Password tips you've never heard

[humble3d]

Password tips you've never heard

 

LOS ANGELES — Once again, hundreds of millions of passwords used in e-mail accounts were stolen this week.

 

And, again, we're being told there's only one way to keep ourselves digitally safe: Change our passwords frequently, with hard-to-figure combinations of upper- and lower-case letters, numbers and symbols.

 

This week we asked the panelists on the #Talking Tech Roundtable podcast how they go about it.

 

You'll be amazed at this simple tip from a Google product manager. If it could work for him — he's never been hacked — perhaps we need to revise our password strategies and make them easier to recall.

 

The most commonly used password continues to be "Password" "123456" your street address or name of kid or pet.

 

But Rachid El Guerrab, a product manager for Google's 360-degree filmmaking Spotlight Stories initiative, has a simpler, more refreshing to go about it. He goes long. Very long, with super-lengthy sentences that happen to mention the websites name in there.

 

Tricky combos such as USAT$DAYT00LKN'T#%H "makes more problems than it solves," he says. "Passwords are hard to crack when they’re long."

 

He says you should make up a sentence like "Iloveusatodayfordeliveringfreshnewsontheplanetofearth" and customize it for any website. 

 

"It will be easy for you to remember and much safer than any of the weird symbols and capitals that you'll probably forget," he said.

 

Stephen Cobb, a senior security researcher at ESET, a San Diego-based security provider, agrees that length is good, but "I prefer not to use many real words in there," he said. He also notes that if the sentence was discovered by a hacker, the digital identify would then be "compromised."

 

Cobb recommends the long sentence, but with the usual collection of upper- and lower-case letters, numbers and symbols.

 

John Tabis, co-founder the Bouqs Company, an online floral delivery firm, grew up in a family where everyone has a nickname. Thus, his passwords are a combo of a nickname, birth date with extra characters thrown in. "That way, I'm never using my sister's name Sarah," he says and the password is unique.

 

Charley Melbye, co-founder of the Everalbum online photo sharing app, gave up on trying to come up with unique passwords some time ago. He uses the password manager 1Password, a $64.95 app that creates hard-to-crack passwords and stores them on the desktop and mobile. "That way, you just have to remember one password to unlock them for you," Melbye says.

 

Here at #TalkingTech, we're fans of the similar Dashlane app, which is free for a handful of websites, $39.99 annually for syncing to both mobile and desktop. The app remembers your passwords, and creates unique toughies like m3$GG0^7***HTC. When you go to a website, just type in your one, master Dashlane password, and you're in.

 

When you've created an impossible to remember password and you're in the bedroom with your Roku, Apple TV or some other TV device, and you're asked to sign in to Amazon, Verizon or elsewhere — and there's no password manager to help — you're hosed. Somehow pulling up the manager on the phone and slowly typing in the keys on the poor responding remote control just never seems to cut it.

 

We're going to give El Guerrab's method a try this weekend. How about you?

 

 

http://www.usatoday.com/story/tech/2016/05/07/password-tips-youve-never-heard/84042582/

[ASIDE] Microsoft partners may not allow long passwords... wonder why ?]

[straycat19]

My favorites are 'drowssap' and '654321'.  No one ever guesses those.  Seriously, I am from the school of long phrases with additonal characters and numeral substitution.  Something like "Micr0s0ftisLikeaF!yitEat5shitAndbothersP3ople!"

[Ballistic Gelatin]

A technique I've used is basing your password(s) on your car's VIN, or Vehicle Identification Number. It's usually found in one of the lower corners of your front windshield. Of course, I add upper/lower case characters, extra symbols and numerals for variation. So, if you forget the base password, just run out to your car and look at the VIN. Never been hacked.

[Holmes]

That would be something I can bruteforce password and onetwothreefourfivesix backwards easy i agree to disagree.  I have to agree that microsoft is like a fly it eats shit and bothers people is a good password.

[straycat19]

44 minutes ago, Holmes said:

That would be something I can bruteforce password and onetwothreefourfivesix backwards easy i agree to disagree.  I have to agree that microsoft is like a fly it eats shit and bothers people is a good password.

 

I was being facetious, that is why the sentence after that starts with the word SERIOUSLY.  I don't bruteforce those, I just try those from the start since I have found numerous people who think by putting them in backwards they are fooling someone.  That is like using asdfghjkl or lkjhgfdsa, or any other key row and even qwerty ytrewq.