|
I use last pass - literally saves me hours sometimes - especially on some sites like that do the visit often but want a secure password.
For the ones I don't care about I set my password to
SomePassword01
Or similar
Though I guess if someone guessed it they would be able to comment on a bunch of sites I don't care about!
PooperPig - Coming Soon
|
|
|
|
|
_Maxxx_ wrote: I use last pass
Now this looks awesome. I hope the product is as good as their French version of the site is bad.
|
|
|
|
|
Oui
PooperPig - Coming Soon
|
|
|
|
|
I try to let the browser save my passwords for such websites. I don't remember anything at all.
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
yeah... hopefully I will still have that computer and browser next time I log in to GoDaddy!
|
|
|
|
|
No advertisement! Use Chrome, it stores your passwords wherever you are or which ever device you're using.
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
I use this feature in chrome a lot.
EXCEPT, I realize they are storing this on their severs.
Therefore, I do not let it memorize my SECURE Ring of passwords.
All of my other passwords it can have, but nothing that connects to
banking, money accounts, or just the stuff I better be accessing for a reason.
I use a specifically secure password set for those.
But I really do leverage the feature of having it memorize my passwords. I
also use an encryption tool on my desktop to store client/customer passwords I am
not allowed to have memorized. (again, this file is encrypted from the SECURE ring).
Because given enough of your passwords, usually all of them become hackable. Which
is why I hate sites that store my password in plaintext and email it to me "thanks
for seting your password to OhMyGosh123"... Great... That email is everywhere now!
|
|
|
|
|
That is very sensible, but if you're deliberately using strong passwords for critical uses, you may as well use a password manager: you only need one strong password, and the data is stored on your device of choice rather than in the cloud where it may be open to NSA (and other intelligence agencies') inquiries; not to mention hacking.
Of course, your own storage may be even more open to attacks, but for that to happen someone needs to attack and control your computer to a sufficient degree that it can access your password db - once it's achieved that much, losing the actual passwords doesn't change all that much anyway. And chances are some of them are already compromised, or they couldn't pull off the attack in the first place.
GOTOs are a bit like wire coat hangers: they tend to breed in the darkness, such that where there once were few, eventually there are many, and the program's architecture collapses beneath them. (Fran Poretto)
|
|
|
|
|
Same with FireFox, it syncs everything from plugins, bookmarks, settings, history & passwords. It's just more complicated to link a new FF to your saved sync - not just a situation of give Chrome your gmail login and you're done (you need to get a passcode from one of the FFs which are already linked then retype that into the new one in addition to your login details for the sync). But after that it works the exact same way as google's, everything's still saved on some server somewhere.
Though I try to avoid saving passwords I care about on some on-line "cloud" meant for stealing data about my browsing habits. Those I don't care about tend to be easily remembered passes anyway, but I still save them as it's just not of much use for me to try and keep them "secure". I do agree with those password-remember-apps (the one I've been using is KeePass) for these stupid rules - it's the only way I can "remember" the password in a year's time. The one that always got me was my password for the online submission to our revenue service - also one of those "so many uppercase", "so many lower case", "so many numbers", "so many punctuation marks", etc. It was actually difficult to even think of something which matched, never mind trying to remember a year later what the heck I was thinking. It was always a situation of phoning them up, to try and get my password reset because I simply forgot the damned thing ... all those rules simply mean LESS security.
So now I rather just let those pass-remember stuff generate a random one following those rules, then save it so you can use it later (just don't loose that USB stick you saved your encrypted passwords on).
|
|
|
|
|
Internet Explorer usage explained.
|
|
|
|
|
Good password policy is that one, that forces you write the password down after creating it...
Skipper: We'll fix it.
Alex: Fix it? How you gonna fix this?
Skipper: Grit, spit and a whole lotta duct tape.
|
|
|
|
|
Sticky tape on the screen with the passwords! Way to go!
|
|
|
|
|
It's not insensible: It's safe because your password are not stored on any medium that could be hacked remotely. The only way to access your passwords is getting physical access to your system. And once a "hacker" has accomplished that much, he might as well steal your computer (and take all the time in the world to hack it "offline").
Of course, if you have visitors from outside your company at your desk, you'd better put your notes somewhere less obvious ...
