password, 123456, #!comment:, changeme and Fuckyou
What do these words have in common?
They are the top 5 words used in brute force attempts at guessing passwords, from Microsoft via El Reg.
I've personally seen #1 and #2 on computers we use at the company where I work. We change them whenever we run across one, but who the hell knows how many computers are still on our network with weak local amin passwords.
__________________
The best way to make America great is to lower the standards!
Re: password, 123456, #!comment:, changeme and Fuckyou
Quote:
Originally Posted by Potato
None of those meet the minimum password requirements where I work.
People really use "123456" eh?
Yes they do, and frankly we still use that here for certain users (i.e. the company truck drivers) who have trouble even powering on a computer. Of course that is just a temporary password and they must change it whenever they log on.
__________________
The best way to make America great is to lower the standards!
Re: password, 123456, #!comment:, changeme and Fuckyou
This is a really gross generalization, but it seems to me that the more arcane and ridiculous a company's regular employee password requirements are, the more likely it is that they've got production machines lying around with either default or stupidly easy root passwords.
I don't know why that is. But you should totally try it, Potato.
Re: password, 123456, #!comment:, changeme and Fuckyou
I've been guilty of using "password" before, but it was nearly immpossible to change my password on some system, without getting locked out of every other program on the server. Then I'd have to call the systems guy, who charges by the hour and so on.
I'm guessing #comment is in a format, such as a comment section in a newspaper?
Re: password, 123456, #!comment:, changeme and Fuckyou
There's some kind of (COMPLETELY ACCURATE) theory that there's a point of diminishing returns from strict password policies, because the more frequently you make users change them and the more convoluted the requirements are, the more people will just write them on sticky notes and leave them right there on their monitors. Which, yeah. I've seen that.
Also done that.
Maybe #!comment; is a generic password like cypherfreak or something?
Re: password, 123456, #!comment:, changeme and Fuckyou
Quote:
Originally Posted by lisarea
There's some kind of (COMPLETELY ACCURATE) theory that there's a point of diminishing returns from strict password policies, because the more frequently you make users change them and the more convoluted the requirements are, the more people will just write them on sticky notes and leave them right there on their monitors. Which, yeah. I've seen that.
My employer makes people change their passwords for the pay info website, every month. I think at least half of the office is currently locked out of the site, myself included. I kept up with it for awhile but finally decided that the site wasn't worth it and just quit changing the password.
__________________
Much of MADNESS, and more of SIN, and HORROR the soul of the plot.
Re: password, 123456, #!comment:, changeme and Fuckyou
OMG. In a fit of temper last week I used fuckyou69 at some job-related "gimme new password" nag and I don't remember which one. I haven't been asked for that particular password yet so it's all good. I guess.
Re: password, 123456, #!comment:, changeme and Fuckyou
Where I used to work they required a password of at least 8 characters in length with at least one capital and at least one number or punctuation mark, no repeating letters or numbers and no consecutive numbers or letters and it couldn't be a derivation on the previous passwords you've used. What I would do is find a good password generator (I like the Firefox extension for this as you could make it right or left side only) and generate dozens of passwords at a time, print them out to keep handy in the wallet or sommit. The last series I made for myself using Excel and the =rand() function.
Re: password, 123456, #!comment:, changeme and Fuckyou
You could also use a password manager like KeePass to generate and store passwords under a single master password, and keep it on a thumb drive or summat.
Re: password, 123456, #!comment:, changeme and Fuckyou
Quote:
Originally Posted by lisarea
You could also use a password manager like KeePass to generate and store passwords under a single master password, and keep it on a thumb drive or summat.
I've got LastPass, a Firefox addon. It makes it a lot easier if you use more than one computer as well because it remembers what you did on both.
Re: password, 123456, #!comment:, changeme and Fuckyou
Quote:
Originally Posted by slimshady2357
she couldn't remember how to spell remember.
Actually that's a good technique. A few of my passwords are normal words that are misspelled. Less chance a dictionary crack will break them, but I can still easily remember what they are.
Re: password, 123456, #!comment:, changeme and Fuckyou
Quote:
Originally Posted by Watser?
Quote:
Originally Posted by lisarea
You could also use a password manager like KeePass to generate and store passwords under a single master password, and keep it on a thumb drive or summat.
I've got LastPass, a Firefox addon. It makes it a lot easier if you use more than one computer as well because it remembers what you did on both.
I've been using RoboForm for a few weeks.
The Good: There is a version of RoboForm and its related synchronization software for my home PC, for my iPhone, and another for the U3 Smart platform on my USB key. Thus I have all my passwords available to me on all the devices I commonly use.
The Bad: I didn't realize it was free only for a trial period and ridiculously overpriced (with separate licenses required for each piece on each device) after that, so it has been nagging me and/or failing to work lately.
I'm not sure what I'll do now. I used to use KeePass but the mobility was never great with that one. With RoboForm all I have to do is set a new password and sync it with their online service, then I have it everywhere.
Re: password, 123456, #!comment:, changeme and Fuckyou
Quote:
Originally Posted by ceptimus
Please feel free to use this tip or some variant of it. I don't require payment for the advice You can send any donations to should you feel the need.
Quote:
Originally Posted by roastelk
Ive solved this problem by simply never knowing what any of my passwords actually are. every password I use consists of one starting point and a pattern.
if I wrote a 2w in my password note book, my password would be 2wsxdr5tgbhu8