TheSaint Posted August 17, 2018 Share Posted August 17, 2018 Here is a good way to do passwords: Pick four words at random. Not any words that can be associated with you in any way (like names of relatives or street names, etc.) Make sure that each word is relatively short, four or five letters, and that each one starts with a different letter. Take each of those words and do minor substitutions on them so that they will meet strong password requirements: Put capitals in the middle of them, substitute numbers or special characters for random letters, etc. But don't go crazy with this because of the next step: Memorize these words. DO NOT WRITE THEM DOWN ANYWHERE! Commit them completely to memory and trust them to nobody that you would not trust with your own life. (If you really don't trust your memory, write them down on a piece of paper, seal it in an envelope, and put in a safety deposit box. No, I'm not joking.) We will call these words your password syllables. Now, pull out a sheet of paper. Write down "Bank Account Password: " and write just the first letters of three of your syllables after it. Your new online bank account password is those three syllables in that order. When anyone else looks at it, they will see three random letters. When you look at it, you will say, "Ah! That's what my password is!" Because you remember your syllables. When it comes time to change your password, line out the three letters, write them down in a different order. Sub in syllable four in one of the slots if you want to. Knock yourself out. When you have to make a password for another account, add another line and use a different combination of your syllables. That way your passwords are different for each account. If you want to keep things secure, keep your password list online somewhere, like in Google docs or something, that way if your house burns down or your dog eats your paperwork you don't lose all your passwords. If you want to be more secure, have two different sets of syllables, one for secure accounts like banking and commerce accounts, and another for casual stuff like forum accounts. Is this as secure as having completely different strong passwords memorized for every single account? No. But it's way more secure than writing all your passwords down on a sticky note under the keyboard. And it has the advantage of being, you know, humanly possible. Link to comment Share on other sites More sharing options...
Lisias Posted August 17, 2018 Share Posted August 17, 2018 (edited) 1 hour ago, YNM said: I wonder about that myself - the "security threat" imposed is like that of a retired bank employee isn't it ? Kind of worst. A retired employee is not necessarily an angry guy. Developers don't leave because they're happy, however. And, guess what, companies that happily complies to any customer demand that expose to other customers, usually allow the developers to dump the credential's table. What could be possible go wrong, right? The passwords are "encrypted". Edited August 17, 2018 by Lisias Link to comment Share on other sites More sharing options...
YNM Posted August 17, 2018 Share Posted August 17, 2018 (edited) 1 hour ago, TheSaint said: Is this as secure as having completely different strong passwords memorized for every single account? No. But it's way more secure than writing all your passwords down on a sticky note under the keyboard. If you put fairly long site addresses into password strength checker they blew any password made with character replacement that you can ever memorize. The link roads.org.uk/ringways, for example, have what one site claims to be... well, have a look. Spoiler I seriously think we've overtaught on the hardness of passwords when it comes to computing them, but we don't pay much attention to how likely it is for someone to remember it (and to uncover it). ________ And I ran to this : Edited August 17, 2018 by YNM Link to comment Share on other sites More sharing options...
kerbiloid Posted August 17, 2018 Share Posted August 17, 2018 Enough long and complicated passwords allow you from time to time begin your life from scratch. Link to comment Share on other sites More sharing options...
Lisias Posted August 17, 2018 Share Posted August 17, 2018 36 minutes ago, YNM said: The link roads.org.uk/ringways, for example, have what one site claims to be... well, have a look. I would not try it using a real world password. Who knows if that guy is not building his own rainbow table or selling known passwords associated to an IP to someone else? Link to comment Share on other sites More sharing options...
TheSaint Posted August 17, 2018 Share Posted August 17, 2018 19 minutes ago, YNM said: If you put fairly long site addresses into password strength checker they blew any password made with character replacement that you can ever memorize. The link roads.org.uk/ringways, for example, have what one site claims to be... well, have a look. Reveal hidden contents I seriously think we've overtaught on the hardness of passwords when it comes to computing them, but we don't pay much attention to how likely it is for someone to remember it (and to uncover it). Except that nobody brute-forces passwords like that anymore. The #1 way hackers get into accounts is by obtaining the passwords through phishing attacks and other social engineering methods. The #2 is by man-in-the-middle, but that is a very distant #2. (Which is, incidentally, why you want to make sure all of your accounts have different passwords. The second the hackers get your password on one site, they're going to go try it on Amazon, Apple, Newegg, Steam, etc.) I'm not suggesting that you make your passwords strong because it will make your passwords more secure, I'm suggesting it because most sites require you to use strong passwords. And many sites require you to change them on a regular basis. If you really want to use the URL of your banking site to secure your banking account, be my guest. That's probably in the top 10 choices for a hacker to just try on a whim, along with "P@ssword" and "12345678". But there's actually another problem there too. So you use the URL. Now, six months later, your bank has a screw up, and they send you a little notice: You need to change your password. What do you do now? URL + 1? What if that's not different enough for their password requirements? Make up a whole new password? How do you remember it? Write it down? If you have a system in place that lets you create new passwords without having to write them down, then it's not a problem. Link to comment Share on other sites More sharing options...
kerbiloid Posted August 17, 2018 Share Posted August 17, 2018 (edited) Just take your DNA code and use it as a random sequence for passwords. AGCT = 00, 01, 10, 11. Combine them by three somebody should understand this "three" joke, get a 6-bit character code. So, instead of holding in memory a whole password, you just have to remember the relative DNA position. (You don't need to remember the password length. Just make it a function of position. Say, 7 + position%3) (You even can forget the position, just generate your passwords sequentially, just remember their numbers in sequence. Then the position can be calculated out of the number.) Edited August 17, 2018 by kerbiloid Link to comment Share on other sites More sharing options...
TheSaint Posted August 17, 2018 Share Posted August 17, 2018 5 minutes ago, kerbiloid said: Just take your DNA code and use it as a random sequence for passwords. AGCT = 00, 01, 10, 11. Combine them by three somebody should understand this "three" joke, get a 6-bit character code. So, instead of holding in memory a whole password, you just have to remember the relative DNA position. (You don't need to remember the password length. Just make it a function of position. Say, 7 + position%3) And then when I need to remember what my password is I'll just order a DNA test. Convenient. Link to comment Share on other sites More sharing options...
kerbiloid Posted August 17, 2018 Share Posted August 17, 2018 3 minutes ago, TheSaint said: And then when I need to remember what my password is I'll just order a DNA test. Convenient. You do this just once, unless your DNA is configurable. Link to comment Share on other sites More sharing options...
TheSaint Posted August 17, 2018 Share Posted August 17, 2018 1 hour ago, YNM said: And I ran to this : I saw that this week, it was oddly appropriate. My kids somehow managed to destroy the hinges in one of their laptops. I took it apart and discovered that it had ripped the brass nuts out of the plastic base and palmrest. So, I tore it all down to base components, bought a new base and palmrest from a guy on EBay for $40, and rebuilt it. Voila! $40 repair instead of a new $400 laptop. I was mildly cursing Lenovo, however. On all of the Dell laptops I used to work on those bases were all aluminum instead of plastic, much more durable. Link to comment Share on other sites More sharing options...
qzgy Posted August 17, 2018 Share Posted August 17, 2018 4 hours ago, kerbiloid said: Just take your DNA code and use it as a random sequence for passwords. AGCT = 00, 01, 10, 11. Combine them by three somebody should understand this "three" joke, get a 6-bit character code. So, instead of holding in memory a whole password, you just have to remember the relative DNA position. (You don't need to remember the password length. Just make it a function of position. Say, 7 + position%3) (You even can forget the position, just generate your passwords sequentially, just remember their numbers in sequence. Then the position can be calculated out of the number.) Hey if you're combining by threes you might as well just use the single letter codon abbreviations. Easier than 6 bit combos. Mix and match introns and exons as you want. Link to comment Share on other sites More sharing options...
YNM Posted August 18, 2018 Share Posted August 18, 2018 7 hours ago, TheSaint said: If you really want to use the URL of your banking site to secure your banking account, be my guest. I'm not that stupid, obviously. I guess I should stop commenting (otherwise you'd know what site do I use for that purpose). Link to comment Share on other sites More sharing options...
Triop Posted August 19, 2018 Share Posted August 19, 2018 And get a ban ? Link to comment Share on other sites More sharing options...
kerbiloid Posted August 19, 2018 Share Posted August 19, 2018 They teach us to wash the hands with soap every time before a food intake. But why we don't wash fruits and vegetables with soap, too? Where's the logic? Link to comment Share on other sites More sharing options...
The Minmus Derp Posted August 19, 2018 Share Posted August 19, 2018 I really hate it when @kerbiloid 'uses coincidences' to take away my hill. Link to comment Share on other sites More sharing options...
kerbiloid Posted August 19, 2018 Share Posted August 19, 2018 I don't use them, they just happen. Link to comment Share on other sites More sharing options...
richfiles Posted August 20, 2018 Share Posted August 20, 2018 On 8/17/2018 at 11:52 AM, TheSaint said: Here is a good way to do passwords: Pick four words at random... That's what I do... Except what I pick are things that... hehe... Nope... not saying! Pick something that you know well, but others would not. The more obscure, the better. You can use random characters... underscores and tildes and dashes and such, when allowed. I often use them to separate password "units"... Blocks that you know by memory, and do NOT record anywhere. This is where personal knowledge is great... Come up with a different password block, to be represented by a different letter or number... In english, you could easily come up with 36 mental password blocks that you can rearrange, and recall with a single letter or number per mental unit. I also tend to pair those units with arbitrary numbers, unless they already contain numbers. I can easily track every password I have with a string of just 2-5 symbols... My longest password has more characters (symbols, numbers, uppercase, and lowercase letters) than is even in the english language, yet I can perfectly recall it ALL using only 4 characters! I don't even allow any one type of character to exceed 4 consecutive units of the same type (eg. no more than 4 numbers, no more than 4 lowercase letters, etc, with even that being highly variable from 1-4)... And yet, I can instantly recall it with only a reference of 4 symbols. Now that's how you password! I loath entering that one by remote control into the tv though... ugh... Link to comment Share on other sites More sharing options...
richfiles Posted August 20, 2018 Share Posted August 20, 2018 (edited) I have been buying up DM&E railcars in N scale whenever I get a chance, in preparation for the day I can finally officially call my self "an old man with his trains". I figure I should have enough trains to start being an old man, once I'm "over the hill" next year. Anyway, I recently won an auction for three nice DM&E hopper cars. They were the nice newer style 3-bay cylindrical hoppers in the yellow paint scheme. Exactly what I wanted. The seller were selling them in an ExactRail brand three-pack, and they were in perfect condition. Seller also threw in an EXQUISITELY detailed and weathered "POTACAN" 4-bay cylindrical potash hopper... Seriously, the detail is incredible! I won that auction for $52, and it shipped for just over $7. Not bad. They arrived safe, and I am quite happy with the purchase. Shortly after, a single DM&E hopper showed up on ebay. I ended up paying $20 for it, but free shipping, so about on par. I'm quite happy with those purchases... My complaint for the day... When the three pack + bonus hopper sold, some random seller puts up THREE!!! of the ExactRail three packs of DM&E hoppers! I'm thinking, AWESOME! ... And then I saw the price tag... $145 for EACH three-pack... He wanted $435 for all 9 hoppers! Oohhhh no way!!! Anyway, i was in no hurry, they CERTAINLY were not gonna sell at that price. No way! Those packs RETAIL for about $75 new. Each hopper sell for $25... NEW! He wanted 2x retail, and 3x the established ebay market value! So, payday rolls around, and I've put in 74 hours last week (that in and of itself is complaint worthy, but ooooohhhhh, that paycheck). I figure, I'll make an offer. I calculated out the price I payed per hopper ($52 ÷ 4 cars × 3 cars = $39 for three railcars, and I even rounded it up to $45). Within 5 minutes, he rejected all of my three offers (I offered the $45 on each of the three Buy-it-Now sales). Okay, he's obviously on and watching, since the seller didn't immediately reject, so it wasn't automatic. He had to reject them manually. So, I sent him a message. Ebay only offers three chances with he make an offer tool. I didn't wanna use up my chances trying to ballpark what this guy would take. I asked him what he was realistically trying to get for them, mentioned the 12 way bidding "battle" that left me on top, with a similar item sold for $52, and explained that I wasn't planning on going much higher than the established ebay market value for them. I broke down the price, and said how high I was willing to go... He replied with:"Don't whine about it be a man." . . . Really?!? Oh my... Once the shock of the rudeness wore off, I couldn't stop laughing at this childish behavior and attitude... I then replied: "Well that was a rather rude response... What am I whining about? That I'm unwilling to pay you three times the market value for these? I'm just trying to figure out what offer you will realistically accept. All I did was to inform you of the current (realistic) market value of these DM&E hoppers, and I'm not gonna make you an unrealistic offer. I'll buy a bottle of yellow paint, some used hoppers, and some decal sheets and kitbash my own custom DM&E hoppers like a man! LOL. If you'll accept a reasonable price though, then yeah, I'll totally make you an offer. I'd happily send some money your way for these, but not at an unrealistic price. You know what an unrealistic price is... Higher than the retail value! These go new for only $25! NEW! When I asked what offer you realistically wanted, you just replied rudely. I am genuinely asking... What kind of offer would you be willing to accept?" His glorious response? "Then stop bothering me and use your time to kitbash some. Be smart" Pffft! I can't stop laughing at this! It's so INCREDIBLY rude, and at this point, I'd probably not wanna give this guy any money anyway, but MAN!!! What a rude dude! Part of me is tempted to actually DO it... To be smart and kit bash a few of these, and then link back the photos... Like a man! Pfft! Edited August 20, 2018 by richfiles Link to comment Share on other sites More sharing options...
qzgy Posted August 20, 2018 Share Posted August 20, 2018 52 minutes ago, richfiles said: Part of me is tempted to actually DO it... To be smart and kit bash a few of these, and then link back the photos... Like a man! Pfft! do it, do it, do it, Do it! Would be kinda funny and is as you said probably better worth your time than haggling this dude. Link to comment Share on other sites More sharing options...
richfiles Posted August 20, 2018 Share Posted August 20, 2018 (edited) 52 minutes ago, qzgy said: do it, do it, do it, Do it! In all honesty... I am certain this guy is either: A: A grumpy old man who thinks his trains are worth their weight in gold and doesn't really wanna sell them, but has to make it look like he's trying for she who holds the power. or B: A little brat that got his gramps stuff, has no clue what he's doing, nor cares about the stuff he's selling. This is someone who does no research, and tossed a price up. or C: Is one of those ebay scum that prices things super high and leaves it up, in the hopes of catching a poor uninformed fool, so he can turn a big buck with minimal effort. Edited August 20, 2018 by richfiles Link to comment Share on other sites More sharing options...
Chel Posted August 20, 2018 Share Posted August 20, 2018 This may be the last time I will talk to you guys. I'm off on a four day wilderness survival camp tomorrow, it's -3 at 7am and only 15 at midday. We have to make our own shelter and sleep in it the whole time, forage for food, and everything. Completely self sufficient for four days. So, I can always say this: "Well, it's been nice knowing ya all!" Link to comment Share on other sites More sharing options...
linuxgurugamer Posted August 20, 2018 Share Posted August 20, 2018 1 hour ago, The_Cat_In_Space said: This may be the last time I will talk to you guys. I'm off on a four day wilderness survival camp tomorrow, it's -3 at 7am and only 15 at midday. We have to make our own shelter and sleep in it the whole time, forage for food, and everything. Completely self sufficient for four days. So, I can always say this: "Well, it's been nice knowing ya all!" You will be fine. What program are you going to? I did this a long time ago, but that was a 30 day hike, with ni food the last 4 days Link to comment Share on other sites More sharing options...
richfiles Posted August 20, 2018 Share Posted August 20, 2018 1 hour ago, The_Cat_In_Space said: I'm off on a four day wilderness survival camp tomorrow... "Well, it's been nice knowing ya all!" Good luck, and try to have fun! Link to comment Share on other sites More sharing options...
kerbiloid Posted August 20, 2018 Share Posted August 20, 2018 (edited) 1 hour ago, The_Cat_In_Space said: forage for food, and everything. Completely self sufficient for four days. Just don't eat them all at the very first day, store somebody for other three days. Edited August 20, 2018 by kerbiloid Link to comment Share on other sites More sharing options...
Delay Posted August 20, 2018 Share Posted August 20, 2018 I'm horrifically lazy. For instance: I wanted to install KS3P for a long time and I still haven't even downloaded it. Same with Ven's and TU. I wanted to get my folders ready for the new school year and even now, two weeks into it they're still filled with last year's sheets. Link to comment Share on other sites More sharing options...
Recommended Posts