Online Password security discussion

Status
Not open for further replies.
I just use the normal Google Chrome save password thingy :o

I guess i should look at a more secure thing but the only things i do are forums, paypal (change password regularly) google webmaster and social websites. Have also just started online banking but im rarely going to use it.
 
I have one master password for most sites. But I append it with values from the fibonacci sequence.

eg OCUK would add 1123 onto my master password.
 
Skyfall said:
Here's the problem I have with passwords, I don't want to remember a different password for each website but I also don't want to lose all of my accounts if one website is compromised. I'm also not a fan of 'putting all my eggs in one basket' or copying and pasting passwords from lists as it is time consuming and cannot be accessed from everywhere, so here is my solution:

Firstly I pick a word, the more vowels the better
saxophone
then change it in a memorable way by adding something
saxomaphone
then replace a's e's o's and i's with numbers
s4x0m4ph0n3
this is quite common though so shift the numbers forward or backwards so if I shifted them forward 1 you would end up with
s5x1m5ph1n4
now you have quite a secure password but you can't use it for all sites so simply add a word or abbreviation of the website so for example OCUK would be appended as 1CUK so you end up with
s5x1m5ph1n41cuk

It is surprisingly easy to get used to typing the password and easy enough to remember to append the right site's name.

Obviously it is not 100% foolproof but it is secure and the password cannot be automatically used to log into other websites if one site is compromised.
Click to expand...

That's quite clever!
 
It is clever :D but I'm too lazy to do that so I use 1Pass to generate a 15-20 digit password with capitals numbers and a couple of characters :)
 
I know plenty of people who just use an encrypted Excel file...

I can remember most of mine... (most are the same) and just use minor variations... I also try and minimise the number of websites that remember my credit card information....

kd
 
So if I, for instance, use a batch file stored on an unencrypted partition to autolog me into things (you know, ***.exe -username -password, that kind of thing), is it completely vulnerable and exposed to malware?
 
I recently moved over to KeePass+Dropbox. There is also a chrome plugin so i don't have to actually do anything other than open the main database, all my credentials are sent to the logon pages. I also use 2 factor authentication on my gmail account as that's the most important part...if they get your email account they can get into most things.
 
Skyfall said:
Here's the problem I have with passwords, I don't want to remember a different password for each website but I also don't want to lose all of my accounts if one website is compromised. I'm also not a fan of 'putting all my eggs in one basket' or copying and pasting passwords from lists as it is time consuming and cannot be accessed from everywhere, so here is my solution:

Firstly I pick a word, the more vowels the better
saxophone
then change it in a memorable way by adding something
saxomaphone
then replace a's e's o's and i's with numbers
s4x0m4ph0n3
this is quite common though so shift the numbers forward or backwards so if I shifted them forward 1 you would end up with
s5x1m5ph1n4
now you have quite a secure password but you can't use it for all sites so simply add a word or abbreviation of the website so for example OCUK would be appended as 1CUK so you end up with
s5x1m5ph1n41cuk

It is surprisingly easy to get used to typing the password and easy enough to remember to append the right site's name.

Obviously it is not 100% foolproof but it is secure and the password cannot be automatically used to log into other websites if one site is compromised.
Click to expand...

I do more or less this, except I use a passphrase rather than one word so that it's well out of reach of any rainbow tables/brute force attacks.
 
I use around 6 base passwords then merged into various algorithms to create semi-secure - highly secure 60 dig/char/sym strings.

My storage for these passwords is free, it's called my brain. All of the passwords are randomised, no words in them.
 
Status
Not open for further replies.
Back
Top Bottom