Password protection...




 
--
 
December 21st, 2011  
MontyB
 
 

Topic: Password protection...


What do you guys do to secure your passwords?

Up until recently I have used the same password for everything but in recent months I have been upgrading and changing passwords currently I am using a mix of letters and numbers, capitals and lower case and at least 11 characters long and I am now storing them in a journal rather than online.

Does anyone do anything different?
Anyone using password generators or the password storage and encryption software that is available these days?

(It just seems weird to me be store passwords online and think they are safe).
December 21st, 2011  
senojekips
 
 
I used to have a complicated but easily remembered system for remembering my passwords but it eventually ran out of viable choices so now my passwords are generated by Strong Password Generator http://strongpasswordgenerator.com/ and stored in a small ETronics Netbook (A$268) They are usually 15 characters or more, depending on the security level, or the requirements of some sites. e.g. I only use a smaller password for this site.

I originally bought my Netbook to use as my Music server and because I had no need for it to go online I removed the WiFi software, and now also use it to store my Passwords in a secure folder using FolderLock.

I also have a backup of the passwords on a printed sheet stored in my fireproof safe http://forum.jamestownevents.com/ind...pic,112.0.html (second to last post on the page) where I also keep my 1TB backup drive,... and Yes, I have a backup of my Folderlock Locker on that too.

Paranoid.... me?... Nahhh, I had'm out with me tonsils as a little tacker.
December 21st, 2011  
MontyB
 
 
Quote:
Originally Posted by senojekips
I used to have a complicated but easily remembered system for remembering my passwords but it eventually ran out of viable choices so now my passwords are generated by Strong Password Generator http://strongpasswordgenerator.com/ and stored in a small ETronics Netbook (A$268) They are usually 15 characters or more, depending on the security level, or the requirements of some sites. e.g. I only use a smaller password for this site.

I originally bought my Netbook to use as my Music server and because I had no need for it to go online I removed the WiFi software, and now also use it to store my Passwords in a secure folder using FolderLock.

I also have a backup of the passwords on a printed sheet stored in my fireproof safe http://forum.jamestownevents.com/ind...pic,112.0.html (second to last post on the page) where I also keep my 1TB backup drive,... and Yes, I have a backup of my Folderlock Locker on that too.

Paranoid.... me?... Nahhh, I had'm out with me tonsils as a little tacker.
Hehe I just tried that "Strong Password Generator" and it gave me this "H6V/"|M>}NB's,$" and happily told me to remember it like this "HOTEL 6 VICTOR / " | MIKE > } NOVEMBER BRAVO ' sierra , $" now I don't know about you but I have enough trouble remembering my name at 2am I am damn sure I will never remember that 10 minutes after I use it.

The question I have about storing passwords in locked folders or online is that anyone that has the ability to access your computer more than likely has the ability to access that folder as well so I have trouble in accepting they are secure beyond the first intrusion.

At this point all I have been doing is writing them down in a notebook and storing that notebook in my ammunition safe which is within arms reach of the computer desk.

But I have looked at my password list and they are all between 9 and 14 characters long with most of them being around 11 characters, I will probably try and increase them to 15-16 (16 seems to be the common maximum on most applications) and incorporate a few other character types.
--
December 21st, 2011  
senojekips
 
 
Quote:
Originally Posted by MontyB
Hehe I just tried that "Strong Password Generator" and it gave me this "H6V/"|M>}NB's,$" and happily told me to remember it like this "HOTEL 6 VICTOR / " | MIKE > } NOVEMBER BRAVO ' sierra , $" now I don't know about you but I have enough trouble remembering my name at 2am I am damn sure I will never remember that 10 minutes after I use it.

The question I have about storing passwords in locked folders or online is that anyone that has the ability to access your computer more than likely has the ability to access that folder as well so I have trouble in accepting they are secure beyond the first intrusion.

At this point all I have been doing is writing them down in a notebook and storing that notebook in my ammunition safe which is within arms reach of the computer desk.

But I have looked at my password list and they are all between 9 and 14 characters long with most of them being around 11 characters, I will probably try and increase them to 15-16 (16 seems to be the common maximum on most applications) and incorporate a few other character types.
Like yourself I have great difficulty remembering multiple passwords longer than about 7 characters, and can't see the sense in short ones. If I could remember the suggestion you were given, I'd certainly have no difficulty in remembering my passwords.

The alternative especially for frequently used passwords, is to put them in an unencrypted file on a memory stick with no indication as to what they are. This is OK for me as I only have about 6 passwords, the length of which tells me their security level. If you are really paranoid add a given number of symbols at a known location within every password, e.g. three dummy characters at positions 3,4 and 5 within the password, I couldn't imagine any person who found them bothering to try all the possible combinations. The memory stick is inserted while I copy a password and then removed and placed in the top drawer of the safe which is usually open while I'm about.

I change things like bank or Paypal access details, about every three to four months, some online sites like this one have never been changed.

Yeah, it's always been a bit of a "pet worry" of mine.

I know that the bloke who owns another site that I frequent uses the VIN of his BMW as his master password. He says if it's stolen he can always get his password from the insurance company, and I also have a copy of it. No, unfortunately not the Beemer,...
December 21st, 2011  
Big_Z
 
 
I used to have an app for the Iphone that I would store my passwords on. I can't remember the name of the app but it had a 4 digit pin to get into the app and if the password was put in wrong 3 times it completely wiped all the info. This worked great for me because I had a million passwords I had to remember for work on numerous computers. The one thing I would always have on me was my cell.

You dont have to worry about somebody hacking your cell phone and if it gets lost and somebody tries to access the program it wipes everything after 3 failed login attempts. I no longer have the the phone but im sure if you looked up "password" in the app store you would find it.
December 21st, 2011  
BritinAfrica
 
 
Quote:
Originally Posted by senojekips
Like yourself I have great difficulty remembering multiple passwords longer than about 7 characters, and can't see the sense in short ones. If I could remember the suggestion you were given, I'd certainly have no difficulty in remembering my passwords.

The alternative especially for frequently used passwords, is to put them in an unencrypted file on a memory stick with no indication as to what they are. This is OK for me as I only have about 6 passwords, the length of which tells me their security level. If you are really paranoid add a given number of symbols at a known location within every password, e.g. three dummy characters at positions 3,4 and 5 within the password, I couldn't imagine any person who found them bothering to try all the possible combinations. The memory stick is inserted while I copy a password and then removed and placed in the top drawer of the safe which is usually open while I'm about.

I change things like bank or Paypal access details, about every three to four months, some online sites like this one have never been changed.

Yeah, it's always been a bit of a "pet worry" of mine.

I know that the bloke who owns another site that I frequent uses the VIN of his BMW as his master password. He says if it's stolen he can always get his password from the insurance company, and I also have a copy of it. No, unfortunately not the Beemer,...
I have a short term memory problem at times, so I use passwords that I will never forget, my RAF or Army numbers. They are ingrained into my soul.
December 21st, 2011  
senojekips
 
 
Quote:
Originally Posted by BritinAfrica
I have a short term memory problem at times, so I use passwords that I will never forget, my RAF or Army numbers. They are ingrained into my soul.
That is possibly OK if you have a really long Service number, however mine is only a letter and 5 numbers.

Yeah, in the RAN we all knew one another back in those days.

There are really only two things that I am quite passionate about with my 'puta, they are, security and backing up my data.
December 21st, 2011  
BritinAfrica
 
 
Quote:
Originally Posted by senojekips
That is possibly OK if you have a really long Service number, however mine is only a letter and 5 numbers.

Yeah, in the RAN we all knew one another back in those days.

There are really only two things that I am quite passionate about with my 'puta, they are, security and backing up my data.
My RAF number was a letter and 7 numbers, my army number was 8 numbers.

It took me quite a while to remember my RAF number. I had our Scottish D.I. shouting "WHAT'S YOUR NUMBER LADDIE?" To which I replied "erm, erm, erm I dunno Corporal." He went red in the face then shouted "TWICE ROUND THE SQUARE LADDIE, DOUBLE DOUBLE DOUBLE."

Ah, glorious days.
January 22nd, 2012  
fire
 
 
I use these two desktop applications (both are free):
Password Safe
KeePass
January 22nd, 2012  
rattler
 
 
As a tech operator on various forums and pages and as a geek I am terribly paranoid as far as passwords and their use are concerned as I know that 90% of the people just go very sloppy about it (I usually crack the ones of my users within 24 hours when I attempt it), and I have developed a simple but effective system that enables me to:

- only have to remember one PW (and I would never write it this down anywhere), something that even I with my age induced short memory problems can easily cope with

- have a different and secure PW for any access I need without having to remember more than just one

- make sure my PWs are - at least at the moment and for normal users (CIA or the NSA would be another angle that I probably have not covered fully, just delayed) - more than just reasonable secure against attacks, be they dictionary or brute force type.

The only problem I have right now displaying this system is that it is 0117 here and I just stumbled over this thread but need to turn 2m horizontal *now* without further discussions, so permit me to delay my response a day and post it (my GMT+2) tomorrow night. Stay tuned, might be worthwile.

Rattler
 


Similar Topics
Cain receives Secret Service protection (AP)
Spanish PM offers state protection to 'Octopus Paul' after death threats!
Computer password
Virus and spyware protection programs
Australian border protection ship runs aground off Christma