Author

Topic: password security (Read 766 times)

hero member
Activity: 574
Merit: 500
July 31, 2014, 01:28:59 PM
#16
http://passwordsafe.sourceforge.net/

Opensource (free) password safe - everyone should use it...

Nice little program! Thanks for sharing.

There's also an iphone version for when you are out and about Smiley - if you do the apple thingy that is...
hero member
Activity: 532
Merit: 500
Currently held as collateral by monbux
July 31, 2014, 01:27:28 PM
#15
http://passwordsafe.sourceforge.net/

Opensource (free) password safe - everyone should use it...

Nice little program! Thanks for sharing.
hero member
Activity: 672
Merit: 500
July 31, 2014, 12:55:11 PM
#14
The problem with some sites is they don't accept password length more than 10 and no special characters, and they don't tell you about it. So, you enter this extra complicated password and you can never login with the password you typed.  Cheesy
newbie
Activity: 44
Merit: 0
July 31, 2014, 12:48:22 PM
#13
Good thing I don't bump in to those websites much.
hero member
Activity: 574
Merit: 500
July 31, 2014, 12:42:47 PM
#12
http://passwordsafe.sourceforge.net/

Opensource (free) password safe - everyone should use it...
sr. member
Activity: 313
Merit: 250
i ♥ coinichiwa
July 31, 2014, 12:34:20 PM
#11
Don't see a fail here. Confirming passwords does not increase security. It only prevents you from misstyping which is a non-issue as long as you are able to reset your credentials.

And as only long generated passwords are good passwords (which you typically generate in your password manager and copy+paste into that field with absolutely no chance of misstyping) confirmation form fields are in fact useless.
full member
Activity: 210
Merit: 100
July 31, 2014, 07:51:58 AM
#10
Brute-forcing passwords on an online resource of which you don't have the password hashes from is more complicated than most people think, I guess. The server can limit the amount of tries an attacker can perform. That way the number of brute-force attempts can be severely limited!
Imagine just how many attempts it takes to figure out a ~20 character password, including numbers and symbols.

Depends on the entropy of the individual characters Wink But yeah, if it really is chosen randomly this is practically impossible. But even a shorter password could be effective if the amount of tries is limited by the server.
sr. member
Activity: 252
Merit: 250
July 31, 2014, 07:49:06 AM
#9
i used 20 characters including number letters capital and a special character which is not related to my personal info some nonsense word which is not english words
Although it is recommended to have strong passwords with a good mix of alphanumeric and special characters but in some cases it doesn't matter how strong your password is , key-loggers can upset you any day or worst case scenario  a screen logger with key logger. So I never-ever feel secure doesn't matter how strong my password is.

you can always prevent on how to be a victim of key logger it usually can install easily on windows but if you used debian or any other open source system then the chance is not so high
legendary
Activity: 2674
Merit: 2965
Terminated.
July 31, 2014, 07:35:15 AM
#8
Brute-forcing passwords on an online resource of which you don't have the password hashes from is more complicated than most people think, I guess. The server can limit the amount of tries an attacker can perform. That way the number of brute-force attempts can be severely limited!
Imagine just how many attempts it takes to figure out a ~20 character password, including numbers and symbols.
full member
Activity: 210
Merit: 100
July 31, 2014, 07:22:09 AM
#7
Brute-forcing passwords on an online resource of which you don't have the password hashes from is more complicated than most people think, I guess. The server can limit the amount of tries an attacker can perform. That way the number of brute-force attempts can be severely limited!
sr. member
Activity: 350
Merit: 252
REAL-EYES || REAL-IZE || REAL-LIES||
July 31, 2014, 07:06:36 AM
#6
i used 20 characters including number letters capital and a special character which is not related to my personal info some nonsense word which is not english words
Although it is recommended to have strong passwords with a good mix of alphanumeric and special characters but in some cases it doesn't matter how strong your password is , key-loggers can upset you any day or worst case scenario  a screen logger with key logger. So I never-ever feel secure doesn't matter how strong my password is.
staff
Activity: 1718
Merit: 1206
Yield.App
July 31, 2014, 06:50:11 AM
#5
And use different password for every site. Don't ever use your email password, and don't ever register to untrusted site. Especially when it doesn't have SSL Certificate.
sr. member
Activity: 252
Merit: 250
July 31, 2014, 05:05:43 AM
#4
i used 20 characters including number letters capital and a special character which is not related to my personal info some nonsense word which is not english words
legendary
Activity: 2198
Merit: 1989
฿uy ฿itcoin
July 31, 2014, 01:39:51 AM
#3
This is sily, you cant trust this system at all.
Anyone with some amount brute force can get the login in the website.

You can make it difficult for them. I am using a password with 8 letters and 10 numbers, which would take a bit longer to bruteforce. Some people use 8 characters max.
newbie
Activity: 213
Merit: 0
July 30, 2014, 10:23:58 PM
#2
This is sily, you cant trust this system at all.
Anyone with some amount brute force can get the login in the website.
newbie
Activity: 5
Merit: 0
July 30, 2014, 09:54:30 PM
#1
Maybe I'm just old-fashioned.

https://i.imgur.com/VgS309m.png

I'm guessing that at some point in technology history, someone must have thought "no, we don't need to do that..."

why is this so common? It seems I only started seeing this when I got started with bitcoin.
Jump to: