Passwords - Why Stupid People Should Not Use The Intarweb

[Steely Dan]

Funny because at work many years ago (about 15) we had an electric gate that had a "Multi-Code" remote for the operator... It was set from the factory with the dip switches: "One up, one down." Anyway, I went home to BFLO in the early 1990's and pressed it accidently at my parent's house... Their neighbor's garage door opened up. Man was that a hoot... We could stand at my parent's front picture window opening and closing the neighbor across the street's gargage door. Funny because my father would always swear the gargage door would open when planes flew over towards the airport... No doubt that may have been true!!

 

 

For people's information, they did a news story here in Rochester about how criminals were gaining easy access to houses. People would leave their garage door openers in their cars outside the house. I never really thought about it before that piece aired but it's damn clever.

 

 

If you are trying to get on to someones wireless network admin, admin1, or guest those always seem to work. I work next to a bank and whenever I have to do homework at work I log on to their WiFi network and their password is admin1.

 

A friend of mine who drives a lot for his job has told me that if you pull into the parking lot of a hotel with free wireless your wireless connection will work there too.

 

 

From personal experience, don't blame the IT department for that one

 

A password policy like that comes from on high up from the Prince of Darkness themself. My fellow IT Nazi's would gladly make something that retardedly stupid into C0mp@nyn@me1 or OmF990dUn00bzw!11N3v3rHa><><0rzTh!s

 

 

Kaiser Soze?

 

I use a password of numbers and letters capital and lower case. The sites that tell you how secure your password is seem to like mine. I have also developed a software free spam filter that doesn't require you to check a separate folder to see if something important has been accidentally blocked. I'm a genius!!

[ExiledInIllinois]

On garage door openers there is a lock button on the main controller in the house. Mine you hold down for 3-5 seconds and the light flashes... Disabling all remotes. I use it when I go on vacation or park a car outside with a remote.

 

I suggest people use it like a "key."

[Steely Dan]

On garage door openers there is a lock button on the main controller in the house. Mine you hold down for 3-5 seconds and the light flashes... Disabling all remotes. I use it when I go on vacation or park a car outside with a remote.

 

I suggest people use it like a "key."

 

Why don't you just put the controllers in the house when you go away?

[ExiledInIllinois]

Why don't you just put the controllers in the house when you go away?

 

Oh.. They are... Usually one car is in the garage. I still use the lock feature for extended time away, in case anything crazy (who knows??) happens. One of my cars (the '06 Pacifica... HomeLink thingy) has the controller built right in.

 

My opener is relatively new (1997 0r so) and has rolling code.

[Fezmid]

What about enabling MAC filtering to only allow certain MAC ID's? Is there some way around that through the net?

Yeah, that's actually pretty easy to defeat -- anybody can change the MAC address of their NIC to whatever they want. It's a good extra step to take, and makes you harder to get into than your neighbor, but it's not really that secure.

 

Anyway... Doesn't one need a password to get into these programs? What is that 64 ASCII characters? Isn't that basically an Achilles Heel too??

 

It's easier to remember one 64 character password than 50 10 character passwords...

[Assquatch]

I worked somewhere that had roughly the same requirement...but you had to change it every two weeks, and couldn't use any of your last eighteen passwords.

 

Worst security I'd ever seen - since no one could EVER remember their current password, everyone wrote them down. Checking the under surface of the desk for a post-it note worked about half the time.

We have to change our passwords at work every so often and you can't re-use any of your last ten passwords. I dont mind rolling through three passwords or so but ten? When it makes me change my password I just do it every day for ten days then change it back to the one I want Yeah, I know.

[Booster4324]

We have to change our passwords at work every so often and you can't re-use any of your last ten passwords. I dont mind rolling through three passwords or so but ten? When it makes me change my password I just do it every day for ten days then change it back to the one I want Yeah, I know.

 

Waah. I have to test stuff on various servers that are mirrored anywhere from 1 week to 6 months. Two different user ids (thankfully those stay the same) and two different passwords to even log in. We have to change our passwords every 6 weeks or every two months (varies depending on the ID). We cannot use any of our last 6 passwords on one of the IDs. Frankly, it takes me longer to log in sometimes than it does to test.

