The Virtues and Vicissitudes of Passwords

  • Thread starter FactChecker
  • Start date
In summary: I believe he died in 2000.In summary, the conversation discusses concerns about the security of using Google passwords to unlock a Chromebook and the potential for a serious security flaw. It is suggested to use a unique and hard-to-crack password for Gmail, possibly through the use of a security key fob. Other suggestions include using a passphrase or a pattern on the keyboard. The conversation also touches on the idea of using visual patterns or song lyrics as passwords, and the importance of considering individual security needs for different devices.
  • #71
Algr said:
Where did you get "inzlsybkueuxkuxzjlwbbhbol" from? All the password generators I've see are bit wize and mind foolish.
https://www.lastpass.com/features/password-generator
 
  • Informative
Likes Algr
Computer science news on Phys.org
  • #72
Interesting. The first thing it told me was "phydnaphotor".

Edit: Unfortunately most sites will not let you use "ierfairedwainjugstimerylverticarypionictuciansangl" as a password because it contains no numbers, special characters, or squirrel sounds.
 
  • #73
Algr said:
Interesting. The first thing it told me was "phydnaphotor".

Edit: Unfortunately most sites will not let you use "ierfairedwainjugstimerylverticarypionictuciansangl" as a password because it contains no numbers, special characters, or squirrel sounds.
Then you just pad them all with with !1, they still aren’t cracking it
 
  • #74
Prisencolinensinainciusol

Oh no — pwned!
This password has been seen 3 times before.
 
  • #75
Use fingers randomly in keyboard when create your password. That is your algorithm and can't cracked by hashcat or unknown specifically hash algorithms created by unknown creators. Define your hash with your neural random functions.
 
  • Like
Likes Wrichik Basu
  • #76
Algr said:
The problem I have with password managers is that I don't believe the claim that "You'll never have to type the password in yourself." What if I need to log in from a different device?
It sounds like you made up your mind about password managers without ever having used one or even looked into them.

These days, the only places I have to type in a password manually are on web pages where, for some reason, pasting into a password field is disabled. For these cases, I typically use a password that consists of several words chosen by random.

Algr said:
It isn't humanly possible to write down Il|1¡iO0りˆ^`' on a piece of paper and then type it back correctly a year later.
If you were using a password manager, you wouldn't have to write it down on paper and type it back in.

Algr said:
Even case sensitive passwords are a major issue. We are all taught to reflexively change lower case letters to upper case at the beginning of a sentence and in many other places. It is not natural for us to think of them as separate objects. This is what my analogy pic with the burning resistor is about.
When I'm typing a password, I'm not thinking I'm typing a sentence and therefore have to capitalize the first letter and include punctuation.
 
  • Like
Likes Vanadium 50
  • #77
aeth3r said:
Use fingers randomly in keyboard when create your password.
Nonsense.

What people think of as "random" is not. For example, if you ask people to write down a string of random digits, consecutive digits will differ far more often than if they were random.

If you want a random password, use a random password generator. Faster, easier, and more secure than making up something on your own.
 
  • Like
Likes vela
  • #78
vela said:
It sounds like you made up your mind about password managers without ever having used one or even looked into them.
This. Maybe even This++.

vela said:
These days, the only places I have to type in a password manually are on web pages where, for some reason, pasting into a password field is disabled
This can often be worked around. For example, Treasury Direct thinks its more secure to use a virtual keyboard - but that of course provides an incentive to keep passwords short. There is a Grease Monkey script that makes this work just like a regular password.
 
  • #79
Vanadium 50 said:
Nonsense.

What people think of as "random" is not. For example, if you ask people to write down a string of random digits, consecutive digits will differ far more often than if they were random.

If you want a random password, use a random password generator. Faster, easier, and more secure than making up something on your own.

You're right. That can react only for experienced computer users. I thinked this because for increase entropy in cryptography. Random password generators is generally safe only for trusted developers and that passwords are third-party data. I'm sensing only with hands without patternly typed and lingustic words, dates, numbers and symbols on keyboard. Are higher uncertainty and more chaotic %100 safier system can possible without hands?
 
  • #80
vela said:
It sounds like you made up your mind about password managers without ever having used one or even looked into them.
That's quite an assumption. I have trouble getting iCloud to sync. Sometimes it does, sometimes I have to text records to myself. I don't know why. Passwords that I have written down and used suddenly stop working for no reason, and I have to call and spend hours on the phone getting into my account. Security questions don't work because I was one letter off on how a street name from my childhood was spelled. The stuff we have now doesn't work reliably. I get locked out of stuff too often now, and it consumes so much time fixing it. Why assume that some new replacement will be reliable when so much that is out their now is not?

Do you know what has been reliable for me? Fingerprint scanners. And they got rid of them. ::Eyeroll::

BTW: If these corporate experts are so good, why are their records always leaking?
 
  • #81
Algr said:
That's quite an assumption. I have trouble getting iCloud to sync. Sometimes it does, sometimes I have to text records to myself. I don't know why. Passwords that I have written down and used suddenly stop working for no reason, and I have to call and spend hours on the phone getting into my account. Security questions don't work because I was one letter off on how a street name from my childhood was spelled. The stuff we have now doesn't work reliably. I get locked out of stuff too often now, and it consumes so much time fixing it. Why assume that some new replacement will be reliable when so much that is out their now is not?

Do you know what has been reliable for me? Fingerprint scanners. And they got rid of them. ::Eyeroll::

BTW: If these corporate experts are so good, why are their records always leaking?

Mostly leaked datas is providing by malwares or web security vulnerabilities. This is because of it providing web and software vulnerability or directly server database breaching. It's not related for password or random password generators. The password generators still to useful for block crackers possibilities.
 
  • #82
aeth3r said:
Mostly leaked datas is providing by malwares or web security vulnerabilities. This is because of it providing web and software vulnerability or directly server database breaching.
Lots of passive voice to avoid saying "The people who screwed up are telling us how to fix the mistakes they keep making." Maybe it is all true, and there are no better alternatives, but I resent the implication that the situation is all my fault for having human-level information processing capabilities.
 
  • #83
Algr said:
Lots of passive voice to avoid saying "The people who screwed up are telling us how to fix the mistakes they keep making." Maybe it is all true, and there are no better alternatives, but I resent the implication that the situation is all my fault for having human-level information processing capabilities.
Nobody said there aren’t better alternatives. People are saying what the best practices are for the situation we are currently in.

Your posts don’t seem all that interested in why these are suggested. It sounds like you just want to vent about how bad software is. Trust me, nobody is going to argue with this, especially software engineers.
 
  • Like
Likes vela
  • #84
In every other aspect of life it is just understood that there is a trade off between convenience and security but for some reason computers have to be magic.
 
  • #85
This thread has had a long and happy life, and is now locked. It will take the correct pa$$word to unlock it for any further discussion... :wink:
 
Last edited:
  • Haha
Likes Wrichik Basu and pbuk

Similar threads

Replies
44
Views
4K
Replies
4
Views
3K
Replies
2
Views
2K
Replies
46
Views
8K
Replies
4
Views
2K
Replies
10
Views
5K
  • Sticky
Replies
0
Views
2K
Back
Top