|
Lana
Head Banana


Registered: 10/27/99
Posts: 3,109
Loc: www.MycoSupply.com
|
Ever think about upgrading your password...
#12838943 - 07/02/10 08:54 AM (13 years, 10 months ago) |
|
|
Hi Everyone, Being one of the moderators here in the Security and Safety I feel like I should address some simple security features that everyone here can perform.
Upgrade your password.
It's easy, it takes very little time to do and if you stop and think about the content on this site, well.... If there is ANY site that you visit, this should be the one that you keep protected with a strong password.
Using a combination of letters, numbers and symbols is best. Get creative! Put your screen name into an English to French translator then add the number of your favorite dish at your local Chinese eatery. Combine your first lovers last name with current lovers birth date
If there's one thing I know about Shroomery members, it's that they're the most creative and innovative people around! So with that in mind, go ahead and update your login password.
You'll be thankful you did!
Have a nice day, Lana
-------------------- Myco Supply - Distributors of Mycological Products http://www.MycoSupply.com The Premiere Source for Mushroom Growing Supplies. Visit us online or call us toll free
|
suburbanned
Stranger

Registered: 02/20/08
Posts: 2,810
Last seen: 13 years, 9 months
|
Re: Ever think about upgrading your password... [Re: Lana]
#12858664 - 07/06/10 08:08 PM (13 years, 10 months ago) |
|
|
I'll forget if it is that difficult
|
4runner



Registered: 07/16/10
Posts: 15,406
Loc: State of Jefferson
|
Re: Ever think about upgrading your password... [Re: suburbanned]
#12925479 - 07/20/10 04:04 PM (13 years, 9 months ago) |
|
|
I like this site for generating passwords pctools.com/guides/password/ (Ignore that big download button BTW, the generator is below it and right on the site for use.)
I generally uncheck "Include Mixed Case", I can do that myself. Also I generate 50 of them then scan them for something that almost looks like a word I can remember(which is why I uncheck mixed case, easier to see a word without it). I would then add my own upper case letters to make it almost imposable for a brute force dictionary attack to guess.
Might want to write it down for the first week of use
|
blink
eye of horus



Registered: 03/31/02
Posts: 11,349
Loc: Geographic Location (Stat...
|
Re: Ever think about upgrading your password... [Re: Lana]
#13053954 - 08/15/10 07:50 AM (13 years, 9 months ago) |
|
|
--------------------
|
Green_T


Registered: 10/02/08
Posts: 4,042
Loc: UK
|
Re: Ever think about upgrading your password... [Re: blink] 2
#13179259 - 09/11/10 09:42 AM (13 years, 8 months ago) |
|
|
How to generate a good password: Take a phrase/line of a song that is easy to remember: The Right Of The People to Bear Arms Shall Not Be Infringed Take the first letter of each word: TROTPTBASNBI Replace some letters with symbols/numbers: TR0TPTB@$NB1 Alternate upper and lowercase appropriately: Tr0TPtB@$nB1 Check it on www.passwordmeter.com, adding new numbers and symbols etc to make it stronger: Tr0tP2B@$n8!
for added security: repeat twice/thrice to make more complex: Tr0tP2B@$n8!Tr0tP2B@$n8! add the website name to/within each password so they vary slightly
Tr0tP2B@$n8!gm@!l Tr0tP2$hr0om3rYB@$n8!
How long it takes to crack passwords with an attack: http://www.lockdown.co.uk/?pg=combi&s=articles
A good password will appear random, not have words from the dictionary, and have a mix of special characters and numbers.
--------------------
"I have sworn upon the altar of god eternal hostility against every form of tyranny over the mind of man" - Thomas Jefferson Legalize Meth | Drug War Victims
|
Bacchus
Lurker




