|
|
|
|
| Author |
|
|
Registered
|
IT Rant
Passwords--- give me a break!
Just got my new password from IT. Which is more likely....that someone will guess the local name of the field I took shortcuts through walking to school in another state 40 years ago, OR that I will remember a password similar to "P35S3y.7f" amongst the other 5 passwords I routinely use for work. In Medicine we have a phrase "First do no harm". Maybe we should suggest that approach to IT Rant over.
__________________
(As for) Michael Moore:Calling that lying liberal POS propaganda a documentary is like calling PARF the library of congress. I knew it would happen, just not so soon........... |
||
03-13-2013, 10:01 PM
|
|
|
Registered
Join Date: Dec 2010
Location: Sacramento, CA
Posts: 463
|
Create a word doc with all your passwords/logins in it. Keep a password on that word doc.
|
||
|
03-13-2013, 10:13 PM
|
|
|
Banned
Join Date: Apr 2005
Location: Columbus, OH
Posts: 18,162
|
Yup. It sucks.
Don't call them 'Passwords'. Its a 'Passphrase'. Really. Try it. "P35S3y.7f" is hard to recall. "P@ollyzPant!es74".....not so much. |
||
|
03-14-2013, 12:05 AM
|
|
|
B58/732
Join Date: Feb 2000
Location: Hot as Hell, AZ
Posts: 12,313
|
I want my goddamn retina scanner, already.
__________________
ΜΟΛΩΝ ΛΑΒΕ I don't always talk to vegetarians--but when I do, it's with a mouthful of bacon. |
||
|
03-14-2013, 12:06 AM
|
|
|
Banned
Join Date: Apr 2005
Location: Columbus, OH
Posts: 18,162
|
Quote:
|
||
|
03-14-2013, 12:19 AM
|
|
|
Almost Banned Once
Join Date: Feb 2009
Location: Adelaide South Australia
Posts: 38,305
|
A couple of common ones... "Pa55w0rd" "Welcome1" Not recommended but a lot of my customers use these.
As a suggestion for a periodic complex password ... "Mar.2013" ... Just change the month/year to the current month/year when prompted. This is especially good for passwords you seldom use. Obviously you can vary this to make it more secure.
__________________
- Peter |
||
|
03-14-2013, 12:22 AM
|
|
|
|
The Tweeze
Join Date: Jun 2011
Location: Gilbert, AZ
Posts: 3,744
|
IT Rant
Quote:
|
||
|
03-14-2013, 12:22 AM
|
|
|
Gon fix it with me hammer
|
Quote:
|
||
|
03-14-2013, 05:34 AM
|
|
|
Registered
Join Date: Mar 2008
Location: Chicagoland
Posts: 2,695
|
the length of the password is more important than the variations of characters.
in normal brute force password cracking, you incrementally increase length of the password. so even "abcdefghijklmnopqrstuvwxyz" password isn't going to be at the front of the line. although "aaaaaaaaaaaaaaaaaaaaaaaaa" is probably the first of the 26 character password attempts. 
|
||
|
03-14-2013, 05:40 AM
|
|
|
Gon fix it with me hammer
|
actually, password hacking is not done sequentially with brute force
it's done with rainbow tables Rainbow table - Wikipedia, the free encyclopedia 26 letter passwords are really not required It's not practical The goal is to get a password that has enough variation in it to prevent it from being guessed or brute forced to easily. use multiple characters, numeric, letters , small CAPS and some kind of symbol pelicanparts would be bad PelicanParts would be a lot better P3lic@P@rts is even better And P3!icanP@rts! is the dogs bollocks except you probably shouldn't build it up around a single word, as everybody does the same. Spelling errors are great in passwords B!u3-Pe!!iC@n5 Actual brute force hacking is pretty hard to do these days, because most have a minimum brute force security built in, such as a time lock after x number of errors |
||
|
03-14-2013, 05:59 AM
|
|
|
Registered
|
I have spreadsheets of passwords too but, I'm quasi-IT so I have no choice.
