I made this topic because I was starting to become paranoid about my safety. My next-door neighbour was recently robbed (they stole a bunch of electronics), and I started to get really worried what would happen if someone broke into my apartment. If they stole my computer, they would have instant access to all my e-mail, Facebook, Steam account, etc. since I have them all set to log in automatically when I start up the computer. Right now I'm not even in my apartment since it's Christmas break and I'm staying over with my family.
Basically, I went and changed all my important passwords to something really strong from this computer I'm using right now, so that eventual robbers won't be able to automatically log into everythingt. I'd say my password philosophy has been pretty weak up until now, using the same password for everything, and not even a good one.
" Get KeePass to generate a password for me. That way if I don't know it, neither will my enemies! Stupid? A million times beyond stupid, yes. But that's why you back it up in 3 different locations just in case. "
Are planning on being tortured for your password or something?
I use one password for every site, but it's 15 characters long with random letters and numbers in it. It's impossible to guess or bruteforce it, so I'm fairly confident that I won't get my accounts hax'd.
Seriously though, I have a number of different password with varing levels of complexity, the greater the risk I might be at the greater the complexity used in my password. Financial stuff has the highest level of complexity. My ebay and paypal passwords are not the same either, just in case 1 gets hacked.
I also use an web based email provider with a password that's not used anywhere else and this is redirected to another webmail provier with another unique and stronger password.
I used to have the same password for everything when I was a child but now all my passwords are completely different and so long and random that I couldn't remember any of them, which is ideal.
I have about 5 passwords of varying strength, based on when I made the account, and what characters were allowed. For instance, I don't even bother to go back and change my e-mail password because my e-mail provider is FUCKING STUPID and doesn't allow non-alphanumeric characters in passwords. This means I'd need something like a 15+ character password to have any real security on the account.
I also have to split up passwords because some sites don't accept all symbols, so it really depends on what's available. Generally, though, my password is made up of a word (real or made up), then I change some of the letters into numbers, and some into symbols. I also make sure to have a healthy mix of both lower case and upper case letters.
I'm not detailing my exact methods, or lengths, because obviously if you know how I personally create passwords, you can more easily hack my account. But what I've posted should really just be common sense to anyone who has any idea about password security, and should be internalized as common sense to anyone who doesn't.
Also, now that I've posted this, I'm more likely to be hacked. But I'm going to be re-upping my passwords soon enough.
I have a list of words/phrases that I combine and add numbers/capitalization to, and use pretty much the same ones all of the internet. It's not a very strong system but I at least try to switch them around frequently for important log ins.
I also have a bad habit of forgetting which password I'm using for what when I'm using a computer that doesn't have everything saved, so if I can get into my email I always end up changing my other passwords. I guess it makes things harder to break into though ><
Kind of on a side note here, I like what Blizzard did with their authenticators.
I mean, at the same time I hate it. I can never get into my Battlenet account from work because I always leave my authenticator sitting at my computer at home.
But the odds of me ever getting hacked with an authenticator on my account are far slimmer than what any password can do for me.
I have two sets of passwords, one that I used for all my low level meaningless accounts like GB, and every other dam site in existence because you gotta make a stupid account for everything now a days, and another I used on things that involve money like MMO accounts, bank accounts, email etc. The throw away one is just something simple and easy to remember since I don't care if it gets stolen, while the other one is more complex.
Different password for every website I use, but I don't need to remember any of them. I use the domain name of the website to create my password. This way I can always re-create any password to any of my accounts even if I haven't logged in for years. If you do decide to use this system, make sure the pattern you use to create the password from the domain cannot not be easily determined. So if one of you passwords is discovered by someone else, then they won't be able to derive all of your other passwords. Also make sure your pattern keeps your password 12 characters or less, since there are still some websites that don't allow longer passwords.
I usually use the same passwords, but there are a couple of places that are weird about password combinations so I've had to add quite a few to my arsenal. Then again when I have to sign into that account for the first time in about a year its always a JOY to try to remember what password I had to use for it to be accepted.
I use a variation of the same phrase, and then set up a master password in my browser so I don't have to remember all the various permutations I have came up with, effective thus far!
I use different passwords for different things (strength level varying) Forum accounts being the easiest. Websites that don't accept certain characters as passwords or expect a certain size are just awful.
My new password generation system: Pick 2 random objects on desk -> Replace letters with symbols and numbers -> DONE
I have 4 different passwords that I change monthly. I have a system that allows me to choose and remember complex passwords that include non-alphanumeric characters. Except where limited by the web site, I like at least 12 characters in my password.
My password depends on how important it is to keep info safe. They are all combinations of random letters, numbers, and symbols. When I create a password, I just keep typing in random shit on my keyboard until I find a combination that I'm fairly certain I'll remember.
Hashing is a great way to create unique memorable passwords for each place you need one. You create one tough unique password that you can memorize with letters, numbers and symbols, then hash something like certain parts the URL or program name into that first unique password. No password is the same even if you log into dozens of places, but they're easy enough to remember.
Edit: this method makes entering passwords on devices like smartphones and the iPad a real MFer though. You really need directional keys to move the cursor between letters easily while typing out the hash.
Log in to comment