Registered: 10/10/06
Posts: 914
Loc: ::1
|
Re: Ever think about upgrading your password... [Re: Green_T]
#13216713 - 09/19/10 02:21 AM (13 years, 7 months ago) |
|
|
I like to use KeePassX (or Keepass for you windows users) to manage my passwords. It stores passwords in a strongly encrypted database that can be easily transported between computers. You just have to remember one strong password to unlock the database. Inside, you can have a different password for every account. It has an excellent built-in password generator with lots of good options.
The part that I really love is that you can have the program sitting, locked in your system tray. When you want to log into a web page, just hit the keyboard command (CTRL+ALT+Shift+A by default) and the program will prompt for your master password, match the active website to the entry in the database, enter the user/pass, submit the form, and lock the database again all the while keeping your password protected in system memory.
If you want to copy the password for some reason, KeePass will securely erase your clipboard after a defined period of time. How awesome is that?!
It's open source and cross platform. I've used it on windows, Apple, and Linux.
Why settle for using the same one or two passwords for every single site when you can have a unique, 30 character, alphanumeric, mixed case, special character password for each one? Using the same password for everything, even if it's strong, is leaving yourself vulnerable. If any one of the sites you visit are compromised, your username/password combo could be cracked and circulated. Believe me, plenty of nasty people have text files full of both user/pass pairs and dictionary words that are hundreds of megabytes and even gigabytes in size.
Sorry. I'll get off my soapbox now. Passwords are just something I feel strongly about. My girlfriend of two years asked me for the password to unlock my linux box and I almost broke up with her. (Ok, maybe not...)
--------------------
Living on a no-Flash diet is way easier than you think. Give it a shot.
Edited by Bacchus (11/03/10 09:51 PM)
|
johnm214



Registered: 05/31/07
Posts: 17,582
Loc: Americas
|
Re: Ever think about upgrading your password... [Re: Bacchus]
#13225669 - 09/21/10 05:59 AM (13 years, 7 months ago) |
|
|
I would recomend PasswordSafe http://passwordsafe.sourceforge.net/
It is a password-management system for Windows that allows you to record your various passwords and easily look them up/organize them. It also allows you to create passwords simply based on simple criteria of length and charecters, et cet.
I'm not qualified to comment on its security, however; it has reasonable exposure and usage and no problems have been reported. It uses twofish encryption which has no serious problems identified and is well-reviewed by those knowledgeable.
My strategy is basically to use this program and protect it with a robust password created from a hash (simple programs for verifying file integrity can be downloaded to do this) of a passphrase I use only for this program. Then, you can have secure passwords for the sites that need it and not have to worry about forgetting them or having all your passwords made worthless if one site is compromised.
Might be worth checking out
|
Anonymous #1
|
Re: Ever think about upgrading your password... [Re: Lana] 3
#13824635 - 01/21/11 05:10 AM (13 years, 3 months ago) |
|
|
A couple added tips from someone who cracks WPAs all the time, besides just making it strong. I Like to start mine with an uppercase letter high in the Alphabet. When running a bruteforce/ dictionary attack, character generator like crunch, john the ripper, etc, they all take a ton of time. The longer you can make it take the less chances you have of getting cracked. Since character generators like crunch start with symbols, move to lowercase, then uppercase, by using uppercase you put the password way down on their list, potentially. A lot of dictionaries will have a list of passwords, then the same list with the first character Capitalized, then all caps, then tweaked etc so avoid using all caps and having only the first Character capitalized. Make the first two or three capitalized. Dont bother using a bunch or random words in random orders, this is an easy trick to beat as password generators will often rip all the words off a website and then mix them in millions of variations. So if I wanted to hack a shroomery password I'd most likely pull a hundred thousand words and combinations straight from the text on this website, tweak them to expand the hundred thousand to a hundred million, and hammer away. Example: hacked a WPA the other day who's password was PimpTrickGangstaClick Looks relatively safe but I got it using only 180 million passwords before it. WPAs really need to be the most secure possible. Once I have your WPA and am in range to hear your traffic I can get everything and I mean everything. Thats not what I do, I just like free internet wherever I go, but If I can get that password, so can someone else who's intentions are more sinister.
Biggest tip possible: have different passwords to every single site you visit often. You dont want someone cracking one of your passwords and then having everything. I used to Admin a message board and with even the most up to date SMF forum I could have had every one of my members' passwords if I was so inclined. Once I have their forum password since I already have their email from being an admin, I probably have the password to their email now too. Of course I have their IP as well so the possibilities for havoc are endless. Probably untraceable to me too since the user is probably a member of several other forums as well and why would they suspect an admin of one site they visited to hack their shit. They'll think they got it from porn. Dont know if that helps anyone but a lot of you need help. The threats are serious. I have no monetary incentive to do what I do besides getting free internet because I dont steal, yet I can still do a lot of shit just to see if I can. I imagine what someone can do that does this for a living and doesnt have the ethics I do, someone that does this all day every day. Be safe people, make em strong and let some other idiot with a weak password get all their CC's stolen and their Identity mangled. Dont let it be you.
Final tip, security questions: make the answer wrong when you set it up, something totally out of left field but odd enough to remember. If it asks where you were born say Kamchatka. Someone you know could be the one hacking your shit and of course they're gonna know you were born in Davenport Iowa and that your mom's maiden name is Gary Coleman.
|
iluvfungi



