Quantcast
Password Management - Page 2 - Beyond.ca - Car Forums

View Poll Results: Passwords and Management

Voters
58. You may not vote on this poll
  • 123456 for everything

    5 8.62%
  • Generic for most and unique for the important stuff

    28 48.28%
  • Everything computer generated with 2 factor authenticated management program

    15 25.86%
  • Chrome saves it for me?

    17 29.31%
Multiple Choice Poll.
Page 2 of 2 FirstFirst 1 2
Results 21 to 37 of 37

Thread: Password Management

  1. #21
    Join Date
    Apr 2004
    Location
    Calgary
    My Ride
    2013 Q5
    Posts
    1,678
    Rep Power
    18

    Default

    Quote Originally Posted by ExtraSlow View Post
    This quote is hidden because you are ignoring this member. Show Quote
    Should I be concerned that I don't even know what a password hash is?
    not really, most people don't.

    Think of a hash as an irreversible transformation from "ILoveMyCatOscar1234" to "lkajsdv9a0vu0w9vjasva[wev9j[avasdvj;lasdkvasjv8ovasdvjasdga;sdfsd" (not a real hash, just an example)

    When you sign up on a website, your password is not stored in their DB as a plain text password as you typed it - instead the "hash" is stored. Then when you login, it runs whatever you typed through the hash and compares that against the hash in the DB to confirm your login.

    There are many reasons to do this, but one of the most obvious is to prevent people with DB access to know people's real passwords.

  2. #22
    Join Date
    Aug 2003
    Location
    Cochrane, AB
    Posts
    1,811
    Rep Power
    18

    Default

    Quote Originally Posted by ExtraSlow View Post
    This quote is hidden because you are ignoring this member. Show Quote
    https://xkcd.com/936/
    This explains it well.

    Special characters try to add complexity to short passwords but they don't make it that much harder for brute force attacks. Longer simple passwords (known as phrases) are much harder to crack.

    At least that's how I understand it.
    You might be right, but it doesn't matter when it comes down to it.

    For example:

    4WoIjv^R*MM95$57jfNd* generated by lasspass will take 3 sextillion years

    TheBrownEmuTookAPizzaToHisTeacher may be exponentially more secure technically but from a real world perspective, not at all as it would be impossible for us to chrack either using current technologiy in a person's lifetime.

  3. #23
    Join Date
    Jul 2010
    Location
    Technically the NE
    My Ride
    C63S + AT4
    Posts
    4,165
    Rep Power
    18

    Default

    Wouldn’t an algorithm that looks for dictionary strings be able to theoretically cut down iterations significantly if they are all spelled correctly like that?

    Also aren’t different hashing methods more secure than others?

    I always thought the “this takes X years” claims to be kindof BS because you don’t know what techniques will be used on either side of the equation.
    Originally posted by Thales of Miletus

    If you think I have been trying to present myself as intellectually superior, then you truly are a dimwit.
    Originally posted by Toma
    fact.

  4. #24
    Join Date
    Jan 2006
    Location
    Calgary
    My Ride
    Axis powers
    Posts
    2,316
    Rep Power
    16

    Default

    When quantum computing becomes a thing, beyond just beta and alpha testing you’re going to see a huge disruption in security... passwords will be cracked far easier and SSL will need to become quantum based
    Sig nuked by mod.

  5. #25
    Join Date
    Oct 2008
    Location
    Calgary
    Posts
    223
    Rep Power
    0

    Default

    So I'm curious, why do many of you use a password app?

    Isn't having an app for your passwords a security flaw in itself? Could the app be hacked and your data breached?

    Further, what happens if your device holding that app, is dead?

    ie. you have to log into your bank account, but your phone is dead and no charger in sight.

    I've never used a password storing service so i'm curious.

  6. #26
    Join Date
    Oct 2005
    Location
    Calgary
    My Ride
    Grimace
    Posts
    6,510
    Rep Power
    21

    Default

    Quote Originally Posted by Hero_X View Post
    This quote is hidden because you are ignoring this member. Show Quote
    So I'm curious, why do many of you use a password app?

    Isn't having an app for your passwords a security flaw in itself? Could the app be hacked and your data breached?

    Further, what happens if your device holding that app, is dead?

    ie. you have to log into your bank account, but your phone is dead and no charger in sight.

    I've never used a password storing service so i'm curious.
    Lastpass is a multiplatform app. I have it on my phone and as an addon on my web browsers. Mine is protected by 2FA and the passwords themselves are encrypted. Works great with android oreo to autofill apps and web passwords/usernames.
    Easiest way to remember everything for me and to have individual and random passwords for my accounts.

  7. #27
    Join Date
    Jul 2010
    Location
    Technically the NE
    My Ride
    C63S + AT4
    Posts
    4,165
    Rep Power
    18

    Default

    Quote Originally Posted by Hero_X View Post
    This quote is hidden because you are ignoring this member. Show Quote
    So I'm curious, why do many of you use a password app?

    Isn't having an app for your passwords a security flaw in itself? Could the app be hacked and your data breached?

    Further, what happens if your device holding that app, is dead?

    ie. you have to log into your bank account, but your phone is dead and no charger in sight.

    I've never used a password storing service so i'm curious.
    I think if you are moving that level of a insecurity about “hacking” you should stay off the internet.

    So long as the app is confirmed to employ a high standard of security protocols I don’t see how having it is any more of a risk than having online banking.
    Originally posted by Thales of Miletus

    If you think I have been trying to present myself as intellectually superior, then you truly are a dimwit.
    Originally posted by Toma
    fact.

  8. #28
    Join Date
    Oct 2008
    Location
    Calgary
    Posts
    223
    Rep Power
    0

    Default

    Quote Originally Posted by killramos View Post
    This quote is hidden because you are ignoring this member. Show Quote
    I think if you are moving that level of a insecurity about “hacking” you should stay off the internet.

    So long as the app is confirmed to employ a high standard of security protocols I don’t see how having it is any more of a risk than having online banking.
    But that's just it killramos, the conversation on this thread is about keeping passwords complex and secure in the event hacking occurs.

    Yet, all those passwords are being held in an app that is run by someone.

    I understand the internet has inherent risk, and we try to take measures for security. But I'm just wondering why people are trusting an app so much.

    I'm not trying to ridicule you or anyone, but this question is on my mind and i'm just wondering what makes these apps so secure and actually trustworthy.

  9. #29
    Join Date
    Jul 2010
    Location
    Technically the NE
    My Ride
    C63S + AT4
    Posts
    4,165
    Rep Power
    18

    Default

    I think the idea is that a password management solution offers a higher level of security for its database than your standard internet form login.

    What you are trying to prevent is having the same password present in some weak database or transmission that is compromised and can be used to log in elsewhere. Or if you are a victim of phishing or key logging on an insecure computer or network having that password reused elsewhere.

    Complexity to prevent computerized hacking is fine and dandy but that’s a pretty targeted attack, you just want to make sure you aren’t making it too easy.

    So long as your password management system is sufficiently robust you should be safe from a targeted attack on last pass for example. But it is their business to maintain security for the users, if LastPass had a breach that would be the end of the company as they would lose all trust.

    At least that’s the way I see it. I think if someone really wanted to get your information you have more to worry about.
    Originally posted by Thales of Miletus

    If you think I have been trying to present myself as intellectually superior, then you truly are a dimwit.
    Originally posted by Toma
    fact.

  10. #30
    Join Date
    Jan 2019
    Location
    Calgmonton/AB
    Posts
    270
    Rep Power
    0

    Default

    Minor bump rather than start a new thread.
    I've always remembered this article from WIRED Magazine years ago and some silly story trending just reminded me of it.
    The original article talks about how it doesn't really matter if your password is this giant hexadecimal multi character silly string - it's your security questions that will bury you and there's little way to make them better now that you're forced to pick them from a list.

    Wired Article (old):
    https://www.google.com/amp/s/www.wir...ord-hacker/amp



    Recent News thing:
    https://www.cbc.ca/news/technology/m...hack-1.5009279

  11. #31
    Thaco's Avatar
    Thaco is offline sucks off little boys (ya, don't fuck with rage2 bitch!!!)
    Join Date
    Oct 2004
    Location
    Calgary
    My Ride
    Rage2
    Posts
    3,611
    Rep Power
    19

    Default

    just signed up for lastpass, seems solid, and only liek $5 a month for 6 users on the family plan
    User title molested by Rage2.

    Quote Originally Posted by rage2 View Post
    It's not the size that matters, it's the taste it leaves in your mouth.

  12. #32
    Join Date
    Jul 2010
    Location
    Technically the NE
    My Ride
    C63S + AT4
    Posts
    4,165
    Rep Power
    18

    Default

    I’ve used the free account for a year and it’s been very solid. Very easy to use.
    Originally posted by Thales of Miletus

    If you think I have been trying to present myself as intellectually superior, then you truly are a dimwit.
    Originally posted by Toma
    fact.

  13. #33
    Thaco's Avatar
    Thaco is offline sucks off little boys (ya, don't fuck with rage2 bitch!!!)
    Join Date
    Oct 2004
    Location
    Calgary
    My Ride
    Rage2
    Posts
    3,611
    Rep Power
    19

    Default

    Quote Originally Posted by killramos View Post
    This quote is hidden because you are ignoring this member. Show Quote
    I’ve used the free account for a year and it’s been very solid. Very easy to use.
    i love the emergency retrieval feature, i know too many people who were gone unexpectedly and nobody could access their accounts etc... turns into a nightmare
    User title molested by Rage2.

    Quote Originally Posted by rage2 View Post
    It's not the size that matters, it's the taste it leaves in your mouth.

  14. #34
    Join Date
    May 2002
    Location
    Cougar Town!
    Posts
    3,821
    Rep Power
    5

    Default

    Quote Originally Posted by ThePenIsMightier View Post
    This quote is hidden because you are ignoring this member. Show Quote
    Minor bump rather than start a new thread.
    it's your security questions that will bury you and there's little way to make them better now that you're forced to pick them from a list.
    [/url]
    Don't use real answers for security questions. Use a global passphrase for all security questions, probably safer than the real answer lol
    ---

  15. #35
    Join Date
    Jan 2019
    Location
    Calgmonton/AB
    Posts
    270
    Rep Power
    0

    Default

    Quote Originally Posted by kenny View Post
    This quote is hidden because you are ignoring this member. Show Quote
    Don't use real answers for security questions. Use a global passphrase for all security questions, probably safer than the real answer lol
    That was my first strategy. It doesn't work. Many sites refuse to let you have the same answer to more than one "security question".

  16. #36
    Join Date
    May 2002
    Location
    Cougar Town!
    Posts
    3,821
    Rep Power
    5

    Default

    Quote Originally Posted by ThePenIsMightier View Post
    This quote is hidden because you are ignoring this member. Show Quote
    That was my first strategy. It doesn't work. Many sites refuse to let you have the same answer to more than one "security question".
    could use passphrase + real answer then
    ---

  17. #37
    Join Date
    Jan 2019
    Location
    Calgmonton/AB
    Posts
    270
    Rep Power
    0

    Default

    Quote Originally Posted by kenny View Post
    This quote is hidden because you are ignoring this member. Show Quote
    could use passphrase + real answer then
    Now you're talking. That should work if they allow more than one word. And, even if they don't I guess I could mash them together.

Page 2 of 2 FirstFirst 1 2

Similar Threads

  1. Hotmail Password

    By iceburns288 in forum Computers, Consoles, and other Electronics
    Replies: 6
    Latest Threads: 08-15-2004, 10:55 PM
  2. Help me retrieve my Hotmail password??

    By Importz in forum General
    Replies: 12
    Latest Threads: 03-08-2003, 06:04 PM
  3. HELP NEEDED: HDD Password Removal Tool

    By Davetronz in forum General
    Replies: 6
    Latest Threads: 10-23-2002, 11:39 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •