New password security rules may surprise users

Bryn

Bryn

Doubleplusgood
Joined
Oct 29, 2010
Messages
16,584
Or just use something like LastPass and never worry about passwords again.
 
Sonic2k

Sonic2k

Executive Member
Joined
Feb 7, 2011
Messages
7,637
It might not stop attacks, but it makes it harder.
Using simple passwords makes the time required to launch a successful intrusion orders of magnitude shorter.
 
ScottulusMaximus

ScottulusMaximus

Dealer
Joined
May 9, 2012
Messages
9,828
Hackers no longer sit there trying to guess single users passwords, they go after the site directly. After that it makes no difference if your password is 1234 or 5up3r-l0ng.,/c0mplicat3dAsFcK
 
K

krycor

Honorary Master
Joined
Aug 4, 2005
Messages
18,546
I use 1Password - AgileBites.. no subs, just once off cost for software which i got on special. Pretty much uses iCloud or/& dropbox to sync encrypted store between devices. Supports finger print id etc too and if u want, generated OTP though i prefer having this separate.

PS. if u lose ur pwd for it u kinda ****ed haha. Cool think i like about 1Password is the integration into apps on ios atleast and websites
 
Last edited:
T

Turgon

Senior Member
Joined
Jun 8, 2015
Messages
666
*knock* *knock*

"Who goes there?"

"A brother."

"What's the password?"

"Uh...hold on...let me check with my registered third party password manager"...

-------

Sigh.
 
Bryn

Bryn

Doubleplusgood
Joined
Oct 29, 2010
Messages
16,584
ActivateD said:
https://www.blackhat.com/eu-15/briefings.html#even-the-lastpass-will-be-stolen-deal-with-it .
Click to expand...
Those exploits almost certainly rely on users who opt to not have to login to LastPass with every new session. It's not recommended by LastPass and not something I do.
ScottulusMaximus said:
Hackers no longer sit there trying to guess single users passwords, they go after the site directly. After that it makes no difference if your password is 1234 or 5up3r-l0ng.,/c0mplicat3dAsFcK
Click to expand...
That's probably true. But at least with a password manager like LastPass, all your passwords are unique. So if one is compromised the others aren't affected. It's the main reason I signed up with LastPass.
Turgon said:
*knock* *knock*

"Who goes there?"

"A brother."

"What's the password?"

"Uh...hold on...let me check with my registered third party password manager"...

-------

Sigh.
Click to expand...
You'd have to type in a password anyway. At least with a password manager, you have the benefit of one password being able to manage unique passwords for all your sites.
backstreetboy said:
I switched to http://keepass.info/ very capable and does what it needs to. Most of all it's free...
Click to expand...
I'm suspicious of free password managers. The amount of technical expertise required on their end is extreme, so how do they manage without charging users?
 
K

krycor

Honorary Master
Joined
Aug 4, 2005
Messages
18,546
Turgon said:
*knock* *knock*

"Who goes there?"

"A brother."

"What's the password?"

"Uh...hold on...let me check with my registered third party password manager"...

-------

Sigh.
Click to expand...

It's become basically like encryption keys.. Either you have one on your keychain/Pwc manager or you don't..
 
K

kianm

Honorary Master
Joined
Jan 13, 2014
Messages
10,533
Can't ask all your users to sign up to lastpass /keypass etc etc. Imagine the look on their faces
 
Electric

Electric

Honorary Master
Joined
Jul 22, 2013
Messages
14,228
Bryn said:
Or just use something like LastPass and never worry about passwords again.
Click to expand...

One of the users here also suggested this until LastPass was breached and all the info was available.
 
You must log in or register to reply here.
Top