From: Dale <rdalek1967@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Coming up with a password that is very strong.
Date: Mon, 4 Feb 2019 19:10:57 -0600 [thread overview]
Message-ID: <1d42622d-ab7c-5673-3f8e-4bc52ddfcfc2@gmail.com> (raw)
In-Reply-To: <203701cf-b0c8-a2d3-ab49-46fdde2ccc95@libertytrek.org>
Tanstaafl wrote:
> On 2/4/2019, 12:47:35 AM, Dale <rdalek1967@gmail.com> wrote:
>> Thing is, with today's computing power, it really isn't anymore.
>> While no one could just guess it, it could be cracked/hacked I'm
>> sure. I need to come up with a new one that meets the requirements I
>> just mentioned. Strong, easy to remember, easy to type but won't
>> forget. I've read that using maiden names, years of birth or whole
>> dates of birth, actual names, pet's name, words in a dictionary and a
>> whole list of other things makes it easier, especially if you post a
>> lot on social media, for hackers to use against you. I'm trying to
>> avoid that sort of thing obviously and have a couple ideas but am
>> curious as to what method others use, without exposing to much
>> detail since this is public.
> I've been using a little Firefox Addon called Passwordmaker for many,
> many years, and despite all of its warts, I've been loathe to give it
> up, even though it will never be upgraded to work as a WebExtension.
>
> 2 things I loved about it -
>
> a) it doesn't save the password locally, only info about the
> site/account, and
> b) you can use an unlimited number of Master Passwords
>
> I'm looking at migrating to KeePassXC, and even though I really hate the
> idea of saving the actual password - Passwordmaker simply generates the
> password on the fly each time based on certain specified criteria (ie,
> the site URL, username, password length, etc for each account - one
> technique I adopted shortly after assisting in updating the
> Passwordmaker website eases my mind about it...
>
> This is a simple technique I strongly recommend that everyone employ,
> especially if you use a Password manager (like LastPass or KeePass)...
>
> It is uncrackable (well, as long as it isn't the CIA or NSA that wants
> to crack it and they are willing to kidnap/torture you to do so).
>
> You sit down and come up with a ... call it a 'password modification
> protocol' ... whereby, you always modify your generated/stored password
> in a specific way before pressing enter.
>
> For example, you delete characters 3, 5 and 7, then add 2 characters to
> the beginning and 2 to the end.
>
> It is very simple, and negates worrying about someone stealing your
> password vault.
>
>
I tried to find it just to see how it works but it isn't listed. From
what you wrote, you may want to at least check into LastPass. Link
below. It may do what you currently use and some. I only use the free
version and it does more than I need already. I think if I get a smart
phone, I'd have to pay a small monthly fee. Still, I'm sure there is a
tool that will suite your needs. There are a lot of them out there.
Typing password in the add-on search box produces a LOT of results.
Just find a good one and let it work for you.
https://www.lastpass.com/
I'm not sure I understand what you mean password modification protocol.
It sounds like you change your master password each time you use it. If
I did that, I'd never know which one to use because that would confuse
me. I don't write passwords down, period. I went to the local nursing
home the other day, to drop off some puzzle books and a bunch of
bananas, and they have a coded entry thing on the door. I entered the
code a couple times and it didn't work. One of the nurses that was
coming on shift came up and entered the code. When she told me the
code, I realized I was using the code they had before the current one.
I shifted back in time a bit I guess. I may not have a flux capacitor
but I did it anyway. lol I admit, some of the new things they use, I
have no idea how they work since I've never used most of them. I've
read about a few of them but don't really get how they work. If I used
them, I'd get it.
What I hate most, when my bank changes something about their login
process and a little research shows it accomplishes nothing. My credit
card site has this picture and phrase thing. I found where it was
researched and it does little to actually help because most people don't
pay it any attention. My biggest cheat, I adblock stuff on the bank
website, like their great big logo thing. If I do go to a website and
that logo shows up, it didn't match my adblock setting. At that point,
that gets a little extra attention until I know for sure and for certain
I'm on the correct site. Also, LastPass will pick up its on the wrong
site to. It won't fill in the password info if it doesn't match up.
