Go Back   English Forum Switzerland > Help & tips > TV/internet/telephone  
Reply
 
Thread Tools Display Modes
  #41  
Old 16.08.2011, 22:04
Carlos R's Avatar
Forum Legend
 
Join Date: Dec 2009
Location: Roundn'about Basel
Posts: 7,231
Groaned at 105 Times in 95 Posts
Thanked 9,934 Times in 4,178 Posts
Carlos R has a reputation beyond reputeCarlos R has a reputation beyond reputeCarlos R has a reputation beyond reputeCarlos R has a reputation beyond reputeCarlos R has a reputation beyond reputeCarlos R has a reputation beyond repute
Re: Internet Password Security

Quote:
View Post
What is the best way to remember all of the passwords? Use a common password for as many as possible; use easily memorable words; write them all down; password reminder software etc.
A word document called "passwords" in "my documents" folder with no password protection

Edit: oops. I think I heard the groans and thuds as heads hit keyboards...

Last edited by Carlos R; 16.08.2011 at 22:48.
Reply With Quote
This user would like to thank Carlos R for this useful post:
  #42  
Old 16.08.2011, 22:31
CLV's Avatar
CLV CLV is offline
Junior Member
 
Join Date: Aug 2011
Location: Luzern
Posts: 83
Groaned at 1 Time in 1 Post
Thanked 47 Times in 30 Posts
CLV has earned some respectCLV has earned some respect
Re: Internet Password Security

Password strength seems of less importance, since there are usually only a very limited amount of log on tries.
Password reuse however...

http://xkcd.com/792/

But meh, what have you really got to loose!
Reply With Quote
  #43  
Old 16.08.2011, 22:37
Deep Purple's Avatar
Forum Legend
 
Join Date: Dec 2007
Location: England
Posts: 5,273
Groaned at 15 Times in 14 Posts
Thanked 5,284 Times in 2,568 Posts
Deep Purple has a reputation beyond reputeDeep Purple has a reputation beyond reputeDeep Purple has a reputation beyond reputeDeep Purple has a reputation beyond reputeDeep Purple has a reputation beyond reputeDeep Purple has a reputation beyond repute
Re: Internet Password Security

Quote:
View Post
Password strength seems of less importance, since there are usually only a very limited amount of log on tries.
Password reuse however...

http://xkcd.com/792/

But meh, what have you really got to loose!
That is why I said to use separate passwords for key sites. If you do use a common password, restrict it to general sites.

Last edited by Deep Purple; 16.08.2011 at 22:56.
Reply With Quote
  #44  
Old 16.08.2011, 22:42
Upthehatters2008's Avatar
Forum Legend
 
Join Date: May 2010
Location: In the kitchen at parties.
Posts: 4,540
Groaned at 204 Times in 120 Posts
Thanked 6,078 Times in 2,378 Posts
Upthehatters2008 has a reputation beyond reputeUpthehatters2008 has a reputation beyond reputeUpthehatters2008 has a reputation beyond reputeUpthehatters2008 has a reputation beyond reputeUpthehatters2008 has a reputation beyond reputeUpthehatters2008 has a reputation beyond repute
Re: Internet Password Security

Quote:
View Post
spot the non-security guy

stuff sent through the encrypted link is still received by the website in unencrypted form.

client side code: a bit better, but guess where the client side code is sent from?
Yes, but you said passwords were sent unencrypted/plain text, or typed in at the web site. They are not. I don't follow your argument, you seemed to have moved the goalposts.

The argument about plain text passwords is not about the security of the web server, it is one of sniffing or capturing, in which case, you do not include the web server in the equation. It is deemed to be secure.

As for the non security guy ??? HTTPS is unencrypted by the web site/server, it is not received unencrypted by the web site, it is received encrypted. What are you trying to say ? Best also now to make the distinction between a web server and a web site. A web site being a logical entity made up of one or many host servers running one or many middle tier web servers. The middle tier being responsible for decryption. It is received encrypted, I would like to know where you think the decryption takes place if it is , as you say , received decrypted.
Reply With Quote
The following 2 users would like to thank Upthehatters2008 for this useful post:
  #45  
Old 23.08.2011, 11:44
Ed Pummelon's Avatar
Forum Veteran
 
Join Date: Feb 2008
Location: ZH
Posts: 763
Groaned at 2 Times in 2 Posts
Thanked 327 Times in 202 Posts
Ed Pummelon has earned the respect of manyEd Pummelon has earned the respect of manyEd Pummelon has earned the respect of many
Re: Internet Password Security

I use keygrinder.com - remember one master password and it generates a different one for every site you visit. They get bonus points as there's also an iPhone and desktop app to with it.

Of course you have to be comfortable with the guys behind keygrinder...
Reply With Quote
  #46  
Old 23.08.2011, 11:46
Upthehatters2008's Avatar
Forum Legend
 
Join Date: May 2010
Location: In the kitchen at parties.
Posts: 4,540
Groaned at 204 Times in 120 Posts
Thanked 6,078 Times in 2,378 Posts
Upthehatters2008 has a reputation beyond reputeUpthehatters2008 has a reputation beyond reputeUpthehatters2008 has a reputation beyond reputeUpthehatters2008 has a reputation beyond reputeUpthehatters2008 has a reputation beyond reputeUpthehatters2008 has a reputation beyond repute
Re: Internet Password Security

Quote:
View Post
I use keygrinder.com - remember one master password and it generates a different one for every site you visit. They get bonus points as there's also an iPhone and desktop app to with it.

Of course you have to be comfortable with the guys behind keygrinder...
So how did you get comfortable with them ?
Reply With Quote
  #47  
Old 23.08.2011, 12:04
Deep Purple's Avatar
Forum Legend
 
Join Date: Dec 2007
Location: England
Posts: 5,273
Groaned at 15 Times in 14 Posts
Thanked 5,284 Times in 2,568 Posts
Deep Purple has a reputation beyond reputeDeep Purple has a reputation beyond reputeDeep Purple has a reputation beyond reputeDeep Purple has a reputation beyond reputeDeep Purple has a reputation beyond reputeDeep Purple has a reputation beyond repute
Re: Internet Password Security

Quote:
View Post
Of course you have to be comfortable with the guys behind keygrinder...
Quote:
View Post
So how did you get comfortable with them ?
That is one of my concerns with any of the password management software.

You have to trust the company producing it.

What if their security is breached? They must be an interesting target for people with criminal intentions.

If something goes wrong, you could lose access to everything.
Reply With Quote
  #48  
Old 23.08.2011, 12:11
mirfield's Avatar
Moddy Wellies
 
Join Date: Apr 2007
Location: North Yorkshire
Posts: 8,729
Groaned at 53 Times in 47 Posts
Thanked 9,942 Times in 3,654 Posts
mirfield has a reputation beyond reputemirfield has a reputation beyond reputemirfield has a reputation beyond reputemirfield has a reputation beyond reputemirfield has a reputation beyond reputemirfield has a reputation beyond repute
Re: Internet Password Security

Quote:
View Post
If something goes wrong, you could lose access to everything.
Even worse. Somebody could post a thread on EF about how you should get your cat to smoke cigarettes.
Reply With Quote
  #49  
Old 23.08.2011, 20:34
Ed Pummelon's Avatar
Forum Veteran
 
Join Date: Feb 2008
Location: ZH
Posts: 763
Groaned at 2 Times in 2 Posts
Thanked 327 Times in 202 Posts
Ed Pummelon has earned the respect of manyEd Pummelon has earned the respect of manyEd Pummelon has earned the respect of many
Re: Internet Password Security

Quote:
View Post
So how did you get comfortable with them ?
I have a colleague who knows one of the devs, and if it's good enough for him then it's good enough for me. Of course that's not exactly the best security check in the world but I figured it's better than any online reassurance I could get. Been using it for about a year now and so far no nefarious activities detected.
Reply With Quote
  #50  
Old 25.08.2011, 13:32
Junior Member
 
Join Date: May 2011
Location: Bern, Switzerland
Posts: 74
Groaned at 0 Times in 0 Posts
Thanked 37 Times in 21 Posts
heypete has no particular reputation at present
Re: Internet Password Security

I'm a big fan of LastPass.

In essence, you have a small browser plugin (though it works without it, but with fewer features) that manages your passwords. All of the password data is encrypted using a "master password" (the "Last Pass[word]" you need to remember). Once the data is encrypted, the plugin syncs it with LastPass's servers (who only see the encrypted data -- even if they get hacked or turn evil, they can't see any of your passwords, nor can they get your master password).

I have the plugin installed on several browsers on several computers, and it keeps all my passwords secure and in sync between them. Very handy.

It also has a password generator, so one can create passwords of varying requirements (length, include or excluding lowercase/uppercase/numbers/special characters) quite easily.

For a small annual fee of USD $12, one can also access the service on mobile devices, otherwise it's free.

Full disclosure: I am a paying customer of LastPass, but otherwise have no relation to them, nor do I get any benefits from mentioning them.
Reply With Quote
Reply




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Privacy, Security on Internet MrVertigo International affairs/politics 21 22.06.2011 13:44
Kaspersky Internet Security 2011 blocks EF Upthehatters2008 Forum support 24 02.06.2011 23:16
UBS Internet Banking Calculator Password Thing Country_Mouse Finance/banking/taxation 5 05.11.2010 17:07
[Internet Security] Phishing test Lob General off-topic 17 27.07.2007 15:58


All times are GMT +2. The time now is 04:17.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.1.0