Welcome back to Stupid Guest Tricks!

This is the place to find the latest news and announcements concerning StupidGuestTricks.com Note: You may reply to any topic in this forum but you may not post new topics.
User avatar
ktulu
Permanent Fixture
Permanent Fixture
Posts: 4150
Joined: Tue Jan 09, 2007 1:01 pm
Park: ktululand
Department: Custodial
Position: Janitor
Location: Texas
Contact:

Re: Welcome back to Stupid Guest Tricks!

Post by ktulu » Sun Nov 10, 2013 4:32 pm

TiggerHappy wrote: I was told that if you have too many requirements to make a password, that actually makes it easier for people to guess a password because the requirements end up being hints.
You were given false information. The idea behind complex passwords, not based on a dictionary word, is to increase the complexity of the password, plus the number of combinations available. Adding on encrypting and salting passwords on the backend, it makes it extremely difficult to crack a password. I don't recommend doing a password like [email protected] The hackers guessed those substitutions long ago. My passwords are usually a phrase I will remember, the I take the first character of each word. Substitute or add symbols, numbers, and random capitalization to make the password. It looks like a random set of characters, which is what you untimely want to achieve. A pass phrase is even better.


"People can drink coke and pepsi, but they can't pee in the street."

812114

WEDFan
Practically Lives Here
Practically Lives Here
Posts: 1015
Joined: Tue Feb 01, 2011 8:45 am
Location: Maine

Re: Welcome back to Stupid Guest Tricks!

Post by WEDFan » Mon Nov 11, 2013 6:44 am

The one I've seen that can actually decrease security is the requirement to change passwords monthly or quarterly. The studies I've seen on that basically indicate that frequently changing (and not allowing repeats) means more people write them down and tuck them somewhere around their workstation. As long as you have no reason to suspect a breach, and you vary your passwords by site, you are better off keeping the password you remember.



User avatar
hobie16
Permanent Fixture
Permanent Fixture
Posts: 10468
Joined: Fri Nov 05, 2004 4:45 pm
Park: DLR
Department: Fruity Drink Land
Position: Mai Tai Face Plant
Location: 717 Miles NNW Of DLR

Re: Welcome back to Stupid Guest Tricks!

Post by hobie16 » Mon Nov 11, 2013 8:49 am

WEDFan wrote:... more people write them down and tuck them somewhere around their workstation.
When IBM 3270 terminals ruled the world many people did just that by writing them on the user's guide that was tucked under a flip out lid on the keyboard.


Image

Don't be fooled by appearances. In Hawaii, some of the most powerful people look like bums and stuntmen.
--- Matt King

User avatar
ktulu
Permanent Fixture
Permanent Fixture
Posts: 4150
Joined: Tue Jan 09, 2007 1:01 pm
Park: ktululand
Department: Custodial
Position: Janitor
Location: Texas
Contact:

Re: Welcome back to Stupid Guest Tricks!

Post by ktulu » Mon Nov 11, 2013 8:58 am

hobie16 wrote: When IBM 3270 terminals ruled the world many people did just that by writing them on the user's guide that was tucked under a flip out lid on the keyboard.
I've seen people write them on the bottom of the keyboard, or put sticky notes on the bottom of the keyboard. If they actually wrote them on the keyboard, we'd switch the keyboards around.


"People can drink coke and pepsi, but they can't pee in the street."

812114

User avatar
TiggerHappy
Regular Guest
Regular Guest
Posts: 450
Joined: Sun Feb 13, 2011 2:25 am
Park: Disneyland
Department: Food & Beverage
Location: California
Contact:

Re: Welcome back to Stupid Guest Tricks!

Post by TiggerHappy » Tue Nov 12, 2013 8:45 pm

ktulu wrote:You were given false information. The idea behind complex passwords, not based on a dictionary word, is to increase the complexity of the password, plus the number of combinations available. Adding on encrypting and salting passwords on the backend, it makes it extremely difficult to crack a password. I don't recommend doing a password like [email protected] The hackers guessed those substitutions long ago. My passwords are usually a phrase I will remember, the I take the first character of each word. Substitute or add symbols, numbers, and random capitalization to make the password. It looks like a random set of characters, which is what you untimely want to achieve. A pass phrase is even better.
I'd be more open to creating a pass phrase (without symbol requirements) rather than a complex password. I don't like being unable to remember a password to the point I write them down somewhere (on the computer or on a Post-It). I understand you want to help us all keep our accounts secure, but when there are other websites (like banking and loan sites) that require the same kind of password, the average person simply isn't able to remember all those complex passwords without writing them down somewhere. I'm fine with having letters and numbers in my passwords, but when you require symbols on top of that, that's when I resort to writing down the passwords because I cannot remember those kinds of passwords for the life of me.
WEDFan wrote:The one I've seen that can actually decrease security is the requirement to change passwords monthly or quarterly. The studies I've seen on that basically indicate that frequently changing (and not allowing repeats) means more people write them down and tuck them somewhere around their workstation. As long as you have no reason to suspect a breach, and you vary your passwords by site, you are better off keeping the password you remember.
Gah, I HATE it when a site does this. :banghead:



darph nader
Permanent Fixture
Permanent Fixture
Posts: 4844
Joined: Mon Jan 30, 2006 9:16 pm

Re: Welcome back to Stupid Guest Tricks!

Post by darph nader » Wed Nov 13, 2013 11:15 am

How the heck do you get the PM thingy working?
I've tried to send one out,and it didn't record it being sent or even recorded.
Am I missin something new? (wouldn't be the first time)



User avatar
ktulu
Permanent Fixture
Permanent Fixture
Posts: 4150
Joined: Tue Jan 09, 2007 1:01 pm
Park: ktululand
Department: Custodial
Position: Janitor
Location: Texas
Contact:

Re: Welcome back to Stupid Guest Tricks!

Post by ktulu » Wed Nov 13, 2013 11:34 am

darph nader wrote:How the heck do you get the PM thingy working?
I've tried to send one out,and it didn't record it being sent or even recorded.
Am I missin something new? (wouldn't be the first time)
It'll go to the outbox until the person reads it, but it's like making a post.


"People can drink coke and pepsi, but they can't pee in the street."

812114

Big Wallaby
Permanent Fixture
Permanent Fixture
Posts: 5733
Joined: Thu Feb 15, 2007 7:19 pm
Location: Vancouver, Washington

Re: Welcome back to Stupid Guest Tricks!

Post by Big Wallaby » Wed Nov 13, 2013 11:45 am

You know, the other option could be to use a code generator like Facebook has.


My opinions are mine and mine only. If my opinions are the opinion of others who happen to share whatever my crazy views may be, then fine, but it's not because I represent them in having my opinions. Got it?

User avatar
ktulu
Permanent Fixture
Permanent Fixture
Posts: 4150
Joined: Tue Jan 09, 2007 1:01 pm
Park: ktululand
Department: Custodial
Position: Janitor
Location: Texas
Contact:

Re: Welcome back to Stupid Guest Tricks!

Post by ktulu » Wed Nov 13, 2013 11:52 am

Big Wallaby wrote:You know, the other option could be to use a code generator like Facebook has.
You going to write the code for that? Safari does suggested passwords, and then saves them to iCloud Keychain in Maverick's and iOS 7.3.


"People can drink coke and pepsi, but they can't pee in the street."

812114

Big Wallaby
Permanent Fixture
Permanent Fixture
Posts: 5733
Joined: Thu Feb 15, 2007 7:19 pm
Location: Vancouver, Washington

Re: Welcome back to Stupid Guest Tricks!

Post by Big Wallaby » Wed Nov 13, 2013 7:24 pm

ktulu wrote:You going to write the code for that?
No.

Actually, let me rethink it.

No.

Another option for people who want a long, secure password, try out lastpass.com* or roboform*. I use LastPass for everything. I don't know most of my passwords, except for sites I may have to access quickly and away from my laptop (which is practically nailed to me), my iPad (for how often I have with with me, see my comments about my laptop) or iPhone (same, except that I have it at times when I don't have the other two with me). But I love LastPass.

* Those who know their way around security, let me know if this is a bad idea.


My opinions are mine and mine only. If my opinions are the opinion of others who happen to share whatever my crazy views may be, then fine, but it's not because I represent them in having my opinions. Got it?

Post Reply