|
0x01AA wrote: there are are two parties. Where? No one invited me.
|
|
|
|
|
I just installed the very latest version of the Pre-release of the Fall 2017 Windows 10 Creator's Update. This installs as version 170513-2252 17603-1840. As reported earlier, I reported a bug in the previous pre-release to Microsoft: You could not copy and paste passwords into password boxes in Edge, using [CTRL] - V. Well, it seems that Microsoft listened, because that bug has now been squashed. [CTRL] - V is working just fine in the latest release.
So, I'm taking a leap of faith and will keep running today's version, kicking its tires to see if anything else needs attention!
Get me coffee and no one gets hurt!
modified 14-Jun-17 6:44am.
|
|
|
|
|
Cornelius Henning wrote: You could not copy and paste passwords into password boxes in Edge, using [CTRL] - V. Wasn't that a feature? It's more "secure" having to type in a password vs. just pasting one.
There are two kinds of people in the world: those who can extrapolate from incomplete data.
There are only 10 types of people in the world, those who understand binary and those who don't.
|
|
|
|
|
Quote: It's more "secure" having to type in a password vs. just pasting one I disagree. If you copy and paste passwords from an encrypted and password protected Excel spreadsheet your passwords can be much longer and complex. Also typing a password exposes you to keyloggers.
Get me coffee and no one gets hurt!
|
|
|
|
|
Cornelius Henning wrote: I disagree I do too. I've seen other programs (one or two) that prevented paste into the password. I've even seen websites that do it.
There are two kinds of people in the world: those who can extrapolate from incomplete data.
There are only 10 types of people in the world, those who understand binary and those who don't.
|
|
|
|
|
You practice security your way and I'll do it my way!
Get me coffee and no one gets hurt!
|
|
|
|
|
Quote: And now, the hack is done
And so I face the HR person
My password, I saved it clear
I wrote my login, of which I'm certain
I've got a disk that is screwed
I traveled each and every website
And more, much more than this, I did it my way
You've gotta love Sinatra, he knew his IT stuff
Now is it bad enough that you let somebody else kick your butts without you trying to do it to each other? Now if we're all talking about the same man, and I think we are... it appears he's got a rather growing collection of our bikes.
modified 31-Aug-21 21:01pm.
|
|
|
|
|
Cornelius Henning wrote: If you copy and paste passwords from an encrypted and password protected Excel spreadsheet your passwords can be much longer and complex. The post-its with all my passwords on my monitor beg to differ
Anyway, I'm going to do some banking stuff and after that off to bed, goodnight!
sanderrossel
g5#Hr@!45Td%fS357Po0$#_poS
|
|
|
|
|
I see your:
g5#Hr@!45Td%fS357Po0$#_poS
and I raise you:
sWd45{{lm==946??hy{422}=?}}GindK{}ll7PXRFh655Erw{90##Mki**55{}KlimdWww33nn2K5X6HKE
Get me coffee and no one gets hurt!
|
|
|
|
|
Cornelius Henning wrote: Also typing a password exposes you to keyloggers
And using clipboard exposes you to malware that reads the clipboard. Every program can access it at any time. So the advantage of using a password manager is that you can create an unique password for everything and don't have to remember them all.
If you have malware running on your machine there is nothing that can truly prevent it from intercepting a password.
|
|
|
|
|
RyanDev wrote: Wasn't that a feature?
Miss the joke icon?
The only insecure thing I can think of with pasting is that the password stays on the clipboard until I replace it.
Copy/Pasting from my password app enables the use of complicated and far more secure passwords than if I had to type them in manually.
"Go forth into the source" - Neal Morse
|
|
|
|
|
kmoorevs wrote: Miss the joke icon? Unfortunately no. I've seen applications do it.
There are two kinds of people in the world: those who can extrapolate from incomplete data.
There are only 10 types of people in the world, those who understand binary and those who don't.
|
|
|
|
|
Clipboard hooks.
Simple solution, open your app in a separate desktop with limited rights.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
.... or use something like KeePass, which only leaves the password on the clipboard for a few seconds.
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
|
|
|
|
|
..on a separate desktop as I described; otherwise any clipboard-hook will have the contents as soon as the clipboard changes.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Can you elaborate a little, please. What do you mean by "separate desktop"?
Get me coffee and no one gets hurt!
|
|
|
|
|
A new desktop object in which you can open Windows. See CreateDesktop function (MSDN)[^].
--edit
The login-screen is an example of another desktop than the one that you are using normally. Access to that desktop is limited, even if you are running a background application on yours
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Thanks!
Get me coffee and no one gets hurt!
|
|
|
|
|
You're welcome
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Well ^this did come to mind
A bunch of guys arguing about copy and paste security on an operating system that sends all your stuff up to Microsoft anyway
Now is it bad enough that you let somebody else kick your butts without you trying to do it to each other? Now if we're all talking about the same man, and I think we are... it appears he's got a rather growing collection of our bikes.
modified 31-Aug-21 21:01pm.
|
|
|
|
|
Install a proxy and you can see (and modify) what is being sent; also, the keylogger was not included until Win10.
One does not argue about something that can be verified, that's a waste of time
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Cornelius Henning wrote: very latest version
Not quite.
Cornelius Henning wrote: This installs as version 170513-2252.
The Insider Update I have in a VM currently reports as 170603-1840.
|
|
|
|
|
Quote: The Insider Update I have in a VM currently reports as 170603-1840. Yes, you're right. I corrected my mistake.
Get me coffee and no one gets hurt!
|
|
|
|
|
They're coming out so fast at times it's hard to keep up to date. I've certainly never made any attempting at tracking them all. I just let it install whatever it wants in my VM.
|
|
|
|
|
Examples (#'s have been removed):
P O BOX
P.O. BOX
PMB
PO B0X
PO BO X
PO BOK
PO BOS
BOX
The one with the 'K' is interesting. 'K' is on the opposite side of the keyboard -- I can understand the 'S'.
The hardest part about parsing crap like this (there are 166,333 records) is determining what other variants I did not parse correctly (for example, considered as a street address, not a PO Box), not which ones I successfully accounted for.
Marc
Latest Article - Create a Dockerized Python Fiddle Web App
Learning to code with python is like learning to swim with those little arm floaties. It gives you undeserved confidence and will eventually drown you. - DangerBunny
Artificial intelligence is the only remedy for natural stupidity. - CDP1802
|
|
|
|