Monroe Posted August 9, 2024 Posted August 9, 2024 Reading this article today in The Sun about passwords. The article also suggest going to 16 characters from 12 characters. I have been mostly using 12 characters ... sometimes 16 or 18 but not that often. It won't be any problem going from 12 to 16. I don't change passwords every 90 days unless required to do so. I just post the article for reading ... not a password expert. I am curious what other MSFN members are doing. The Sun: You should actually ignore ’90 day’ password rule – as experts warn ‘myth’ is easy way to become instant ‘victim’ https://www.the-sun.com/tech/12146300/password-day-rule-common-mistakes-cybersecurity-tips-avoid/ Mackenzie Tatananni, Science and Tech Reporter Updated: Aug 8 2024 ...
NotHereToPlayGames Posted August 9, 2024 Posted August 9, 2024 (edited) 16 minutes ago, Monroe said: I am curious what other MSFN members are doing. Shhh. Don't tell my IT Department! My work computer "forces" us all to change our password every 90 days. And the "system" will not let us change to any of our last TWELVE passwords. So you asked what I do - my password has technically been IDENTICAL for the last TWENTY YEARS !!! Every 90 days, I change my password thirteen times in roughly 4 minutes with that 13th password being the same EXACT password I've been using when I first started working for this company! Edited August 9, 2024 by NotHereToPlayGames 1
NotHereToPlayGames Posted August 9, 2024 Posted August 9, 2024 Changing passwords every 90 days is a SECURITY RISK in my opinion. It "creates" a work environment where people WRITE THEIR PASSWORD on a post-it note and that post-it note is usually quite easy to find! I can show you two dozen offices here at work where there is a post-it note "hidden" on the underside of the cubicle shelf that contains the desk lighting.
mina7601 Posted August 9, 2024 Posted August 9, 2024 14 minutes ago, Monroe said: I am curious what other MSFN members are doing. I very rarely/barely change passwords, to be honest.
jaclaz Posted August 9, 2024 Posted August 9, 2024 Just in case: https://neal.fun/password-game/ jaclaz 2
mina7601 Posted August 9, 2024 Posted August 9, 2024 18 minutes ago, jaclaz said: Just in case: https://neal.fun/password-game/ jaclaz Thanks for this, indeed very fun, like the domain says.
NotHereToPlayGames Posted August 9, 2024 Posted August 9, 2024 (edited) My guess is that you can not make it past this: Edited August 9, 2024 by NotHereToPlayGames
NotHereToPlayGames Posted August 9, 2024 Posted August 9, 2024 (edited) made it past Daily Wordle, lol Edited August 9, 2024 by NotHereToPlayGames
NotHereToPlayGames Posted August 9, 2024 Posted August 9, 2024 (edited) May not have a solution. The chess move violation of c8 is only there to pass Rule 10 captcha. Edited August 9, 2024 by NotHereToPlayGames
Sampei.Nihira Posted August 9, 2024 Posted August 9, 2024 Theoretically, a complex password is difficult to remember. The human factor is the weak link in the chain. My advice is to choose a password that is not in the dictionary of your native language,although it is not easy. Often it is enough to add 2 words even from different languages to get the result you are looking for. Intercalate capitals,numbers and special characters. In the image a password (which I do not use of course) very simple to remember but complex (not found in the dictionary of my native language) that I would remember well because it includes my date of birth....... I am as @NotHereToPlayGames use a simpler password than the one in the image. But you do not follow this way of mine. But even this word is not in the Italian dictionary:
Dixel Posted August 9, 2024 Posted August 9, 2024 13 hours ago, Monroe said: I am curious what other MSFN members are doing. I use only randomly generated passwords. Change in about 6 months or so. 3
Monroe Posted August 9, 2024 Author Posted August 9, 2024 (edited) All good replies and also the link from Jaclaz. I have been using this password generator for years. I wanted one I could download to use anytime with no connection. It's free and very simple to create any password. I only use it when I am offline ... I don't think it would 'phone home' with any passwords but in today's world ... caution rules. I make a list of around 15 passwords and have them handy. You can check it out and see if it will be of use to you. I just use the portable version 2.0 ... I may update but it works fine on Windows XP. Didn't know till now that there were newer versions ... guess I have been using it for ten years or so. Secure Password Generator https://www.securityxploded.com/secure-password-generator.php Secure Password Generator is is a free desktop based tool to quickly generate strong & secure passwords. With a growing incidents of web server hacking and database compromises, these days there is a greater need to use strong password. This will prevent your password from being decrypted if your password hash falls into the wrong hands. Secure Password Generator helps you to create a strong password using one or more of the following character sets Uppercase Letters (A-Z) Lowercase Letters (a-z) Numbers (0-9) Special Symbols ($,#, ?, *, & etc) It is very easy to use with a nice GUI interface. You can generate passwords of length ranging from 5 to 500 characters. Also being a offline tool makes it easy to use anytime anywhere without internet connectivity. It is fully portable tool and includes Installer also. It works on both 32 bit & 64 bit platforms starting from Windows XP to new Windows 10 version. Version 3.0 : 31st Aug 2015 Mega release with support for generating passwords on new Windows 10 operating system. Enhanced Installer for dynamically downloading of latest version. Version 2.5 : 28th Apr 2014 Automatically copy the generated secure password to clipboard Version 2.0 : 31st Aug 2013 Now supports generation of Password of length up to 500 characters ... just to add ... in the Download Center they have about 250 password tools listed ... maybe free, maybe not ... didn't check. ... Edited August 9, 2024 by Monroe sp, add, sp
Tripredacus Posted August 9, 2024 Posted August 9, 2024 The onus has been placed upon the user to make sure their password is secure. But this is a fallacy, as the weakness of a password was only an issue decades ago when the primary way of getting into an account is to guess a user's password. Or if not guess, then run a rainbow table on it, or whatever other method. Then, even now, having to have a complex or often changed password is only the domain of a priveledged individual and not the common person. 99.9999% of the security issues that involve compromised accounts these days do not come from guessing or a brute force method, rather the insecurity of the provider that hosts the account. Offloading the burden of protection to the user is a mistake. The service provider is the one who is responsible for security breaches. So the reason why you have a hundred different accounts on a hundred websites and have to change your password all of the time is because the websites are bad at security. Somehow the user being responsible for these things has become mainstream and you end up with articles like the op posted.
NotHereToPlayGames Posted August 9, 2024 Posted August 9, 2024 Closer... But really, a bold letter in a password ???
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now