If you keep bugging me about using a strong password, let me use one with symbols.
Or is it that you’re too cheap to hire programmers that know how to defend against an SQL injection attack?
If you keep bugging me about using a strong password, let me use one with symbols.
Or is it that you’re too cheap to hire programmers that know how to defend against an SQL injection attack?
Right, by removing the special characters they severely reduced the size of the dictionary.
The worst I’ve seen are websites that insist of top security by forcing you to have a password of fixed 8 length.
Oy.
my password to all my stuff is strong. no really, it’s “strong”.
haha. at work I’m required to change my logins every 90 days. This is a task that can take up to five minutes because I can’t use any permutation of any of my last 20(!!!) passwords, it has to have at least one capital letter, and it has to be ten characters or more. The upside is, yes we can use symbols.
My password kung-fu is very strong, because as all the game theory boys will tell you, the only strategy that is truly impossible to predict is a random strategy.
Here is the method:
One a clear and moonless night, drive to the darkest area within 20 miles of your home. Getting out of the car, walk five paces south, close your eyes, turn approximately 360 degrees and point into the sky using your right index finger. The SAO Catalogue number of the star you point to will be the numerical portion of the password. If the number doesn’t have enough digits, add them beginning with the number of the month, then the day (if necessary) that you performed the star pointing thing.
For your letter, use the third letter of the last name of the starting pitcher for the second-place team in the NL West, the point guard of the second-place NBA Pacific, or the tight end of the second-place NFC East (depending on the season) on the day you did the star thing, or the nearest game day before.
For your special character, drink two martinis, turn on the computer, open word processing, close your eyes and tap the keyboard with your forehead a few times. The first special character that comes up is the one. If you need more digits, just repeat as necessary.
Annie, this should be a fool-proof method of coming up with something new every 90 days!
Oh yeah, for your “secret question,” no matter what the question, the answer is always “Mr. Mxyzptlk”.
@Allen: Oh, dear.
Let’s reduce the number of possible passwords to make it easier for the aforementioned dictionary attack!
I’m willing to bet the passwords are stored in plaintext in an Access database, too.
The pilot passwords for the bidding system are stored in plain text, I believe. Hmmm, maybe that needs to be changed. But at least it’s not in Access!
@Derek: Indeed. (It’s very difficult to give a substantive response to that comment.)
@Annie: That system is horrible, too. I feel for you.
Forcing people to use long passwords that change several times a year encourages people to write down the passwords. And it doesn’t require a modicum of technical skill to read a sticky note on a monitor.
@Robert: This is a brilliant, simple method for password generation. While one bears the extra cost of gasoline for 40 miles of otherwise unnecessary driving, this is a small price to pay for ultimate security.
@Donnie: Really, I thought the pilot passwords were encrypted using meat grinder style security.