General Question

ibstubro's avatar

How are you dealing with the internet password crisis? [Details.]?

Asked by ibstubro (11360 points ) June 3rd, 2014

It seems as if every website I use wants me to change my password. As often as twice in a month, lately.

“10 characters long.”

“At least one number, one capital letter, one lower case letter and one character. No more than 3 consecutive.”

“No name, initials, birthday, graduation, SSN#, etc., etc. that might be cross-referenced.”

Finally, no duplications! Every site you visit should have a unique password that is totally divorced from your life.

How can anyone manage this?

Observing members: 0 Composing members: 0

15 Answers

talljasperman's avatar

I change my password daily because I forget my password every time.

ibstubro's avatar

Do you have formula, @talljasperman? If you can’t remember your password, how do you change it?

zenvelo's avatar

Drives me crazy, we have different passwords for different applications at work, all with different rules.

I just started using the same one everywhere, with enough caps, no repeat letters, character and then numbers.

hearkat's avatar

We use a program called 1Password – it has mobile apps as well as desktop programs and browser extensions. They will generate, store and fill your passwords for you, and sync your database across devices.

ibstubro's avatar

EXACTLY what they claim is WRONG, @zenvelo.

I might have just uncovered the new UPC. Perhaps they’re making it progressively more difficult to log in, in order to make a Universal log in palatable?

ibstubro's avatar

Can 1Password be hacked, @hearkat?

talljasperman's avatar

I remember the security questions and I click on the forgot your password button.

Seek's avatar

I pretty much use the same password for everything…

…except my email and bank account. Those have their own, unique passwords.

hearkat's avatar

@ibstubro: They assure us that it is secure and encrypted and such. My fiancĂ© is in IT and he trusts them, so that’s good enough for me. I’m sure the web site I linked to has more specifics for those who might understand all the tech lingo.

Buttonstc's avatar

I have NEVER put any of my banking info online. The one debit card which I use for purchases is completely separate from my primary account.

Whenever I need to, I pick up the phone to transfer funds from my primary acct. to this one. This way, the most I’d ever temporarily lose would be
less than about $200. And my bank would return that to me eventually since fraud would have been involved.

As long as telephones still work, I will never put any of my banking info online because somebody somewhere will figure out how to hack it. I’d far rather put up with the SLIGHT inconvenience of doing my transactions by mail or by telephone.

I just don’t think it’s possible to develop a secure hack-proof banking network as long as there are guys over in Russia or elsewhere who have devoted themselves 24/7 to cracking it.

There are some “conveniences” in life that carry too great a price tag in terms of risk.

And my email and other online stuff, they are welcome to since I don’t care whether they know about it. From the moment I first got online, I’ve always realized the truth of the fact that there is NO such thing as privacy on the Internet and have conducted myself accordingly.

josie's avatar

I usually use a standard password and add the last 3 or 4 characters based on the name of the website.

Plus I also have Keeper as a phone app that keeps track of passwords in case there is an exeption

rexacoracofalipitorius's avatar

For a long time I had a formula that I used to generate passwords. Some of those passwords are still in use. There’s too many of them now for me to keep track of, and the generated passwords were weak: John the Ripper made short work of them in a test one weekend. After that I decided that I needed a better approach, so now I use a program called APG to generate new ones. If I only ever need to access them from home I let my browser’s password manager manage them. If I need them to be portable I save them to a file, encrypt the file to my public key, and copy it to my USB stick (I carry this around all the time.) That way I have them available if I need them, but they can’t be accessed without my passphrase. This is a pain in the butt, so I don’t keep these files on the stick unless I expect to need them.

johnpowell's avatar

openssl rand -base64 25

Then I keep a text file on my computer with all the different ones (each site gets a new one). From there just copy and paste.

2davidc8's avatar

Has anyone tried these password crackers to see if your passwords are robust enough?

Response moderated (Spam)

Answer this question

Login

or

Join

to answer.

This question is in the General Section. Responses must be helpful and on-topic.

Your answer will be saved while you login or join.

Have a question? Ask Fluther!

What do you know more about?
or
Knowledge Networking @ Fluther