__________________
Janet '83 944 |
||
|
03-14-2013, 06:09 AM
|
|
|
Gon fix it with me hammer
|
Enterprise Password Management Software | Secret Server password management software, enterprise password manager
also with an online version... |
||
|
03-14-2013, 06:11 AM
|
|
|
Registered
|
As I started to get to many user names and passwords to remember I found an app for my iPhone.
I use one called msecure. The crazy thing is I have 68 user names and passwords now. Freakin stupid.
__________________
1978 911sc Targa Sold 2001 996 Cab Sold 2006 Cayenne S Silver Wifes Car for sale 2011 Jeep Wrangler Silver for sale 2010 Toyota Prius Black for sale 2016 BMW 328D wagon |
||
|
03-14-2013, 06:12 AM
|
|
|
Registered
Join Date: Jan 2012
Location: Erehwon
Posts: 3,369
|
The IT world is overpopulated with folks whom I (as a 7 time CIO) call professionally Paranoid. They are partly driven by a fear of hacking attacks against what is usually very poorly designed networks, partly driven by an unfounded fear that any data stored in computer servers is to be protected at all costs whereas the reality is that if it was stolen by the competition it would set them back 10 years and lastly driven by a desire to be important and puffed up "pigeon style".
Most of them generally do not subscribe to the balanced risk model where businessmen take measured and reasonable risks as a tradeoff against benefits in other areas. They are not wired that way. In my last CIO gig I had a vociferous debate with the security team as to why my bank only needed a 6 character password with one special character, yet they were advocating a 12 digit password. They could not explain why I could get a mortgage or move money with 6 character protection whereas the company's email drivel required 12.... There are now new people in that role.... Dennis |
||
|
03-14-2013, 06:48 AM
|
|
|
Registered
|
People need to understand that when they set the bar too high for the user (complexity, frequency of change, lack of uniformity across systems) they reduce security because the passwords end up on a post-it note on the monitor.
|
||
|
03-14-2013, 07:06 AM
|
|
|
Bollweevil
Join Date: Dec 2003
Location: Fulshear, Texanistan
Posts: 3,361
|
Quote:
__________________
Jack 74 911 Coupe 2.7L - K21 Option - S suspension |
||
|
03-14-2013, 07:17 AM
|
|
|
Registered
Join Date: Sep 2002
Location: Pac NW
Posts: 194
|
Quote:
__________________
Troy '89 964 C4 '83 308 GTS QV '88 928 S4 |
||
|
03-14-2013, 09:31 AM
|
|
|
Registered
|
I have a smart card and a pin. Insert the card, put in my pin and that's it for the next 16 hours.
__________________
2021 Model Y 2005 Cayenne Turbo 2012 Panamera 4S 1980 911 SC 1999 996 Cab |
||
|
03-14-2013, 09:37 AM
|
|
|
|
Registered
|
You know what I tell my users?... to suck it, because Windows and other applications require certain criteria for passwords and I can't change that. Out of all of the users, I have 1 that forgets his login password(and ever other effing password) on a weekly basis. It got to the point of a post-it on the monitor and guess who stillll messed it up? And quit trying and subsequently failing with the same password over and over and end up locking your account!.. ok IT rant over.
__________________
Janet '83 944 Last edited by Jferr006; 03-14-2013 at 09:40 AM.. |
||
|
03-14-2013, 09:38 AM
|
|
|
Registered
|
Quote:
I deal with sensitive material for the government. We have devices that hold encryption keys. These devices hold up to thousands of keys that are what protect our networks (radio, voice, computer networks, etc.). When I was in Iraq, it was very, very common to find one of these devices, remove the battery from the back and see a big sticky note with the password right on there. This falls into enemy hands...goodbye secure communications. Worst one I ever saw had the sticky note between battery/device and also had a listing of all the keys and what they were used for on a label running down the side of the device. Sometimes, the stupidity of humans truly astounds me.
__________________
Guy '87 944 (first porsche/project car) |
||
|
03-14-2013, 09:49 AM
|
|
BimForce the Third, Esquire
chocolatelab
1985.5 Porsche 944 2.5L Supercharged 
911 SC
Panamera
1987 Porsche 944
2009 Ford Mustang