GOTOs are a bit like wire coat hangers: they tend to breed in the darkness, such that where there once were few, eventually there are many, and the program's architecture collapses beneath them. (Fran Poretto)
|
|
|
|
|
I had to change my address for the government. So I went to the government site and entered my username and password, wrong. Again, wrong. Again, wrong and... I'm locked out.
So I hit the 'forget password?' button. Need to fill out some stuff and then they send me a letter (yes, snail mail, because that's so much more secure ).
So yesterday I was able to log in again. I looked at my history and in the past few years all I've really done there is request password recovery
The problem, I found out, is that username is case sensitive. Why would you need a username anyway, I have my (I assume unique) social service number that I need to enter anyway!
And if you forget your username there's only one option for you... Create a new profile. Great, as if having one government profile wasn't enough! And having two profiles lurking around doubles your chances of getting hacked (but I'm sure they'll send me a letter when that happens)...
I know exactly zero people who like the government's website. It's bad in every way possible. It's even difficult to do the stuff you need to do. For example, I had to log in to it through my municipality's website to change my address, otherwise I couldn't get to that particular form
The worst part is they used my tax money to create such an abomination
My blog[ ^]
public class SanderRossel : Lazy<Person>
{
public void DoWork()
{
throw new NotSupportedException();
}
}
|
|
|
|
|
Your tax Euros at rest...
The requirement for a user name in addition to the password actually makes some sort of sense. If your username was your social service number, half of the information needed to log on to the system would effectively be in the public domain. Given many people's poor password choices, this means that many people's accounts would effectively be open to anyone.
Forcing you to have a user name (presumably - assigned by the system) increases your security by adding an authentication component that is difficult (impossible?) to guess. It's not as good as two-factor authentication, but it's better than nothing...
If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack.
--Winston Churchill
|
|
|
|
|
Sander Rossel wrote: as if having one government profile wasn't enough I'd say it's a good idea.
"Naw, that was the other guy! You guys are always getting us mixed up!"
I wanna be a eunuchs developer! Pass me a bread knife!
|
|
|
|
|
Mark_Wallace wrote: I'd say it's a good idea. "Naw, that was the other guy!
The problem is that in these unenlightened days, you are assumed guilty until proven innocent. Two profiles == twice as many opportunities for the authorities to mess up.
If you have an important point to make, don't try to be subtle or clever. Use a pile driver. Hit the point once. Then come back and hit it again. Then hit it a third time - a tremendous whack.
--Winston Churchill
|
|
|
|
|
I work for the Federal government. If you think the federal IT situation is bad you have way underestimated the horror of the situation.
|
|
|
|
|
Sander Rossel wrote: I have my (I assume unique) social service number that I need to enter anyway!
Don't ramp up your hopes too much: my wife did have two separate social id's for a couple of years. She only noticed much later when she started to earn money in earnest, and then was asked to pay taxes not once, but twice!
There's pretty much nothing authorities can't mess up...
GOTOs are a bit like wire coat hangers: they tend to breed in the darkness, such that where there once were few, eventually there are many, and the program's architecture collapses beneath them. (Fran Poretto)
|
|
|
|
|
This is my new crusade : the fight against password policies. Passphrases are ten times better, and I won't include that famous xkcd to illustrate it (everybody knows the horsestabblebatteries something even without looking by now).
|
|
|
|
|
yeah using passphrase everywhere now!
annoyed to put some numbers and uppercase in the middle of it though...
|
|
|
|
|
Obligatory[^] Dilberts[^] (AKA[^] relevant[^] search[^] results).[^]
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
Good laughs!
|
|
|
|
|
Sadly, the last one is beaten by reality, except that the passwords only need to be changed every three months rather than every month. That still means I need to change passwords every third time I even use that stupid system!
GOTOs are a bit like wire coat hangers: they tend to breed in the darkness, such that where there once were few, eventually there are many, and the program's architecture collapses beneath them. (Fran Poretto)
|
|
|
|
|
My bank has a password policy that is tightgoogol, but for just that one password, I don't mind. Other people must take their policies, soak them in petrol, light them, and shove them up their arses.
No object is so beautiful that, under certain conditions, it will not look ugly. - Oscar Wilde
|
|
|
|