They've had the same logo on the site for years.
It's amazing what we have to do with our computers to keep ourselves
safe because of . . . computers. :/ I guess this is one reason I like
Linux. It at least tries to be secure.
Dale
:-) :-)
next prev parent reply other threads:[~2019-02-05 6:42 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-04 5:47 [gentoo-user] Coming up with a password that is very strong Dale
2019-02-04 10:24 ` Peter Humphrey
2019-02-04 10:37 ` Neil Bothwick
2019-02-04 11:17 ` Mick
2019-02-04 11:48 ` [gentoo-user] " Nikos Chantziaras
2019-02-04 13:21 ` [gentoo-user] " Neil Bothwick
2019-02-04 13:43 ` Rich Freeman
2019-02-05 6:48 ` Dale
2019-02-05 9:55 ` Mick
2019-02-05 10:04 ` Michael Schwartzkopff
2019-02-05 10:18 ` Dale
2019-02-05 10:13 ` Dale
2019-02-05 11:21 ` Mick
2019-02-05 12:46 ` Dale
2019-02-04 11:10 ` [gentoo-user] " Nikos Chantziaras
2019-02-04 19:38 ` Jack
2019-02-04 20:51 ` Neil Bothwick
2019-02-05 20:28 ` Mark David Dumlao
2019-02-05 21:17 ` Neil Bothwick
2019-02-06 2:41 ` Mark David Dumlao
2019-02-08 14:26 ` Kai Peter
2019-02-08 20:59 ` Neil Bothwick
2019-02-09 0:19 ` Dale
2019-02-09 10:06 ` Neil Bothwick
2019-02-09 10:42 ` Dale
2019-02-09 16:02 ` Alec Ten Harmsel
2019-02-13 16:31 ` Rich Freeman
2019-02-13 17:12 ` Mark David Dumlao
2019-02-13 19:17 ` Rich Freeman
2019-02-13 21:34 ` Mark David Dumlao
2019-02-13 21:50 ` Rich Freeman
2019-02-04 20:49 ` Dale
2019-02-04 20:59 ` Rich Freeman
2019-02-04 21:06 ` Neil Bothwick
2019-02-04 22:12 ` Dale
2019-02-04 23:18 ` Rich Freeman
2019-02-05 7:34 ` Dale
2019-02-05 14:13 ` Rich Freeman
2019-02-05 16:00 ` Dale
2019-02-04 23:26 ` Mick
2019-02-05 7:55 ` Dale
2019-02-05 11:34 ` Mick
2019-02-05 13:05 ` Dale
2019-02-05 8:41 ` Neil Bothwick
2019-02-05 9:28 ` Mick
2019-02-05 12:27 ` Nikos Chantziaras
2019-02-04 16:42 ` [gentoo-user] " Laurence Perkins
2019-02-04 18:39 ` Lee Clagett
2019-02-04 20:09 ` [gentoo-user] " Dale
2019-02-04 20:19 ` Rich Freeman
2019-02-04 21:39 ` Dale
2019-02-04 22:34 ` [gentoo-user] " Tanstaafl
2019-02-05 1:10 ` Dale [this message]
2019-02-05 19:49 ` Tanstaafl
2019-02-05 23:50 ` Dale
2019-02-06 18:13 ` Tanstaafl
2019-02-05 4:42 ` Roger J. H. Welsh
2019-02-10 16:12 ` Andrew Savchenko
2019-02-10 16:27 ` Dale
2019-02-10 16:59 ` Andrew Savchenko
2019-02-10 18:13 ` Mark David Dumlao
2019-02-10 22:44 ` Dale
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1d42622d-ab7c-5673-3f8e-4bc52ddfcfc2@gmail.com \
--to=rdalek1967@gmail.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox