frustrate shouldservers

Anders Holmberg anders at pipkrokodil.se
Mon Feb 6 08:22:11 UTC 2017 

Hi!
My only comment is that i am not a mathematics so that would be to complicated for me.
I am more like an philosofic linguist and have lots of strange words sometimes popping up in my head.
I guess i rather use a password generator or password manager.
/A
> 5 feb. 2017 kl. 04:19 skrev Eric Oyen <eric.oyen at icloud.com>:
> 
> well, so far, I have managed to keep track of all of mine. However, some sites I go to won't let me use any of the more interesting characters on the keyboard (like: !@#$%^&*()"':;?/.>,< ) which can get rather annoying.
> 
> Now as to how I do it, the first (of 3 parts) of the password I use is a leet speak modified version of a long word. the second is a leet speak version of the website name and the third part is the date I joined (in MM/DD/YYYY:HH:MM:SS format). like I said, good luck breaking that!SOmetimes, like the interesting character issue above, I have to change things because the length is too long. grrrrr. why can't website developers use REAL security? seriously, 10 characters is definitely not enough.
> 
> here is an example of what I might use: 4s7r0n0m3rACHAN12/24/1999:23:51:13 please note that this particular one is 34 characters long. Decoded to english it reads astronomer  4chan 12/24/1999 23:51:13
> 
> 
> now, who would know exactly when I joined a site. the site name would be obvious (assuming anyone could crack it) and the first word is just that, a proper noun. With my head for numbers, math and sciences, its a pretty easy formula for me to keep in head. :) btw, run that password through a password strength detector and watch it peg the meter all the way to the right on strength. :) btw, the noun I used above in the password string will not be used as I have other science interests (and there are so many of them!).
> 
> so, thoughts?
> 
> -eric
> from the central office of the Technomage Guild.
> 
> On Feb 4, 2017, at 6:45 PM, Tim Chase wrote:
> 
>> On February  4, 2017, Eric Oyen wrote:
>>> btw, I use a fairly simple password scheme thats easy for me to
>>> remember and nearly impossible for anyone to guess it. it's how I
>>> managed to keep over 200 passwords in my head.
>> 
>> I used to use the site's name inserted into my password
>> prefix/suffix, so if my prefix was "maul4wafted" and my suffix was
>> "^mage18", my Amazon password would have been
>> "maul4waftedAmazon^mage18".  Which is a pretty good password if the
>> site is responsible with using strong salted hashes to store them.
>> However, I've seen enough breaches where best practices were *not*
>> followed, so if a password such as that were leaked, it wouldn't be
>> hard to deduce that my Twitter password might be
>> "maul4waftedTwitter^mage18"
>> 
>> The other problem with that is certain sites got bought-out and
>> changed names, so then I'd have to remember that, even though I'm
>> logging into First United bank currently, I have remember that it used
>> to be Farmers & Merchants bank and that's what I used to create the
>> password.
>> 
>> So after seeing a couple such breaches and fighting to remember
>> name-changes, I stopped using that method and switched to outsourcing
>> my passwords to a manager where I only needed to remember one master
>> password.
>> 
>>> still, the older I get, the harder this will get. so, an additional
>>> outboard tool or two won't hurt me in the least.
>> 
>> And with my 40th coming up all too soon, I'm more than willing to let
>> the computer do most of the remembering for me. (grins)
>> 
>> -tim
>> 
>> 
>> 
>> 
>> _______________________________________________
>> Blinux-list mailing list
>> Blinux-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/blinux-list
> 
> 
> _______________________________________________
> Blinux-list mailing list
> Blinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/blinux-list

More information about the Blinux-list mailing list