Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase ««12

Serious Security Expand / Collapse
Author
Message
Posted Thursday, January 17, 2013 10:25 AM


Ten Centuries

Ten CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen CenturiesTen Centuries

Group: General Forum Members
Last Login: Thursday, March 06, 2014 1:05 PM
Points: 1,334, Visits: 3,068
D.Oc (1/17/2013)
I use Keepass for storing my passwords, it is only way to remember them all.
For example, password for my Gmail acc. is 56 characters long and I'm changing it every 2 months.
I use shorter passwords for forums, it's all about priorities.


Same here, and you can't beat the price either.


"Technology is a weird thing. It brings you great gifts with one hand, and it stabs you in the back with the other. ..."
Post #1408539
Posted Thursday, January 17, 2013 11:46 AM
Old Hand

Old HandOld HandOld HandOld HandOld HandOld HandOld HandOld Hand

Group: General Forum Members
Last Login: Thursday, April 10, 2014 5:20 PM
Points: 341, Visits: 1,031
Barry Wright-268269 (1/17/2013)
It seems to me that a big factor in this is just password fatigue. We have so many password "protecting" things from the very important like bank accounts and company data to trivial things like this forum, frankly, and other such stuff.


Frankly just about the only reason to have a unique password at a site like this one, is so that it's not reused elsewhere where the password is important. That way if this site has bad practices or a disgruntled employee, nothing important is compromised.

I wish this site used OpenID so that there'd be one less site to remember.
Post #1408556
Posted Thursday, January 17, 2013 6:59 PM


SSChasing Mays

SSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing Mays

Group: General Forum Members
Last Login: Today @ 8:18 AM
Points: 601, Visits: 1,734
Any time someone brings up password security I always think of this XKCD commentary





----------------
Jim P.

A little bit of this and a little byte of that can cause bloatware.
Post #1408690
Posted Thursday, January 17, 2013 7:48 PM
Old Hand

Old HandOld HandOld HandOld HandOld HandOld HandOld HandOld Hand

Group: General Forum Members
Last Login: Thursday, April 10, 2014 5:20 PM
Points: 341, Visits: 1,031
Jim P. (1/17/2013)
Any time someone brings up password security I always think of this XKCD commentary


Except that for a site that you visit once a week, let alone once a month or once a year, you haven't memorized it, you've forgotten all about it. It may have taken you an hour of looking around to even FIND the site, you aren't going to remember the password, unless of course it's the password you use everywhere else.

Which is the advantage of OpenID -- you don't have to remember the password, you just have to be using the same OpenID provider as you were a year ago.

Pasword safe's are fine, but they may not be trusted -- or used frequently enough to be considered worthwhile.
Post #1408694
Posted Thursday, January 17, 2013 10:59 PM


SSChasing Mays

SSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing MaysSSChasing Mays

Group: General Forum Members
Last Login: Today @ 8:18 AM
Points: 601, Visits: 1,734
john.moreno (1/17/2013)


Except that for a site that you visit once a week, let alone once a month or once a year, you haven't memorized it, you've forgotten all about it. It may have taken you an hour of looking around to even FIND the site, you aren't going to remember the password, unless of course it's the password you use everywhere else.


I use XMarks for most of the web.

My problem is when you get into some of these sites -- you have to have a capital, a number and a character. Then they advertise you can access them from a phone app. But you are restricted from saving the password, or even the strange login name that you have to use that is totally separated from your e-mail account or your typical user id.

I have over five credit cards, a mortgage, a car loan, my work's website, more than seven SQL and other forums that I participate in. I also have my own website.

I'm smart enough to group my passwords from financial, to e-mail to forums, etc. But I still have locked myself out so hard that a fin site had to send me a snail-mail to unlock my account.




----------------
Jim P.

A little bit of this and a little byte of that can cause bloatware.
Post #1408720
« Prev Topic | Next Topic »

Add to briefcase ««12

Permissions Expand / Collapse