Passwords: "This is fun" is 10 times more secure than "J4fS!2"

What kind of passwords do you use?

  • "This is fun"

    Votes: 12 33.3%

  • "J4fS!2"

    Votes: 24 66.7%
  • Total voters
    36
shmu26

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
ForgottenSeer 58943 said:
Password reuse or 'similar' password reuse is one of the most common methods people get hit.

I set a time to change my passwords and stick to the schedule. So for me as an example, I change all of my passwords between Dec.30 and Jan.2. Easy to remember, start fresh for the new year. I login to a legacy laptop running Debian that has been air gapped for the entire year, connect it to the internet, change my passwords, disconnect the machine when I am finished then wipe it and reinstall the latest Debian version. It's a ritual I've done for several years and don't plan to stop.
Click to expand...
Man, you don't take any chances, do you...
 
  • Like
Reactions: Handsome Recluse
F

ForgottenSeer 58943

shmu26 said:
Man, you don't take any chances, do you...
Click to expand...

None whatsoever bro.

Here's an Xfinity Pineapple attack on my network two days ago for example. I planned for such events and my Rogue AP Detection/Suppression unit was ready and suppressed the attack with ARP Poisoning within 300 seconds of it initiating. I wasn't even home at the time, but if I didn't have specific technologies deployed we'd of been PWNED.

rogueap.png
 
  • Like
Reactions: jackuars, Deleted member 65228 and shmu26
D

Deleted member 65228

I agree with @Lockdown because what he said is the most logical, good attackers do know that trying to brute-force thousands or even hundreds of passwords just isn't realistic. It'll require huge resource power and it won't work out well even then with a reality time space.

My advice would be to just not re-use the same passwords over, and don't aimlessly sign up to services you don't need to sign up on. That way if a service you would have signed up for gets hacked, now you don't have stolen credentials for it which are also valid for your e-mail account.
 
  • Like
Reactions: shmu26, roger_m, Handsome Recluse and 2 others
F

ForgottenSeer 58943

Opcode said:
I agree with @Lockdown and don't aimlessly sign up to services you don't need to sign up on.
Click to expand...

This.. I do this.

Use a fake name generator; (even use the password they generate if you wish)
Get a whole new identity at the Fake Name Generator

Then use My10MinuteEmail to create a one-time-use email for lame signups.
My 10 minute mail · Disposable email address

You can go full disposable, one time use on these fake accounts. Or save the information somewhere if you need it more than once or to re-login again. Any spam will go to a dead email account after X number of minutes so no worries there, or any worries about a compromise. I have 20-30 fake identities on crap sites.
 
  • Like
Reactions: shmu26, Handsome Recluse and Deleted member 65228
Quassar

Quassar

Level 12
Verified
Well-known
Feb 10, 2012
585
I have 20 Chatacters with all special symbols and ANSI code :D (in some web not work spacebar and ANSI)

While login i use 2 Two channel auto-type(keepass which type passowrd in shake method) which are also encryptedwith SpyShelter
And in my mail i use yet 2FA(Authy) :)
 

Attachments

  • Ashampoo_Snap_niedziela, 31 grudnia 2017_19h21m03s_001_.png
    Ashampoo_Snap_niedziela, 31 grudnia 2017_19h21m03s_001_.png
    49.1 KB · Views: 328
  • Ashampoo_Snap_niedziela, 31 grudnia 2017_19h21m24s_002_.png
    Ashampoo_Snap_niedziela, 31 grudnia 2017_19h21m24s_002_.png
    55.2 KB · Views: 348
Last edited:
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
Security News NIST proposes barring some of the most nonsensical password rules
Replies
0
Views
1,708
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
Technology Say goodbye to passkey lock-in: FIDO's new specs enable secure transfers
Replies
0
Views
282
Technology News
Gandalf_The_Grey
Gandalf_The_Grey
Templar
    • Like
Serious Discussion Passkeys actually useless at this time? Please clarify!!!
Replies
4
Views
960
Passwords and passkeys
Templar
Templar

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top