Registered: 06/17/09
Posts: 1,488
Loc: Oakland, CA USA
Last seen: 13 years, 7 days
|
Re: Ever think about upgrading your password... [Re: Green_T]
#14125080 - 03/15/11 02:01 PM (13 years, 2 months ago) |
|
|
Or I recommend phrases
IhaveaLargePenis9999)(
|
snoot
look alive ∞




Registered: 01/30/05
Posts: 9,644
Loc: 45º parallel
Last seen: 13 hours, 46 minutes
|
Re: Ever think about upgrading your password... [Re: iluvfungi]
#14160114 - 03/21/11 04:15 PM (13 years, 2 months ago) |
|
|
I use a 27char pw, that varies depending on what its for, I try to incorporate whatever I'm protecting into the password somehow, so I'll remember it,.
I find it funny some things like gmail, only require you to know your favorite artist or something to change your password, haha. I recommend never using those q/a's and making up your own questions, but don't use a question at all using a simple word/response type deal that you'll remember, one of the easiest ways to spoof someones accnt is to figure out there security question and change their password.
--------------------
∞ I am incapable of conceiving infinity, and yet I do not accept finity. - Simone de Beauvoir -
|
Adden

Registered: 06/04/03
Posts: 39,201
Loc:
|
Re: Ever think about upgrading your password... [Re: snoot]
#14169181 - 03/23/11 10:34 AM (13 years, 1 month ago) |
|
|
.
Edited by Dystopia (12/19/12 11:33 AM)
|
slapphappypill
Enthusiast!




Registered: 11/07/10
Posts: 5,570
Loc: In bed with your mom
|
Re: Ever think about upgrading your password... [Re: Adden]
#14171238 - 03/23/11 04:37 PM (13 years, 1 month ago) |
|
|
Best tool ever for anyone wanting or needing a complex password! http://www.pctools.com/guides/password/
-------------------- We think we have freedom, but we're all just mice in a maze.... FYI: I stole all my pix off google! F+ PORN! Here is a shit-ton of porn by yours truly! I have FINALLY written up a couple teks as to how SHP has done things in the past. DISCLAIMER: This is not for the newbie to mycology, and not going to work for everyone! This is simply what works for one person when other teks and methods have failed miserably! ~~~~~How SHP does their unconventional WBS Prep!! (NO DRY METHOD)~~~~ ~~~~~SHP's highly disputed method of doing ALL their work outside of a flow hood or a Still air box!~~~~~ ~~~~~Troubles harvesting the side and bottom pins in your mono? Learn how!! Dunking included ;-)~~~~~
|
BothHands
Dog Coffee



Registered: 10/28/09
Posts: 13,177
Loc:
Last seen: 5 years, 2 months
|
Re: Ever think about upgrading your password... [Re: Lana]
#14171287 - 03/23/11 04:48 PM (13 years, 1 month ago) |
|
|
Who steals a shroomery password? What could anyone possibly want with it?
|
slapphappypill
Enthusiast!




Registered: 11/07/10
Posts: 5,570
Loc: In bed with your mom
|
Re: Ever think about upgrading your password... [Re: BothHands] 1
#14171349 - 03/23/11 04:57 PM (13 years, 1 month ago) |
|
|
-------------------- We think we have freedom, but we're all just mice in a maze.... FYI: I stole all my pix off google! F+ PORN! Here is a shit-ton of porn by yours truly! I have FINALLY written up a couple teks as to how SHP has done things in the past. DISCLAIMER: This is not for the newbie to mycology, and not going to work for everyone! This is simply what works for one person when other teks and methods have failed miserably! ~~~~~How SHP does their unconventional WBS Prep!! (NO DRY METHOD)~~~~ ~~~~~SHP's highly disputed method of doing ALL their work outside of a flow hood or a Still air box!~~~~~ ~~~~~Troubles harvesting the side and bottom pins in your mono? Learn how!! Dunking included ;-)~~~~~
|
D.C
#cultivation addict
Registered: 12/15/10
Posts: 38
|
Re: Ever think about upgrading your password... [Re: slapphappypill]
#14288019 - 04/14/11 01:20 AM (13 years, 1 month ago) |
|
|
I like the idea behind Diceware.
Also, from their tips: "For maximum security make sure you are alone and close the curtains. Write on a hard surface - not on a pad of paper. After you memorize your passphrase, burn your notes, pulverize the ashes and flush them down the toilet."
|
Bacchus
Lurker




Registered: 10/10/06
Posts: 914
Loc: ::1
|
Re: Ever think about upgrading your password... [Re: D.C]
#14291491 - 04/14/11 05:26 PM (13 years, 1 month ago) |
|
|
I forgot to share my trick for memorizing long, pseudorandom passwords. My passwords are usually 10-12 characters long consisting of upper case, lower case, numbers, punctuation, and special characters. I have about 10 such passwords stored in my fingers' muscle memory.
What I do is open my password generator in one window and a simple text editor in another. Then I just generate password after password and type each one out looking for one that feels or sounds good to type. If I can make some kind of pnuemonic or jingle to say to myself while typing, even better. This helps accuracy and speed and reduces the need for traditional rote memorization.
By doing this, I can teach a password to my fingers after using it only a few times. It's kind of funny: if I were to recite one of my passwords orally (which would never happen), I would need to hold my hands up and type it out in the air.
--------------------
Living on a no-Flash diet is way easier than you think. Give it a shot.
|
user1837483975


Registered: 10/18/09
Posts: 2,161
Last seen: 4 years, 2 months
|
Re: Ever think about upgrading your password... [Re: Bacchus]
#14294366 - 04/15/11 06:58 AM (13 years, 1 month ago) |
|
|
Quote:
Bacchus said: I like to use KeePassX (or Keepass for you windows users) to manage my passwords.
Why settle for using the same one or two passwords for every single site when you can have a unique, 30 character, alphanumeric, mixed case, special character password for each one? Using the same password for everything, even if it's strong, is leaving yourself vulnerable. If any one of the sites you visit are compromised, your username/password combo could be cracked and circulated. Believe me, plenty of nasty people have text files full of both user/pass pairs and dictionary words that are hundreds of megabytes and even gigabytes in size.
Problem with that is now you have passwords for websites that you don't actually know - so if for example you lost your hard drive or it became corrupt etc etc you would be unable to access any of your accounts.
|
orison
mcfluffysugarnuts


Registered: 01/19/09
Posts: 5,481
Last seen: 4 hours, 32 minutes
|
Re: Ever think about upgrading your password... [Re: user1837483975]
#14294370 - 04/15/11 07:02 AM (13 years, 1 month ago) |
|
|
copy paste your passwords on a stick..
|
Bacchus
Lurker




Registered: 10/10/06
Posts: 914
Loc: ::1
|
Re: Ever think about upgrading your password... [Re: orison]
#14297561 - 04/15/11 07:42 PM (13 years, 1 month ago) |
|
|
Ever hear or backups? The file is like 10KB. I email it to myself.
--------------------
Living on a no-Flash diet is way easier than you think. Give it a shot.
|
Anonymous #1
|
Re: Ever think about upgrading your password... [Re: Bacchus]
#14343121 - 04/24/11 11:27 AM (13 years, 28 days ago) |
|
|
Quote:
Bacchus said: I forgot to share my trick for memorizing long, pseudorandom passwords. My passwords are usually 10-12 characters long consisting of upper case, lower case, numbers, punctuation, and special characters. I have about 10 such passwords stored in my fingers' muscle memory.
What I do is open my password generator in one window and a simple text editor in another. Then I just generate password after password and type each one out looking for one that feels or sounds good to type. If I can make some kind of pnuemonic or jingle to say to myself while typing, even better. This helps accuracy and speed and reduces the need for traditional rote memorization.
By doing this, I can teach a password to my fingers after using it only a few times. It's kind of funny: if I were to recite one of my passwords orally (which would never happen), I would need to hold my hands up and type it out in the air.
Quote:
Bacchus said: Ever hear or backups? The file is like 10KB. I email it to myself.
Started out with some good info, then
|
|