What's new

Tips For Strong Password

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Used my mobile number as password! Also, 50% of whom I know using their phone number as their passwords. Common passwords also: 123456, qwerty, asdfghjk. One of my failed passwords was 123qwe!@#QWE! It was a disaster.

The short and best way is to use a password manager.
If you want to make your own and come up with a good password in my opinion you should 1- Make it very easy to remember (it's very important to use numbers and words that's very easy to you). 2- Combine/mix things up. Here is the idea:
>Use three words that come to your mind, and you always remember them.
>Choose a well-known number to you.
>Choose one of the symbols that you like. Make sure that it's easy to reach on moboile keyboards (If you use smartphones a lot)
>Mix them in a pattern you desire.
Example:
>"great", "madness", "roll"
>1982
>!
> madrollthe19!!AndmakeItGreat1982!!! (repeat it like 100 times on keyboard to memorize it pretty well)
MADrollthe19!! (this is a short one)
FACEMADrollthe19!!BOOK (this is for Facebook)
GMAILAndmakeItGreat1982!!! (For Gmail)
madSNBrollthe19!!forums (for SNBForums)
... and so on.

You can make your own combine/mix rules. I come up with this idea from:

 
A strong password contains upper/lower case letters with numbers (I don't like special characters as some logins don't allow them).

Of course, my passwords relate to my past; the difference is that its the parts of my past that nobody knows about and I don't talk about. And its what helps me remember them too.

When you get to about 20 characters for a password; you're safe.

Btw, password managers are the worst ideas I have ever seen.
 
Test your password at this site to see how long it will take to crack it.

Not every device will take 20 characters. Asus routers are limited to 15 or 16 chracters.

https://www.grc.com/haystack.htm
 
Test your password at this site to see how long it will take to crack it.

Not every device will take 20 characters. Asus routers are limited to 15 or 16 chracters.

https://www.grc.com/haystack.htm

(NOTHING you do here ever leaves your browser. What happens here, stays here.)
GreenLight.png
2 Uppercase
GreenLight.png
5 Lowercase
GreenLight.png
8 Digits
RedLight.png
No Symbols
15 Characters

Time Required to Exhaustively Search this Password's Space:
Online Attack Scenario:
(Assuming one thousand guesses per second) 2.48 hundred trillion centuries
Offline Fast Attack Scenario:
(Assuming one hundred billion guesses per second) 2.48 million centuries
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 2.48 thousand centuries


Yup! Safe. With only 15 characters. :D
 
Humans suck at making passwords. Period.

1. Use a password manager, especially if open source and not web-based. There are different options depending on features. The most well-known and reputable are Keepass and 1Password.
2. Use a different password for every single site and different usage.
3. Use as long a password as is permissible on a platform. Lengths of 20+ are great. Anything less than 13 alpha-numeric characters is not.

One of the main benefits of password managers is that you never need to remember or type out anything other than how to access the password manager's database. On some platforms you can even do the latter with biometrics, e.g. a fingerprint (though that should not be the only means of access). You can just copy and paste passwords or have them auto-filled.

For anything you actually need to remember, e.g. for the password manager itself or encryption keys, you can use a passphrase instead. The most widely accepted secure method is Diceware and minor variations such as that recommended by the Electronic Frontier Foundation (EFF). These choose words randomly from a list. Enough words and you have the security equivalent to a randomly generated password due to the sheer number of random word combinations, except its much more memorable.
 
Read the list of 100 worst passwords of 2018.
Does any password relate to you in the past? What would you advice for keeping a strong password?
I was ok with the link as a useful reminder until their closing line;

“When your accounts are “Hacked” due to “short simple and pretty easy to crack Passwords”, only you are to blame.”

Of course we should try to protect ourselves but, ultimately, all the blame goes to the crook/criminal/perpetrator!
 
I know one password, the one that I log into my computer with. For everything else I use a random password generator and store these in a notepad file on a usb flash drive and then copy and paste when I log into any website that I visit whether it's Amazon, eBay, or any financial website. Also use two-factor Authentication where it's available. And change your important ones regularly. Every month would be good. And yes I do have more than one backup and they are up to date. I know it's a lot of trouble but so is someone draining your bank account.
 
All the methods discussed above (not picking on anyone here...), from password managers, USB drives with notepad files on them to random password generators have huge flaws in their design and implementation.

The safest passwords are the longest you can remember yourself. Anything else is simply believing that a different system can do it better than us. And when a different system, person or entity is doing it for us; there is the biggest 'security' flaw right there. Even if today we feel safe using such snake-oil solutions.
 
But L&LD, I'm 70 plus years old. I can't remember what I had for lunch yesterday and I gave up on Lastpass a long time ago. And no offense taken.
 
But L&LD, I'm 70 plus years old. I can't remember what I had for lunch yesterday and I gave up on Lastpass a long time ago. And no offense taken.

And I will be there too shortly!

But the logic of password 'keepers' doesn't make much sense to me. Never used them. Never will. I too have my passwords written down and in a safety deposit box, but that isn't for me...
 
Well at least we keep them in a safe place. My kids know how to access them for WHEN I get to the point I can't take care of my own business.
 
The safest passwords are the longest you can remember yourself.

My password manager currently contains 714 entries. Memorizing is not an option.

The only memorizable passwords are the older ones, and those I have to manually enter on a nearly daily basis - and these are highly randomized strings that I memorized following keyboard patterns (and other tricks). My SSH key passphrase for example is a long sentence that I memorized. Everything else is randomly generated.

I also recommend that service: https://haveibeenpwned.com/ . It's run by a Microsoft engineer, and it helps you getting warned when your email address is making the rounds on a new stolen password list.

Password managers are fine, as long you chose a good one, and you learn how to use it properly. The one I use allows me to sync passwords between multiple devices without relying on the cloud, and it has a feature that clears the clipboard once you exit it (in case you did a copy/paste of a password).
 
My password manager currently contains 714 entries. Memorizing is not an option.

The only memorizable passwords are the older ones, and those I have to manually enter on a nearly daily basis - and these are highly randomized strings that I memorized following keyboard patterns (and other tricks). My SSH key passphrase for example is a long sentence that I memorized. Everything else is randomly generated.

I also recommend that service: https://haveibeenpwned.com/ . It's run by a Microsoft engineer, and it helps you getting warned when your email address is making the rounds on a new stolen password list.

Password managers are fine, as long you chose a good one, and you learn how to use it properly. The one I use allows me to sync passwords between multiple devices without relying on the cloud, and it has a feature that clears the clipboard once you exit it (in case you did a copy/paste of a password).

Do you mind sharing what password manager do you use?


Sent from my iPhone using Tapatalk
 
Do you mind sharing what password manager do you use?

I use SplashID (with the cloud functionality disabled, so I sync over Wifi).

Been using it since back in my Palm 3E days.
 
I use SplashID (with the cloud functionality disabled, so I sync over Wifi).

Been using it since back in my Palm 3E days.

Thank you!


Sent from my iPhone using Tapatalk
 
I had a look at SplashID and while the layout seems great, the free version is very limited (to one device).

Having a look around KeePass seems to be the best version of this software type for a long time now. Any thoughts or comments for or against?
 
Splash ID has always worked for me since I first installed it on a Palm device. I run it on multiple devices and I think I paid a one time life time license fee of $19.95.

Some of the versions have worked better than others depending on the device but it gets the job done. Currently have about 350 passwords, combinations, serial numbers, etc. stored on the app.
 
I checked the website and the Pro version is currently $19.99 a year for unlimited devices. I'm looking at this, 1Password, and KeePass.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top