[ExiledInIllinois]

Yeah, that's actually pretty easy to defeat -- anybody can change the MAC address of their NIC to whatever they want. It's a good extra step to take, and makes you harder to get into than your neighbor, but it's not really that secure.

 

 

 

It's easier to remember one 64 character password than 50 10 character passwords...

 

Thanks! I didn't know that.

[ExiledInIllinois]

We have to change our passwords at work every so often and you can't re-use any of your last ten passwords. I dont mind rolling through three passwords or so but ten? When it makes me change my password I just do it every day for ten days then change it back to the one I want Yeah, I know.

 

 

Keep the same format, just "roll" each character alphabetically... Say:

 

ABD#efg*6Ud3

 

Becomes:

 

BCE*fgh#7Ve4

 

 

Is that so hard?

 

[Chef Jim]

For people's information, they did a news story here in Rochester about how criminals were gaining easy access to houses. People would leave their garage door openers in their cars outside the house. I never really thought about it before that piece aired but it's damn clever.

 

It amazes me how many people have so much **** in their garage they don't have room for their car.

[Mr. Dink]

We're not as bad as the last 18 passwords....but writing them down on a Sticky Note

Don't let /dev/null catch you with a written down password. Or else the Hypnotoad will punk your ass down

Loser

[Pine Barrens Mafia]

We're not as bad as the last 18 passwords....but writing them down on a Sticky Note

Don't let /dev/null catch you with a written down password. Or else the Hypnotoad will punk your ass down

 

 

When I was an IT slave, I had clients who would stick their passwords ON THEIR MONITOR. I would just sit there and laugh at them.

[shrader]

Keep the same format, just "roll" each character alphabetically... Say:

 

ABD#efg*6Ud3

 

Becomes:

 

BCE*fgh#7Ve4

 

 

Is that so hard?

 

 

Or simplify that a bit and just roll one of the characters in the password.

[Chef Jim]

chef,

 

your real name isn't president skroob is it?

 

Why didn't anyone tell me my ass was this big?

[stuckincincy]

When I was an IT slave, I had clients who would stick their passwords ON THEIR MONITOR. I would just sit there and laugh at them.

 

For those that insist on a simple, short, easily-remembered p/w, here's a tip to increase security:

 

Change text to other characters - still easily memorable.

 

Example:

 

Iloveyou can be changed to 1LovEU@@ or some such.

[stuckincincy]

When I was an IT slave, I had clients who would stick their passwords ON THEIR MONITOR. I would just sit there and laugh at them.

 

For those that insist on a simple, short, easily-remembered p/w, here's a tip to increase security:

 

Change text to other characters - still easily memorable.

 

Example:

 

Iloveyou can be changed to 1LuvEU##

 

45mainstreet can be changed to 45MaynStr@@t

 

 

or some such. Not good - but better- inhibits a simple dictionary search attack.

Edited January 26, 2010 by stuckincincy

[Fezmid]

For those that insist on a simple, short, easily-remembered p/w, here's a tip to increase security:

 

Change text to other characters - still easily memorable.

 

Example:

 

Iloveyou can be changed to 1LuvEU##

 

45mainstreet can be changed to 45MaynStr@@t

 

 

or some such. Not good - but better- inhibits a simple dictionary search attack.

 

Actually, dictionary attacks have been using character replacement for years. 1=!, e=3, etc, etc. That's not secure anymore, sorry.

 

Your examples are probably strong enough though since they do more than simple character substitution.

[stuckincincy]

Actually, dictionary attacks have been using character replacement for years. 1=!, e=3, etc, etc. That's not secure anymore, sorry.

 

Your examples are probably strong enough though since they do more than simple character substitution.

 

Ah - sad to hear that the character replacement takes place...

[shrader]

Actually, dictionary attacks have been using character replacement for years. 1=!, e=3, etc, etc. That's not secure anymore, sorry.

 

Your examples are probably strong enough though since they do more than simple character substitution.

 

Do the dictionary attacks use the common misspellings of words too? If not, I'm sure there are millions of idiots around this country who have accidentally come up with a hard to hack password.

[DC Tom]

Do the dictionary attacks use the common misspellings of words too? If not, I'm sure there are millions of idiots around this country who have accidentally come up with a hard to hack password.

 

At this point, probably.

 

Though I'm now wondering if dictionary attacks include words such as "retatta".