Password: Make that plural

Discussion of general issues, not related to a specific Mac or iDevice operating system.
Post Reply
User avatar
Stephen Hart
Forum Member - Level 5
Forum Member - Level 5
Posts: 3041
Joined: Thu Apr 07, 2011 10:09 am

Password: Make that plural

Post by Stephen Hart » Fri May 06, 2011 1:49 pm

I don't know whether this guy's calculations are spot on—be sure to read this—but it's something to think about. Forgetting a password is a serious risk that could easily make data irretrievable.
Bottom line of this article: use easy-to-remember words--three or more--as passwords instead of random alphanumeric passwords. Don't run the words together, separate them by hyphens or some other easy-to-remember alphanumeric character. Of course, any unusual word--non US dictionary word--you can easily remember strengthens the password some, but the gist is length.

http://www.baekdal.com/tips/password-security-usability

(Of course, there's lots of idiocy in any discussion of passwords. Debit cards might require a 4-digit password, mathematically easy to crack. Also, how secure are merchant credit-card scanners, which read your card and transmit that info? And where's your signature stored when you sign the card reader and the cash register prints the signature out? Any photo of the front of an American Express card would include the card number and the security code. A Visa card takes two photos. Finally, the biggest problems of online security and ID theft have involved companies, big and small, being cracked, giving the thieves access to thousands or hundreds of thousands of card numbers, etc.)
"Design is not just what it looks like and feels like. Design is how it works."
Steve Jobs

User avatar
Richard Serkes
Forum Member - Level 5
Forum Member - Level 5
Posts: 1010
Joined: Thu Mar 31, 2011 9:21 pm
Location: Port Angeles, WA

Re: Password: Make that plural

Post by Richard Serkes » Fri May 06, 2011 7:36 pm

Another option is to use 1Password, a forum supporter. It will create passwords that are so complicated that they are virtually foolproof. All you have to do is remember one password and 1Password will do the rest.

Go here to find out more about this program and try it FREE for a limited time. There are some great videos showing you all the things 1Password can do besides creating tamper proof passwords.


http://agilebits.com/products/1Password
---
Always burn your bridges. You never know who's coming up from behind.

User avatar
Stephen Hart
Forum Member - Level 5
Forum Member - Level 5
Posts: 3041
Joined: Thu Apr 07, 2011 10:09 am

Re: Password: Make that plural

Post by Stephen Hart » Fri May 06, 2011 8:55 pm

However, note this item. This is not 1Password, but is a similar service.
Ric Ford [MacInTouch]
Password-storing service may have been hacked
LastPass, one of the most popular password-storing services, announced Wednesday that it may have been hacked. The company is now asking many of its users to change what its marketing has been touting as "the last password you'll ever need."
LastPass, which manages passwords and reproduces users' personal info for online forms by integrating with their computer or mobile Web browser, doesn't know for certain whether its database of master passwords for user accounts was compromised.
The company noticed some anomalies in data traffic to and from its servers that it couldn't explain. But one possible explanation was a data breach.
"We're going to be paranoid and assume the worst: that the data we stored in the database was somehow accessed," wrote CEO Joe Siegrist.
"Design is not just what it looks like and feels like. Design is how it works."
Steve Jobs

User avatar
Richard Serkes
Forum Member - Level 5
Forum Member - Level 5
Posts: 1010
Joined: Thu Mar 31, 2011 9:21 pm
Location: Port Angeles, WA

Re: Password: Make that plural

Post by Richard Serkes » Fri May 06, 2011 9:44 pm

1Password does NOT store any information online that isn't encrypted. If you use 1Password on multiple appliances such as your iMac, iPad, iPhone, Macbook, etc. then you need to sync all of them. One way is using Dropbox but the common information is NOT stored in the Public folder and it's encrypted.

If you're really paranoid you can bypass the Dropbox option and manually sync by connecting each appliance to your iMac. Not convenient, but nothing is on the I'Net.
---
Always burn your bridges. You never know who's coming up from behind.

User avatar
Stephen Hart
Forum Member - Level 5
Forum Member - Level 5
Posts: 3041
Joined: Thu Apr 07, 2011 10:09 am

Re: Password: Make that plural

Post by Stephen Hart » Mon Sep 12, 2011 6:58 pm

And XKCD weighs in on this topic:

http://xkcd.com/936/
Attachments
password_strength.gif
password_strength.gif (20.46 KiB) Viewed 972 times
"Design is not just what it looks like and feels like. Design is how it works."
Steve Jobs

User avatar
Stephen Hart
Forum Member - Level 5
Forum Member - Level 5
Posts: 3041
Joined: Thu Apr 07, 2011 10:09 am

Re: Password: Make that plural

Post by Stephen Hart » Sun Sep 18, 2011 11:51 am

Here's a blog I discovered that includes a passphrase generator inspired by the xkcd comic.
The comments section has some interesting discussion of the issues involved. (Yeah, I know. Sensible comments on a blog? Whoda thunk it?)

http://preshing.com/20110811/xkcd-password-generator

There are also various password generator standalone apps. I have one called Password Generator.app, made by Agile, the makers of 1Password.
"Design is not just what it looks like and feels like. Design is how it works."
Steve Jobs

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests