PDA

View Full Version : Re: Must Discuss the Kitties' Welfair


June 25th 11, 02:17 AM
On Jun 19, 12:55*pm, "CatNipped" > wrote:
> I hate, hate HATE those companies that not only require a certain number of
> characters, but refuse passwords that are recent repeats of past passwords
> (like 20 passwords back, or won't allow consesequitive letters, or common
> words, or anything at ALL easily memorable - no wonder I can't ever get into
> the same place twice. *What the heck do they care if I get "hacked", that's
> *NY* problem, and besides, the passwords I use and remember couldn't
> possibly be figured out by anyone but me and *maybe* Ben. *Who the hell are
> they to tell me what's a proper password for me??!!
>
> </password rant>
>

I come up with passwords that mean something to me, but are not normal
names by themselves. And then I send myself an email with my username
and password hint. The hint makes perfect sense to me, so I don't have
to include the actual password. It could be a letter and the # sign,
and I know what name and number that is. It could be old goal or new
goal, and I know what that means.

At work, I keep it very simple as 3 of use the same account, and I
really doubt somebody wants to hack into the deli department account.
So I have an easy word, punctuation, and a number, and the number
goes up by a specific number every time it requires a password change.
That way, the other clerks can easily guess the new password if they
find it has changed.

I also like to answer security questions wrong, so that I know the
correct answer, but it isn't easily obvious. For example, I don't use
my sister's middle name for that question. I use somebody else;s
middle name. I don't use my first pet, etc.

Bill Graham
June 25th 11, 02:39 AM
wrote:
> On Jun 19, 12:55 pm, "CatNipped" > wrote:
>> I hate, hate HATE those companies that not only require a certain
>> number of characters, but refuse passwords that are recent repeats
>> of past passwords (like 20 passwords back, or won't allow
>> consesequitive letters, or common words, or anything at ALL easily
>> memorable - no wonder I can't ever get into the same place twice.
>> What the heck do they care if I get "hacked", that's *NY* problem,
>> and besides, the passwords I use and remember couldn't possibly be
>> figured out by anyone but me and *maybe* Ben. Who the hell are they
>> to tell me what's a proper password for me??!!
>>
>> </password rant>
>>
>
> I come up with passwords that mean something to me, but are not normal
> names by themselves. And then I send myself an email with my username
> and password hint. The hint makes perfect sense to me, so I don't have
> to include the actual password. It could be a letter and the # sign,
> and I know what name and number that is. It could be old goal or new
> goal, and I know what that means.
>
> At work, I keep it very simple as 3 of use the same account, and I
> really doubt somebody wants to hack into the deli department account.
> So I have an easy word, punctuation, and a number, and the number
> goes up by a specific number every time it requires a password change.
> That way, the other clerks can easily guess the new password if they
> find it has changed.
>
> I also like to answer security questions wrong, so that I know the
> correct answer, but it isn't easily obvious. For example, I don't use
> my sister's middle name for that question. I use somebody else;s
> middle name. I don't use my first pet, etc.

Yes. Well, passwords vary in their importance. You can use simple ones for
unimportant things, but for the important stuff, it's good to have a
password that's difficult to figure out. and, it these important ones that I
would like to encode so that I can figure them out on the spot based on the
information I have rather than sheer memory, but nobody else could. - It
would be completely raqndom to anyone who doesn't know my "system", and that
way, I wouldn't have to write anything down. My problem with writing stuff
down is twqfold, I would misplace the book and not be able to enter my own
accounts, and/or someone else would break into my house when I am gone asnd
get all my passwords out of the book. In either case, I don't like the idea
of writing therm down in a book.
There used to be a physicist...A Niobel prize winner, and he liked to break
into his co-workers safes, just as an exercise. Most of the time, he would
find their combination taped underneath their middle desk drawer, or some
similoar place in their office. He knew very little about safes and how
they worked, but he knew a lot about his co-workers minds and how they
worked, which, it turnes out, was just as good if not better. This guys name
was Richard P. Feynman, and he wrote several books which are all a good
read. He was an excellent teacher, and anyone can learn a lot from his
books, even if they are not scientifically oriented.

June 25th 11, 02:53 PM
On Jun 24, 6:39*pm, "Bill Graham" > wrote:
> wrote:
> > On Jun 19, 12:55 pm, "CatNipped" > wrote:
> >> I hate, hate HATE those companies that not only require a certain
> >> number of characters, but refuse passwords that are recent repeats
> >> of past passwords (like 20 passwords back, or won't allow
> >> consesequitive letters, or common words, or anything at ALL easily
> >> memorable - no wonder I can't ever get into the same place twice.
> >> What the heck do they care if I get "hacked", that's *NY* problem,
> >> and besides, the passwords I use and remember couldn't possibly be
> >> figured out by anyone but me and *maybe* Ben. Who the hell are they
> >> to tell me what's a proper password for me??!!
>
> >> </password rant>
>
> > I come up with passwords that mean something to me, but are not normal
> > names by themselves. And then I send myself an email with my username
> > and password hint. The hint makes perfect sense to me, so I don't have
> > to include the actual password. It could be a letter and the # sign,
> > and I know what name and number that is. It could be old goal or new
> > goal, and I know what that means.
>
> > At work, I keep it very simple as 3 of use the same account, and I
> > really doubt somebody wants to hack into the deli department account.
> > So I have an easy word, punctuation, * and a number, and the number
> > goes up by a specific number every time it requires a password change.
> > That way, the other clerks can easily guess the new password if they
> > find it has changed.
>
> > I also like to answer security questions wrong, so that I know the
> > correct answer, but it isn't easily obvious. For example, I don't use
> > my sister's middle name for that question. I use somebody else;s
> > middle name. I don't use my first pet, etc.
>
> Yes. Well, passwords vary in their importance. You can use simple ones for
> unimportant things, but for the important stuff, it's good to have a
> password that's difficult to figure out. and, it these important ones that I
> would like to encode so that I can figure them out on the spot based on the
> information I have rather than sheer memory, but nobody else could. - It
> would be completely raqndom to anyone who doesn't know my "system", and that
> way, I wouldn't have to write anything down. My problem with writing stuff
> down is twqfold, I would misplace the book and not be able to enter my own
> accounts, and/or someone else would break into my house when I am gone asnd
> get all my passwords out of the book. In either case, I don't like the idea
> of writing therm down in a book.

This is why I send myself an email and save it in a special location.
And the email contains the username and a hint. No actual password.
And I know what the hint means. I have made up numbers that go with
certain things, so I know what the combination is, how many digits as
they vary, and what order and what punctuation.

I never write down my passwords, but I do know where to find my hints
as I have various passwords at a ton of websites. I would never be
able to remember which password goes with which website without my set
of hints. I can't even remember my usernames sometimes, and I only use
a few of those. I was just at my employer's website to review a
paycheck stub. It took me 15 minutes to remember that my username for
that account is my checker number, not a word.

nik Simpson
June 25th 11, 04:15 PM
There's a dangerous assumption here, i.e. that choosing a relatively
simple password that is highly personal to you, is safe because nobody
would guess it unless they knew you and your personal information.
Folks, that's not how hackers break passwords, they don't go your login
and try to guess your password. They hack the website completely (a-la
Sony) grab the master password file & username list, and feed that data
to one or more computers to simply brute force decrypt the password
file, they don't need to know anything about you at all.

I've decided to use Lastpass and different long completely random
passwords for each website that I couldn't begin to remember. The only
password I have to remember is my Lastpass password, they handle the
rest. Granted, this relies on two things:

1. Nobody can guess my Lastpass password
2. Lastpass's security and encryption is good enough to prevent the
master password data falling into the wrong hands and being decrytped in
a useful amount of time.

So far it's working, but if you bank online or use credit cards online,
the watchword is vigilance ;-)

BTW, are you wondering if one of the recent hacks (Sony, Citicard, etc)
has compromised your password or email address? If not, you probably
should be, so check out this tool:

https://shouldichangemypassword.com/

It's legit and simply searches the data that has been leaked from sites
like Sony to see if your email address is in leaked data.
--
Nik Simpson

Bill Graham
June 25th 11, 11:04 PM
nik Simpson wrote:
> There's a dangerous assumption here, i.e. that choosing a relatively
> simple password that is highly personal to you, is safe because nobody
> would guess it unless they knew you and your personal information.
> Folks, that's not how hackers break passwords, they don't go your
> login and try to guess your password. They hack the website
> completely (a-la Sony) grab the master password file & username list,
> and feed that data to one or more computers to simply brute force
> decrypt the password file, they don't need to know anything about you
> at all.
> I've decided to use Lastpass and different long completely random
> passwords for each website that I couldn't begin to remember. The only
> password I have to remember is my Lastpass password, they handle the
> rest. Granted, this relies on two things:
>
> 1. Nobody can guess my Lastpass password
> 2. Lastpass's security and encryption is good enough to prevent the
> master password data falling into the wrong hands and being decrytped
> in a useful amount of time.
>
> So far it's working, but if you bank online or use credit cards
> online, the watchword is vigilance ;-)
>
> BTW, are you wondering if one of the recent hacks (Sony, Citicard,
> etc) has compromised your password or email address? If not, you
> probably should be, so check out this tool:
>
> https://shouldichangemypassword.com/
>
> It's legit and simply searches the data that has been leaked from
> sites like Sony to see if your email address is in leaked data.

But how can you be sure some Lastpass employee doesn't sell a bunch of
passwords to someone else for progit? In the same way, I won't know if some
crooked store employee or waiter doesn't swell my credit card information to
someone else. In a word, its impossible to completely protect yourself from
criminals.

Bill Graham
June 25th 11, 11:48 PM
wrote:
> On Jun 24, 6:39 pm, "Bill Graham" > wrote:
>> wrote:
>>> On Jun 19, 12:55 pm, "CatNipped" > wrote:
>>>> I hate, hate HATE those companies that not only require a certain
>>>> number of characters, but refuse passwords that are recent repeats
>>>> of past passwords (like 20 passwords back, or won't allow
>>>> consesequitive letters, or common words, or anything at ALL easily
>>>> memorable - no wonder I can't ever get into the same place twice.
>>>> What the heck do they care if I get "hacked", that's *NY* problem,
>>>> and besides, the passwords I use and remember couldn't possibly be
>>>> figured out by anyone but me and *maybe* Ben. Who the hell are they
>>>> to tell me what's a proper password for me??!!
>>
>>>> </password rant>
>>
>>> I come up with passwords that mean something to me, but are not
>>> normal names by themselves. And then I send myself an email with my
>>> username and password hint. The hint makes perfect sense to me, so
>>> I don't have to include the actual password. It could be a letter
>>> and the # sign, and I know what name and number that is. It could
>>> be old goal or new goal, and I know what that means.
>>
>>> At work, I keep it very simple as 3 of use the same account, and I
>>> really doubt somebody wants to hack into the deli department
>>> account. So I have an easy word, punctuation, and a number, and the
>>> number goes up by a specific number every time it requires a
>>> password change. That way, the other clerks can easily guess the
>>> new password if they find it has changed.
>>
>>> I also like to answer security questions wrong, so that I know the
>>> correct answer, but it isn't easily obvious. For example, I don't
>>> use my sister's middle name for that question. I use somebody else;s
>>> middle name. I don't use my first pet, etc.
>>
>> Yes. Well, passwords vary in their importance. You can use simple
>> ones for unimportant things, but for the important stuff, it's good
>> to have a password that's difficult to figure out. and, it these
>> important ones that I would like to encode so that I can figure them
>> out on the spot based on the information I have rather than sheer
>> memory, but nobody else could. - It would be completely raqndom to
>> anyone who doesn't know my "system", and that way, I wouldn't have
>> to write anything down. My problem with writing stuff down is
>> twqfold, I would misplace the book and not be able to enter my own
>> accounts, and/or someone else would break into my house when I am
>> gone asnd get all my passwords out of the book. In either case, I
>> don't like the idea of writing therm down in a book.
>
> This is why I send myself an email and save it in a special location.
> And the email contains the username and a hint. No actual password.
> And I know what the hint means. I have made up numbers that go with
> certain things, so I know what the combination is, how many digits as
> they vary, and what order and what punctuation.
>
> I never write down my passwords, but I do know where to find my hints
> as I have various passwords at a ton of websites. I would never be
> able to remember which password goes with which website without my set
> of hints. I can't even remember my usernames sometimes, and I only use
> a few of those. I was just at my employer's website to review a
> paycheck stub. It took me 15 minutes to remember that my username for
> that account is my checker number, not a word.

That would kill it for me.... I am incapable of thinking about anything for
15 minutes....:^)

June 26th 11, 07:45 AM
> wrote:

> This is why I send myself an email and save it in a special location.
> And the email contains the username and a hint. No actual password.
> And I know what the hint means. I have made up numbers that go with
> certain things, so I know what the combination is, how many digits as
> they vary, and what order and what punctuation.

> I never write down my passwords, but I do know where to find my hints
> as I have various passwords at a ton of websites. I would never be
> able to remember which password goes with which website without my set
> of hints. I can't even remember my usernames sometimes, and I only use
> a few of those. I was just at my employer's website to review a
> paycheck stub. It took me 15 minutes to remember that my username for
> that account is my checker number, not a word.

Do you keep all the hints + websites (or other places where you use
passwords) in one file? And then if you have to log on to a site, you
look in that file to see the hint for that site? It sounds like a good
idea.

Joyce

--
A black cat crossing your path signifies that the animal is going
somewhere. -- Groucho Marx

June 30th 11, 08:48 AM
On Jun 25, 11:45*pm, wrote:
> > wrote:
>
> *> This is why I send myself an email and save it in a special location..
> *> And the email contains the username and a hint. No actual password.
> *> And I know what the hint means. I have made up numbers that go with
> *> certain things, so I know what the combination is, how many digits as
> *> they vary, and what order and what punctuation.
>
> *> I never write down my passwords, but I do know where to find my hints
> *> as I have various passwords at a ton of websites. I would never be
> *> able to remember which password goes with which website without my set
> *> of hints. I can't even remember my usernames sometimes, and I only use
> *> a few of those. I was just at my employer's website to review a
> *> paycheck stub. It took me 15 minutes to remember that my username for
> *> that account is my checker number, not a word.
>
> Do you keep all the hints + websites (or other places where you use
> passwords) in one file? And then if you have to log on to a site, you
> look in that file to see the hint for that site? It sounds like a good
> idea.
>

Yes, I send myself an email for each hint, so I can go back and look
for the email for amazon.com or my isp provider, etc. Then open it and
see my username and hint. I have a separate folder for these emails,
so I know where they all are. And if somebody found it, they would
have my usernames, but they wouldn't know what the hints mean. How
would they know what "old goal" means? Not even my family has a clue
what my goal was or what number I associate with it. I also have a new
goal hint, and a variety of others.

jmc[_2_]
July 2nd 11, 12:55 AM
Suddenly, without warning, exclaimed
(6/30/2011 3:48 AM):
> On Jun 25, 11:45 pm, wrote:
>> > wrote:
>>
>> > This is why I send myself an email and save it in a special location.
>> > And the email contains the username and a hint. No actual password.
>> > And I know what the hint means. I have made up numbers that go with
>> > certain things, so I know what the combination is, how many digits as
>> > they vary, and what order and what punctuation.
>>
>> > I never write down my passwords, but I do know where to find my hints
>> > as I have various passwords at a ton of websites. I would never be
>> > able to remember which password goes with which website without my set
>> > of hints. I can't even remember my usernames sometimes, and I only use
>> > a few of those. I was just at my employer's website to review a
>> > paycheck stub. It took me 15 minutes to remember that my username for
>> > that account is my checker number, not a word.
>>
>> Do you keep all the hints + websites (or other places where you use
>> passwords) in one file? And then if you have to log on to a site, you
>> look in that file to see the hint for that site? It sounds like a good
>> idea.
>>
>
> Yes, I send myself an email for each hint, so I can go back and look
> for the email for amazon.com or my isp provider, etc. Then open it and
> see my username and hint. I have a separate folder for these emails,
> so I know where they all are. And if somebody found it, they would
> have my usernames, but they wouldn't know what the hints mean. How
> would they know what "old goal" means? Not even my family has a clue
> what my goal was or what number I associate with it. I also have a new
> goal hint, and a variety of others.
>
>

There are apps that will do this kind of thing for you. I use Password
Safe, which is free and pretty easy to use.

jmc

Joy
July 2nd 11, 01:45 AM
--
Joy

Wouldn't it be nice if whenever we messed up our life we could simply press
'Ctrl Alt Delete' and start all over?

"jmc" > wrote in message
...
> Suddenly, without warning, exclaimed (6/30/2011
> 3:48 AM):
>> On Jun 25, 11:45 pm, wrote:
>>> > wrote:
>>>
>>> > This is why I send myself an email and save it in a special
>>> location.
>>> > And the email contains the username and a hint. No actual password.
>>> > And I know what the hint means. I have made up numbers that go with
>>> > certain things, so I know what the combination is, how many digits
>>> as
>>> > they vary, and what order and what punctuation.
>>>
>>> > I never write down my passwords, but I do know where to find my
>>> hints
>>> > as I have various passwords at a ton of websites. I would never be
>>> > able to remember which password goes with which website without my
>>> set
>>> > of hints. I can't even remember my usernames sometimes, and I only
>>> use
>>> > a few of those. I was just at my employer's website to review a
>>> > paycheck stub. It took me 15 minutes to remember that my username
>>> for
>>> > that account is my checker number, not a word.
>>>
>>> Do you keep all the hints + websites (or other places where you use
>>> passwords) in one file? And then if you have to log on to a site, you
>>> look in that file to see the hint for that site? It sounds like a good
>>> idea.
>>>
>>
>> Yes, I send myself an email for each hint, so I can go back and look
>> for the email for amazon.com or my isp provider, etc. Then open it and
>> see my username and hint. I have a separate folder for these emails,
>> so I know where they all are. And if somebody found it, they would
>> have my usernames, but they wouldn't know what the hints mean. How
>> would they know what "old goal" means? Not even my family has a clue
>> what my goal was or what number I associate with it. I also have a new
>> goal hint, and a variety of others.
>>
>>
>
> There are apps that will do this kind of thing for you. I use Password
> Safe, which is free and pretty easy to use.
>
> jmc

I prefer making up my own passwords, which are easier for me to remember. I
use a similar method, of listing a hint, both to the user name and the
password, in a special file.

Joy

Bill Graham
July 3rd 11, 12:59 AM
Joy wrote:

Wouldn't it be nice if whenever we messed up our life we could simply press
'Ctrl Alt Delete' and start all over?

Yes. I would go back a month and keep B-K from drinking that poisoned water
that killed him. But,

"The moving finger writes, and having writ
Moves on, nor all your piety nor wit,
Shall lure it back to cancel half a line,
Nor all your tears wash out a word of it."

-- Edward Fitsgerald