|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Buck Marui
Caldari State War Academy
|
Posted - 2010.10.13 10:23:00 -
[1]
Originally by: Shade Millith Edited by: Shade Millith on 13/10/2010 10:08:00 Finally after quite some time, I've decided to change my password. Don't often do this with anything, as I usually don't care.
Went to change my password, and got this.
"Your password must: Contain at least one uppercase letter"
I'm seriously getting sick of more and more restrictions being placed on what I can and can't use as my password. First it was just abcdefg, now it's abcd3fg, now it's Abcd3fg.
It's getting bloody stupid. Back off and let me have what I want as my password.
People like you just invite account stealers, you shouldn't be allowed to use the internet, you clearly do not know how. |
Buck Marui
Caldari State War Academy
|
Posted - 2010.10.13 12:06:00 -
[2]
Originally by: Shade Millith No, it's people like you that can't secure your own account without having your hand held, because you clearly don't know how.
Haha, as much as I appreciate your wild speculation based on nothing, youll forgive me if I don't take anything you say seriously right?
Haha |
Buck Marui
Caldari State War Academy
|
Posted - 2010.10.13 12:09:00 -
[3]
Originally by: Vaerah Vahrokha Those who introduce those ever more intricate password schemes have not true security experience.
There is an easily met thresold beyond which security becomes counter-productive.
I worked for a para-military company for years, when they started enforcing stronger passwords people started writing them on post-its sticked on the monitors. Once the direction forbidden those post-its, they started writing Excel sheets with their and their whole departments passwords writen on them. Shortly after some of those started getting randomly spread in emails. A disaster, the maintenance guys had to constantly monitor people so they would not do stupid things. All of this because someone decided that letting people use "password" as password was unsafe but Password1 was perfectly good and strong security.
And it never occured to them to use the industry security standard of sentences? |
Buck Marui
Caldari State War Academy
|
Posted - 2010.10.13 12:17:00 -
[4]
Edited by: Buck Marui on 13/10/2010 12:20:58
Originally by: Paknac Queltel
Originally by: Buck Marui And it never occured to them to use the industry security standard of sentences?
People tend to take words like 'password' literally, unfortunately.
I do so prefer sentences. Easy to remember, easy to type, typically harder to read over the shoulder of someone typing it in...
But of course, some idiot will have put a maximum limit on password length "so they won't forget it as easily".
FFFFFFFUUUUUUUUUUUUUUUUU!!!
hehe I think you misunderstood, you dont actually use the sentence
You use certain letters of a sentence, so when someone says whats the password to "server" you can say something like "the grass is greener" and the password would be "tgig" obviously very simple there but you get the idea.
obviously this is further secured by using upper case and numbers in the sentences, also using a convention that only the people who need to know actually know, so you wouldn't just use the first letter of each word seriously.
This way you can openly tell someone the password and anybody overhearing would still not understand it. |
Buck Marui
Caldari State War Academy
|
Posted - 2010.10.13 12:29:00 -
[5]
Originally by: Paknac Queltel
Originally by: Buck Marui hehe I think you misunderstood, you dont actually use the sentence
You use certain letters of a sentence, so when someone says whats the password to "server" you can say something like "the grass is greener" and the password would be "tgig" obviously very simple there but you get the idea.
Ah, that makes sense.
You know we once had someone working for us who had her current city of residence and some date as her password? She still wrote it down and taped the paper to her monitor. No password remembering scheme will help regular users.
Haha, and to tape it to the monitor... HAHA |
Buck Marui
Caldari State War Academy
|
Posted - 2010.10.13 17:30:00 -
[6]
Edited by: Buck Marui on 13/10/2010 17:33:55
Originally by: Tippia You now have a reasonably complex, not-quite-dictionary-attackable password that is essentially only three letters long.
which is easily brute forced, and/or guessed especially since you used correct punctuation.
But I get your meaning
Oh wait nevermind I didn't get your meaning
You mean to use the sentence and not the 3 letters.
Bit long-winded I think though |
|
|
|