Passwords - create & manage - online security apps & tools

[bigsimes]

Quote:

Originally Posted by Wooglie

The problem I have is that most of my banks don't allow spaces in the password

Use a connecting number to signal a word e.g.
Cats and dogs together = cats6dogs2gether

[zantarous]

Just the other day I sat down and worked out a 25+ character password to use which could be tweaked to be different on each site I visit. I have a phrase, and only use the first character of that phrase two sets of numbers associated with fond memories (not DOB or anniversary), a symbol, the name of a a memorable thing I enjoy, something about the site and a bunch of random numbers, some capital letters and, some of the letters are numbers. No dictionary password in mine plus with 25+ characters you would hope that would take a very long time with bruteforce.

I tried to change my Paypal password last night and even though it told me that it was a strong password it couldn't use it as it was too long.

[Edwin Fong]

I use Lastpass for my passwords, see what characters are allowed on the website and set it to use those, and make it long enough so its very strong. I don't even know the password to most of my accounts anymore.

[Guest 24283]

1Password.

[driver8]

Quote:

Originally Posted by Edwin Fong

I use Lastpass for my passwords, see what characters are allowed on the website and set it to use those, and make it long enough so its very strong. I don't even know the password to most of my accounts anymore.

yes, that's why I've not moved over to a password manager yet - how do you get on if you want to login on a friend's PC, or at a cybercafé ? Does it mean having your smartphone (with syncd app) with you ?

[hxbro]

http://passwordchameleon.com/ might be of use to someone

[Edwin Fong]

Quote:

Originally Posted by driver8

yes, that's why I've not moved over to a password manager yet - how do you get on if you want to login on a friend's PC, or at a cybercafé ? Does it mean having your smartphone (with syncd app) with you ?

Yep - I never use a friends pc or cyber cafe though. I have the app on my iPhone and iPad, and use that as my Internet browser for any websites I need to log in to. It can be a bit of ball he opening the app and copying the password out for something like amazon when I'm using the app - but it keeps everything safe, so it's worth it

With last pass you can set up a few temporary passwords you can use when out and about if needed, I'm not exactly sure how it works as I don't use it, but I'm pretty sure it's possible.

[oldskool]

Quote:

Originally Posted by phollan1

Top 25 passwords, if you use any of these suggest you may want to change them

1. Password
2. 123456
3. 12345678
4. Qwerty
5. abc123
6. monkey
7. 1234567
8. Letmein
9. trustno1
10. dragon
11. baseball
12. 111111
13. Iloveyou
14. Master
15. Sunshine
16. Ashley
17. Bailey
18. passw0rd
19. shadow
20. 123123
21. 654321
22. Superman
23. Qazwsx
24. Michael
25. Football

Shadow is a bit of an odd one to have on the list

[Chris Locke]

Quote:

Originally Posted by Edwin Fong

With last pass you can set up a few temporary passwords you can use when out and about if needed, I'm not exactly sure how it works as I don't use it, but I'm pretty sure it's possible.

LastPass works in two ways. Download the browser plugin, and once logged in, it will auto-complete websites for you. This means if you create an account at work, when you get home, you can log into the same site without having to remember what the password was.
The other way, if using a more public PC, is to go to the LastPass website, and again, after logging in, it will list all the sites you've saved. Find the right one, copy the password, and log in as required.

As mentioned above, I hate the fact some sites have to have six characters, or don't allow dashes, etc.

[Xeon007]

Quote:

Originally Posted by Chris Locke

As mentioned above, I hate the fact some sites have to have six characters, or don't allow dashes, etc.

How about the websites that truncate your password and don't tell you (I put in 30 characters, it only took the first 20 but didn't tell me!)

[Edwin Fong]

Quote:

Originally Posted by Chris Locke

LastPass works in two ways. Download the browser plugin, and once logged in, it will auto-complete websites for you. This means if you create an account at work, when you get home, you can log into the same site without having to remember what the password was.
The other way, if using a more public PC, is to go to the LastPass website, and again, after logging in, it will list all the sites you've saved. Find the right one, copy the password, and log in as required.

As mentioned above, I hate the fact some sites have to have six characters, or don't allow dashes, etc.

I know about the all and website - I use the app on my phone and iPad. It's the temporary passwords I wasn't sure about. I'm pretty sure you can setup temporary passwords for some accounts, and then if you are on a public pc you don't have to type in your master password (in case of key loggers etc), you just use your temporary password and that then deletes. Thinking on, you probably set up temporary master passwords just in case.

[driver8]

PCpro - The ultimate guide to passwords

[driver8]

The Verge - LinkedIn investigating reports that 6.46 million hashed passwords have leaked online

A user in a Russian forum is claiming to have hacked LinkedIn to the tune of almost 6.5 million account details. The user uploaded 6,458,020 hashed passwords, but no usernames. It's not clear if they managed to download the usernames, but it's likely that both have been downloaded.

There is a possibility that this could be a hoax, but several people have said on Twitter that they found their real LinkedIn passwords as hashes on the list. Many of the hashes include "linkedin," which seems to add credence to the claims.

[ljp]

More about that here:

http://www.bbc.co.uk/news/technology-18338956

Also Linkedin are changing their mobile Apps due to this as well:

http://www.techworld.com.au/article/...s_mobile_apps/

Not a great day for Linkedin then!


You can check if you linkedin password has been cracked here:

http://www.leakedin.org/

Site is very slow at the moment though.

[driver8]

hehe ... great domain name !

[sampath]

Last.fm are also reporting a suspected security breach and advising users to change their passwords.

[ljp]

http://www.bbc.co.uk/news/technology-18358485

[nigel_williams]

I updated my passwords this week, and switched on 2 pass for my main gmail account.

Sent from my Galaxy Nexus

[daboy3000]

Quote:

Originally Posted by driver8

Next, you can check just how secure your passwords might be, here at the appropriately entitled How Secure Is My Password ? site.

According to that it would take 6000 years to crack mine. Thing i will be ok.

[Guest 9359]

Quote:

Originally Posted by daboy3000

According to that it would take 6000 years to crack mine. Thing i will be ok.

According to that it'll take about 2 million years to crack one of mine - and I use a seperate password for every site.