of a word or phrase with ten letters (no repeats) and write down the letters that correspond to the numbers in your password.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Mr Red
Date: 19 Apr 16 - 03:24 AM

in the days of PINs and wrist watches (or telephone books) I used the name McReady (as in ready cash) with what would look like a telephone number. I would be more concerned about contactless credit cards.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Mr Red
Date: 19 Apr 16 - 03:25 AM

in the days of PINs and wrist watches (or telephone books) I used the name McReady (as in ready cash) with what would look like a telephone number. I would be more concerned about contactless credit cards.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Rapparee
Date: 19 Apr 16 - 08:40 AM

"Hi, this is YourISP's tech services department. I'm Sheila. Your account has been hacked and we need to reset it, and for that we need your login and password."

"What are you doing going through my trash?"

The first is called "Social Engineering" and the other "Dumpster Diving." Both, all too often, still work. And both can take many forms.

1. Shred anything that might have your login and password on it.

2. Man or woman, ask them for a number on which to call them back. Then call your ISP and ask about the truth of the matter before returning the call.

3. If you get a call from "Windows" that you're computer is causing Internet problems, don't fall for it. Or tell them that you're running Linux or Apple OS or don't HAVE a computer (the last REALLY throws them!).

4. Your bank, the IRS, your ISP, the FBI, MI5, the Mossad, etc. aren't going to call you for your information. If they don't have it they can get it easily enough than tipping you off by a phone call.

5. If it sounds too good to be true it probably is.

6. When in doubt, don't.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: PHJim
Date: 19 Apr 16 - 11:18 AM

Creating A Password

cabbage


*Sorry, the password must be more than eight characters.


boiled cabbage


*Sorry, the password must contain one numerical number.


1 boiled cabbage


*Sorry, the password cannot have any blank spaces.

50fuckingboiledcabbages


*Sorry, The password must contain at least one upper case character.


50FUCKINGboiledcabbages


*Sorry, the password cannot use more than one upper case character consecutively.

50FuckingBoiledCabbagesShovedUpYourArseIfYouDon'tGiveMeAccessImmediately


*Sorry, the password cannot contain any punctuation.

NowImGettingReallyPissedOff50FuckingBoiledCabbagesShovedUpYourArseIfYouDontGiveMeAccessImmediately


*Sorry, that password is already in use.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: DMcG
Date: 19 Apr 16 - 01:17 PM

On dialling back: don't forget there is a scam base on the way a telephone line disconnects that means it is not sufficient for YOU to put the phone down if they rang you, THEY need to do so. So don't call back immediately. Instead call something or someone else first to make sure you are really disconnected from them. Secondly, don't call a number they give you - how do you that is genuine? If it is your isp for example, look up their number yourself.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: Rapparee
Date: 19 Apr 16 - 06:29 PM

That's why you call your ISP if there is ANY doubt in your mind.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: BS: Those Problematic Passwords
From: BobL
Date: 20 Apr 16 - 03:36 AM

Them: "Good morning, I'm calling about your computer" (or whatever).
Me: "Good morning, you are speaking to a computer professional. Do you wish to continue?"
Click.


Post - Top - Home - Printer Friendly - Translate
 


You must be a member to post in non-music threads. Join here.


You must be a member to post in non-music threads. Join here.



Mudcat time: 15 August 2:36 AM EDT

[ Home ]

All original material is copyright © 1998 by the Mudcat Café Music Foundation, Inc. All photos, music, images, etc. are copyright © by their rightful owners. Every effort is taken to attribute appropriate copyright to images, content, music, etc. We are not a copyright resource.