• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Too many password. Aaargh

 
Bartender
Posts: 11497
19
Android Google Web Toolkit Mac Eclipse IDE Ubuntu Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Home laptop
Office laptop
Bank - 1 login + 1 transaction
Personal Email
Corporate email
Corporate intranet
Corporate HR + payroll (yeah three different ones. No domain password concept)
Skype
Phone

I thought I had mastered the situation when once I set the same password everywhere.....until I was told my bank password was about to expire and I needed to change it. How do you guys manage your passwords?
 
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
1Password

It's a really bad idea to use the same password everywhere. One security breach, and everything is compromised.
 
Marshal
Posts: 28193
95
Eclipse IDE Firefox Browser MySQL Database
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
For the things where I sign on once a month or less (e.g. seeing my electric bill online) I don't bother with passwords at all. Sure, they make me have one, but I don't bother remembering it. I just click on the "Forgot My Password" link and they send me another one which is good for signing on once.
 
Maneesh Godbole
Bartender
Posts: 11497
19
Android Google Web Toolkit Mac Eclipse IDE Ubuntu Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Bear Bibeault wrote:1Password


This is reliable? I mean it won't transmit it to the company or anything in the background?

Bear Bibeault wrote:It's a really bad idea to use the same password everywhere. One security breach, and everything is compromised.


Yeah I know. I was real stupid that time.

I like your idea Paul. Must try it out.
 
Bear Bibeault
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Maneesh Godbole wrote:This is reliable? I mean it won't transmit it to the company or anything in the background?



1Password security FAQ
 
Bartender
Posts: 6109
6
Android IntelliJ IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I use RoboForm to remember my passwords on my personal computers for me.

At work it's a bit of a pain. I can never remember my email password, so if I ever have to enter it, I end up having to have IT reset it for me.

And logging into anything from my phone is a hassle, as I don't have a password vault there, and I'm so used to letting RoboForm remember everything for me that I usually can't log in from my phone.
 
Jeff Verdegan
Bartender
Posts: 6109
6
Android IntelliJ IDE Java
  • Likes 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


http://imgs.xkcd.com/comics/password_strength.png
 
Bartender
Posts: 4568
9
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I use KeePass - encrypted password database. I don't have access from everywhere, but if I keep a copy of the database at home and at work that covers the vast majority of what I need.
 
Java Cowboy
Posts: 16084
88
Android Scala IntelliJ IDE Spring Java
  • Likes 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Maneesh Godbole wrote:Home laptop
Office laptop
...

I thought I had mastered the situation when once I set the same password everywhere.....until I was told my bank password was about to expire and I needed to change it. How do you guys manage your passwords?


Your list contains only 9 things and you already think you have too many passwords?

I use a different password for every service, website, computer etc., and I generate passwords consisting of random letters, digits and other characters using a small program I wrote. I have a file containing the usernames and passwords of about 200 accounts that I've created in the past ten years. Ofcourse I have to be very careful where I keep that file. My password file is an Excel sheet which is itself protected by a password.
 
Bartender
Posts: 1810
28
jQuery Netbeans IDE Eclipse IDE Firefox Browser MySQL Database Chrome Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
PasswordSafe. A password keeper protected by a very long master password. I carry it on a flash drive and have it installed on my desktops. It has a slick sync feature so that passwords added at one computer can be migrated to the other databases and it will generate random passwords for you when you create a new entry. I don't even know most of my passwords; they are 16 character random strings that I copy and paste from this app.

 
Enthuware Software Support
Posts: 4810
52
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
These days many sites, specially the banks, have extreme rules for passwords - such as it must have at least one upper case, one lower case, one alphanumeric, one number, and must be at least 8 digits, must not use any part of your name, must not be same as any of the previous passwords. Then they make you change it every 90 days. It is not funny.
Is it even humanly possible to remember this kind of password after two days? I suspect the user would be tempted to write it somewhere thereby making it even less secure!
 
Matthew Brown
Bartender
Posts: 4568
9
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I've got a part-time job somewhere that makes me change the password every 90 days. As a result I've got into the habit of making the passwords obscene. Which affects them not at all, but makes me feel slightly better .
 
lowercase baba
Posts: 13089
67
Chrome Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Matthew Brown wrote:I've got a part-time job somewhere that makes me change the password every 90 days. As a result I've got into the habit of making the passwords obscene. Which affects them not at all, but makes me feel slightly better .


I went through that phase for a while. Then I ran out of obscenities (I guess I'd never be a good sailor).

my work now offers the option of a short, use upper/lower/symbols/whatever and change every 90 days

or

use a really long pass phrase with fewer rules that is good for a year.
 
Rancher
Posts: 4803
7
Mac OS X VI Editor Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Paul Anilprem wrote:These days many sites, specially the banks, have extreme rules for passwords



As the XKCD shows, rules are pointless. It is trivial to implement pass phrases, just make the text entry field long. You are going to hash the input anyway.

Its clear that the whole username + password authentication scheme has over lived its usefulness. First person to invent a solution that doesn't use passwords will
be richer than Mark Zuckerberg.
 
Sheriff
Posts: 14691
16
Eclipse IDE VI Editor Ubuntu
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Bear Bibeault wrote:

Maneesh Godbole wrote:This is reliable? I mean it won't transmit it to the company or anything in the background?



1Password security FAQ



I'll never never trust online services to store passwords, no matter how safe they may look like. Like Matthew, I'm using KeePass, so that I can access my password both from Linux and Windows.
 
author & internet detective
Posts: 41860
908
Eclipse IDE VI Editor Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I used patterns. One of my password requires changing monthly and requires 26 unique ones before you can repeat. I can get away with just writing down just two characters of the password to remind myself. And if I tell you my password has N5 in it, does that help you? (And yes, I just made those two up at random)
 
Jeff Verdegan
Bartender
Posts: 6109
6
Android IntelliJ IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Jeanne Boyarsky wrote:And if I tell you my password has N5 in it, does that help you? (And yes, I just made those two up at random)



Aha! So know we know that some password of yours does not have N5 in it. All your login are belong to us!
 
Bear Bibeault
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If this were a movie, it'd take about 3 guesses to crack in!
 
Jeff Verdegan
Bartender
Posts: 6109
6
Android IntelliJ IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Or there'd be a guy staring at a screen of zeros and ones saying, "This looks like one of the encryption schemes the Russians used back in the 80s. I might be able to crack the encryption if I reverse theIP address (type type type -- maybe 5 seconds) ... Got it!"

 
Bear Bibeault
Sheriff
Posts: 67746
173
Mac Mac OS X IntelliJ IDE jQuery TypeScript Java iOS
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Or phase-shift the graviton beam using tachyon bursts. Oh wait ...
 
Jeff Verdegan
Bartender
Posts: 6109
6
Android IntelliJ IDE Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
http://www.cracked.com/article_19160_8-scenes-that-prove-hollywood-doesnt-get-technology.html
 
Greenhorn
Posts: 1
Mac OS X Objective C Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Lastpass is a great solution? https://lastpass.com/index.php
 
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
10 passwords. , which are very difficult to remember.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic