Sciencemadness Discussion Board

Please replace your passwords-

Bert - 6-2-2018 at 08:18

As a precaution, I would suggest EVERYONE should replace their passwords ASAP.

If you are not conversant with curent thoughts on best practices for password selection, seek ye the knowledge. (Thanks, Texium. Us trilobites never needed more than 8 bits)

IF YOU LOST THE OLD ONE, Woelen IS NOW A SUPER ADMIN AS WELL AS Polverone and Bert. These are who you need to contact in order to re-set. You will need to know the ORIGINAL email you used to establish your account for this to be done.

Our resident troll seems to be interested in cracking now, rather than nuclear transmutation of the more abundant elements into the rarer ones.

20180206_111759.png - 756kB

[Edited on 6-2-2018 by Bert]

[Edited on 6-2-2018 by Bert]

Texium - 6-2-2018 at 08:29

Alternatively, this is a more effective method for making strong passwords: https://xkcd.com/936/

I'd recommend it!

Corrosive Joeseph - 6-2-2018 at 08:44

I actually changed mine a few days ago.......

https://howsecureismypassword.net/ tells me my new password would take a computer 4 Quadrillion years to crack


:D


/CJ

ninhydric1 - 6-2-2018 at 08:48

Mine takes 4 thousand years to crack, so it should be relatively safe.

Texium - 6-2-2018 at 08:59

My old one got 7 quadrillion years, my new one... 18 decillion

Funnily enough, if you enter "correcthorsebatterystaple" it will say "Instantly- the hackers are probably onto this one by now"

JJay - 6-2-2018 at 09:08

There are numerous stories where a password file was leaked from one site and cracked and then the hackers used the passwords to gain entry to other sites. It's best not to reuse a password that you use on any other site.

Of course, we all have broken that rule dozens of times over. But if you have a troll in your account, you'll wish you had secured your password.


[Edited on 6-2-2018 by JJay]

Tsjerk - 6-2-2018 at 09:44

Quote:
https://howsecureismypassword.net/

although likely to be safe, better not to enter passwords here which you still use. It would be worth a fortune to get all the passwords entered....




[Edited on 6-2-2018 by Tsjerk]

happyfooddance - 6-2-2018 at 11:17

Quote: Originally posted by Tsjerk  
Quote:
https://howsecureismypassword.net/

although likely to be safe, better not to enter passwords here which you still use. It would be worth a fortune to get all the passwords entered....




[Edited on 6-2-2018 by Tsjerk]


I know, right? It's like, "It would take a million years to crack your password, if you HADN'T JUST GIVEN IT TO US."

Texium - 6-2-2018 at 16:09

Quote: Originally posted by JJay  
There are numerous stories where a password file was leaked from one site and cracked and then the hackers used the passwords to gain entry to other sites. It's best not to reuse a password that you use on any other site.

Of course, we all have broken that rule dozens of times over. But if you have a troll in your account, you'll wish you had secured your password.
Yes, that's why I decided to make a new one for here even though my old one was very strong.

Σldritch - 7-2-2018 at 02:15

Does the password reset button work now or will it still lock you out off your account?

wg48 - 7-2-2018 at 04:01

Quote: Originally posted by Σldritch  
Does the password reset button work now or will it still lock you out off your account?


I tried three times th change my password and failed. I assumed it was my finger trouble.

Oops! thinking about it yourr probably talking about the request PW reset button.

diddi - 7-2-2018 at 16:31

is 8 billion years enough? wait til we get quantum computers.

so what this is saying is that in the time my password could be cracked, i may have stuck to one of my new year resolutions

SWIM - 7-2-2018 at 16:36

Well, goodbye to my trusty old friend PASSWORD123.

I can still use it for my bank and credit cards, right?

EDIT: Changing passwords working fine right now.

[Edited on 8-2-2018 by SWIM]

EDIT: as to qwertyuiop mentioned below, I actually used to be an etaolinshrdlu man myself.
It's one row of keys on the old Merganthaller linotype machine.

It did leave me vulnerable to hackers who were 90-year -old former typesetters, but how many of those can there be?



[Edited on 8-2-2018 by SWIM]

[Edited on 8-2-2018 by SWIM]

[Edited on 8-2-2018 by SWIM]

j_sum1 - 7-2-2018 at 16:46

qwertyuiop[ is your new friend if you want a truly random-looking password.
:P

ninhydric1 - 7-2-2018 at 17:34

Quote: Originally posted by j_sum1  
qwertyuiop[ is your new friend if you want a truly random-looking password.
:P


You can type it with one stroke of a finger too.

Bert - 7-2-2018 at 18:00

For years, it was PASSWORD_HERE

The instructions were always very clear: "ENTER PASSWORD HERE" What changed that we're supposed to make up our own now?

[Edited on 8-2-2018 by Bert]

mayko - 7-2-2018 at 18:15

Quote:
Two days earlier he has received a desperate phone call from Jacopo Belbo, his colleague at a Milan publishing house. Before being abruptly cut off, Belbo has time only to tell him that he is in extreme danger, and that he must consult the files on their office word processor. But as soon as he loads the machine, a message appears: 'Do you know the password?' he gazes helplessly at the computer, knowing that Belbo's life depends on his being able to key in the correct word. Rapidly he calculates that 'it would take... two thousand years to go through all the possibilities.'

https://www.theguardian.com/books/1989/oct/12/fiction.jonath...

spoiler: the computer is accessed by answering the question honestly: "No".

Melgar - 7-2-2018 at 19:39

Some more relevant xkcd comics about passwords:

https://xkcd.com/792/

https://xkcd.com/538/

ficolas - 8-2-2018 at 08:12

Quote: Originally posted by Texium (zts16)  
Alternatively, this is a more effective method for making strong passwords: https://xkcd.com/936/

I'd recommend it!

Dictionary attacks could crack that. No one uses pure bruteforce when trying to crack a password
I may be wrong tho, it may be too slow even for a dictionary attack because of 4 words.

[Edited on 8-2-2018 by ficolas]

Twospoons - 8-2-2018 at 12:27

Given that most people have a vocabulary of about 5000 words they use regularly, choosing four words gives you 6.25^14 combinations (allowing repeated words). Given the number of people that cant spell I guess that number goes up a bit. I would have thought it would be fairly easy to screw up a dictionary attack by tossing in an odd letter/number/symbol somewhere - like always using a # between words 1 and 2. Or by using words from different languages.

"correct!chevalbatterystaple" has to be harder to crack by dictionary attack.

Bert - 8-2-2018 at 12:55

If you use a well remembered quote, complete with capitalization and punctuation?

How large is the body of material returned by googling "popular quotes"?

Chemetix - 8-2-2018 at 15:05

Arrrrgh! passwords, the frikken bane of modern existence.

Software drives the most simple and banal tasks these days and is still protected by more security than a PC4 lab.

Imagine this, I want to pick up a note pad and a pencil and write a few notes but the note pad has upgraded it's software recently and the pencil has has recently been bought by the note pad company and now wants me to open a new account so that it will synchronise with the pad front page. But the password entry page for the pencil is telling me I can't use Chemitex as my user name because that user name is taken.

I can't get into the pad account to reset the password and user name to resolve this because it somehow thinks the same password I have been using all this time is wrong and has locked me out, and the code that was sent to my phone to reset the password can't be entered because I can't get beyond the lockout screen. And I get a message in my e-mail telling me there has been unusual activity with my account could I please log in and change my password to prevent hacking!!!!!!! So now I can't use the pencil and and the pad because of conflicting passwords and incomprehensible security software......THANKS MODERN TECHNOLOGY!

NOBODY had any problems changing/remembering passsords?

Bert - 8-2-2018 at 15:43

I am very happy if this is true.

j_sum1 - 8-2-2018 at 18:07

Quote: Originally posted by Bert  
I am very happy if this is true.

Not entirely true. I had some issues with autofill not doing what it was supposed to do and thought I was locked out for a while. That would have been annoying.

Let me stress the importance of not having duplicate passwords for different sites or even related derivatives. Hackers trade libraries of compromised passwords and use these to mount attacks on other sites. The last thing you want is for an online purchase from a pretty obscure seller three years ago to be the stimulus for identity theft and compromise of your sensitive information.

Having done a bit of reading on the subject I am a fan of the correcthorsebatterystaple method but I use a different vocabulary set. Not the 2000 most common words but instead a library of obscure facts and whimsical events from my life -- which form suitable mnemonics. Hey, you gotta do something useful with the library card number you had when you were 10 or the cullinary disaster Aunt Gertrude performed that Christmas when Brian got plastered.

The Volatile Chemist - 8-2-2018 at 19:32

J_sum, I see you read the 'Hardy Boys'...

j_sum1 - 8-2-2018 at 20:32

Sorry. No. Well maybe one or two. I don't get the reference.