New password security rules may surprise users

Or just use something like LastPass and never worry about passwords again.
 
It might not stop attacks, but it makes it harder.
Using simple passwords makes the time required to launch a successful intrusion orders of magnitude shorter.
 
Hackers no longer sit there trying to guess single users passwords, they go after the site directly. After that it makes no difference if your password is 1234 or 5up3r-l0ng.,/c0mplicat3dAsFcK
 
I use 1Password - AgileBites.. no subs, just once off cost for software which i got on special. Pretty much uses iCloud or/& dropbox to sync encrypted store between devices. Supports finger print id etc too and if u want, generated OTP though i prefer having this separate.

PS. if u lose ur pwd for it u kinda ****ed haha. Cool think i like about 1Password is the integration into apps on ios atleast and websites
 
Last edited:
ActivateD said:
https://www.blackhat.com/eu-15/briefings.html#even-the-lastpass-will-be-stolen-deal-with-it .
Click to expand...
Those exploits almost certainly rely on users who opt to not have to login to LastPass with every new session. It's not recommended by LastPass and not something I do.
ScottulusMaximus said:
Hackers no longer sit there trying to guess single users passwords, they go after the site directly. After that it makes no difference if your password is 1234 or 5up3r-l0ng.,/c0mplicat3dAsFcK
Click to expand...
That's probably true. But at least with a password manager like LastPass, all your passwords are unique. So if one is compromised the others aren't affected. It's the main reason I signed up with LastPass.
Turgon said:
*knock* *knock*

"Who goes there?"

"A brother."

"What's the password?"

"Uh...hold on...let me check with my registered third party password manager"...

-------

Sigh.
Click to expand...
You'd have to type in a password anyway. At least with a password manager, you have the benefit of one password being able to manage unique passwords for all your sites.
backstreetboy said:
I switched to http://keepass.info/ very capable and does what it needs to. Most of all it's free...
Click to expand...
I'm suspicious of free password managers. The amount of technical expertise required on their end is extreme, so how do they manage without charging users?
 
Turgon said:
*knock* *knock*

"Who goes there?"

"A brother."

"What's the password?"

"Uh...hold on...let me check with my registered third party password manager"...

-------

Sigh.
Click to expand...

It's become basically like encryption keys.. Either you have one on your keychain/Pwc manager or you don't..
 
Can't ask all your users to sign up to lastpass /keypass etc etc. Imagine the look on their faces
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X