To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.admin.generalOpen lugnet.admin.general in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 Administrative / General / 5648
5647  |  5649
Subject: 
 Re: New feature: Article rating
Newsgroups: 
 lugnet.admin.general
Date: 
 Tue, 28 Mar 2000 16:22:33 GMT
Highlighted: 
 (details)
Viewed: 
 1981 times
  
In lugnet.admin.general, Frank Filz writes:
Personally, I'd love some tips on how to pick good passwords that are easy to
remember. I'll admit to using poor passwords, and re-using them. These days,
one seems to need so many passwords that I can't see how you can really work
well if you really do chose a different password for every site, and I'm
assuming somehow coding the site into an otherwise shared password is not
good. I.e. "lcp7j53qt" for Lugnet and "ebp7j53qt" for eBay is not a good idea
(though those might be sort of ok if all you have is those two, but if you
have a bunch, someone could discover your pattern).

Yes, although if someone has enough familiarity with you (and access to you)
to figure out what sites you freqent, under what names/aliases/IDs, and crack
(or attempt to crack) enough of your passwords to establish a pattern, you've
got bigger problems.  (I'm speaking to a typical user here - obviously there
are some work-related situations where this could come about fairly easily)

Obviously one way to manage the number of passwords is to have some common
passwords for sites requiring low security (like sharing a password for a
bunch of buisiness related read only web sites is probably not that bad, sure,
if someone gets your password and shares it, one of the sites might get pissed
off that hundreds or thousands of people are logging into their site using
your account, but they can cut their losses pretty quickly, and you may just
lose out by having your account canceled).

The easiest way to keep track of passwords is to use a personal association,
and munge the reference.  Use a word (preferably not a name) that is relevant
to you, but not obviously so (don't pick "polarbear" if your office is
decorated in them), and then munge it, either by dyslexic swapping
(ploarbear), number/char inserting (pol3arbear, polarb@ear, but not p0larbear
or similar obvious swaps), deliberate misspelling (pularbar) or some
combination of the above (pula$rbar, poarbaer, etc).  Mixing caps in at random
is good too - most systems are case sensitive, these days.

What are peoples feelings on systems which require you to change your password
every 6 months or whatever? It seems to me that that just encourages people to
use weaker passwords.

From my observations, most people just get annoyed at these systems, and use
an incremental password.  (polarbear1, polarbear2, etc)  Not a good effect on
system security.

James
http://www.shades-of-night.com/lego/
I'm getting paid for this --> alladvantage.com
Sign up via me, the reference $$ go to fund Lugnet.



Message is in Reply To:
  Re: New feature: Article rating
 
Personally, I'd love some tips on how to pick good passwords that are easy to remember. I'll admit to using poor passwords, and re-using them. These days, one seems to need so many passwords that I can't see how you can really work well if you (...) (25 years ago, 28-Mar-00, to lugnet.admin.general)  

309 Messages in This Thread:
(Inline display suppressed due to large size. Click Dots below to view.)
Entire Thread on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact
    
Custom Search

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR