Old people pick better passwords, apparently, says Cambridge

[Ichinisan]

Most online banking sites have limits on how many times you can attempt to login, so bruteforce will not work on them. You can use "sammich" as your password. 🙂

Office/Adobe/archive/etc files is another story

...but there could be some back-end system that doesn't have the same restriction as the web interface.

 

[HeXen]

i used 13 alpha numerics for my gmails and they got hacked. kept happening regardless so i deleted them cause google kept shutting me off. to heck wth google
funny thing is i only used 3 of them a few times, dunno how someone found them or wanted them so bad.

 

[Jeff7]

Nope. Lots of things do not accept spaces in passwords. I set my password at work to include spaces and it caused problems with the proxy server.

Also a stupid restriction. Is it just lazy programming? Or is it that there are a few old code snippets hanging around, back when a full megabyte of RAM was something that was only available in supercomputers?

Hell, Pro/Engineer, CAD software, doesn't accept filenames with spaces, nor does it accept filenames that are more than 32 characters. Within the program, custom feature names cannot include spaces either - but they can accept Alt+255 instead of a space. But oddly enough, if a new feature is created, it will have a name such as "Extrude 1" or "Hole 1", with a space in the name. But if you try to copy and paste that same name into a different feature (paste after renaming the original feature), it's rejected for having a space in it.
Portions of that program are quite old. The menu system is a mix of Windows-style drop-downs and dialog boxes, as well as their much older interface style used with Unix.

More features! Less usability!

 

[Ichinisan]

i used 13 alpha numerics for my gmails and they got hacked. kept happening regardless so i deleted them cause google kept shutting me off. to heck wth google
funny thing is i only used 3 of them a few times, dunno how someone found them or wanted them so bad.

Weak security question, probably. Or they compromised your recovery email address.

Just use Google two-step authentication. You can also have super-long, unique passwords that you can associate w/ a description and revoke at any time. So, if my HP TouchPad gets stolen, I can log-in to my Google Accounts, go to Settings > Authorizing Applications & Sites, then revoke my password for "HP TouchPad IMAP" and "HP TouchPad Chrome Sync".

Done.

 

[Anubis]

my dad is old, he forgets the passwords to everything he has them for after 1 use

 

[HeXen]

Just use Google two-step authentication.
Done.

i did, that was part of the problem. i kept having to authenticate it. At some point my phone died, i never replaced it and i never could authenticate it.

The final problem was since i had no phone access, Googles support was asking difficult questions like the date and time i created the accounts...its been years and i could not recall an approximate date.
so 3 of the 4 i deleted. the last one i couldn't athenticate cause my phone died

but like i said, i hardly used them, not sure how anyone knew what the email address's was. Usually they were used when signing up for things like amazon, steam or forums...etc.

imo, i think Google was full of ***. having to authenticate my accounts at least once a month..for four wierd named accounts. c'mon now. less someone hacked their server and i was random victim or something. but whatever, i don't think it matters much what kind of password you use, you can still get stolen

 

[sdifox]

1,2,3,4,5 is a pretty important password

 

[Howard]

Time to start hating on against Indonesian teens.

 

[Matthiasa]

Nope. Lots of things do not accept spaces in passwords. I set my password at work to include spaces and it caused problems with the proxy server.

If space isn't accepted use _ in place of it.
If _ isn't accepted the software used definitely needs an update.

 

[WhoBeDaPlaya]

I've seriously used the same password for 25 years now on everything. Hasn't failed me yet.

Same here, albeit I have a few that I use. Have a tiny C program I wrote back in HS that generates a string of random chars (you decide the length, upper + lower case, symbols, etc.).

I just memorized a few of what it spit out 🙂

1,2,3,4,5 is a pretty important password

http://www.youtube.com/watch?v=a6iW-8xPw3k

 

[ShawnD1]

my dad is old, he forgets the passwords to everything he has them for after 1 use

I found a way around this problem. I gave a hardcover notebook to my parents. Any time I help them do anything, I write it down. It includes
-their wireless network's name
-their wireless network's password
-their router password
-their email login information
-facebook login information
-their windows login information
-how to use the dvd player

It's very important that the book is hard covered and none of the pages can be taken out. Soft cover would be destroyed when they stash it away somewhere stupid, and pages would be lost if it were a binder.

 

[drebo]

Assuming their database doesn't get hacked. If someone gets the hashes, it's pretty easy to brute force passwords at your leisure. A lot of it probably depends on the exact setup.

Which is exactly why the passwords themselves are useless and the security of the application itself is what matters.

Password hashes should be salted, which makes them impossible to brute-force unless you know the exact salt. If the salt is semi-random, it makes it even that much more difficult to crack.

 

[Linflas]

I found a way around this problem. I gave a hardcover notebook to my parents. Any time I help them do anything, I write it down. It includes
-their wireless network's name
-their wireless network's password
-their router password
-their email login information
-facebook login information
-their windows login information
-how to use the dvd player

It's very important that the book is hard covered and none of the pages can be taken out. Soft cover would be destroyed when they stash it away somewhere stupid, and pages would be lost if it were a binder.

Nice to see such respect for your parents.

 

[MotionMan]

Nice to see such respect for your parents.

So we should deny the facts, based on, I am sure, past behavior, and ignore the best course of action given the circumstances for fear of disrespecting our parents?

If your father got into a car accident every time he drove, would you refuse to take away his car because is shows a lack of respect?

MotionMan

 

[Ichinisan]

I found a way around this problem. I gave a hardcover notebook to my parents. Any time I help them do anything, I write it down. It includes
-their wireless network's name
-their wireless network's password
-their router password
-their email login information
-facebook login information
-their windows login information
-how to use the dvd player

It's very important that the book is hard covered and none of the pages can be taken out. Soft cover would be destroyed when they stash it away somewhere stupid, and pages would be lost if it were a binder.

Not secure unless you keep the binder in a safe w/ a combination biometric/password lock.

 

[MotionMan]

Hmmmm.....let's see. With my admittedly small sample size, I'm 58 and I don't write any of my pw's down, just remember them. Wife, 57, is the same. Father-in-law, 82, doesn't write down his and simply remembers them....my mother, 79, remembers hers without post-its.

On the other hand, a couple of 20+ y.o. co-workers keep lots of their pw's in their respective wallets on scraps of paper, something none of us oldsters do.

My experience is the exact opposite with my 73 year old mom, dad and father-in-law, my step-mother-in-law and many of their friends. However, none of my friends (40's) have to write down their passwords.

Go figure.

MotionMan

 

[Ichinisan]

So we should deny the facts, based on, I am sure, past behavior, and ignore the best course of action given the circumstances for fear of disrespecting our parents?

If your father got into a car accident every time he drove, would you refuse to take away his car because is shows a lack of respect?

MotionMan

I got the impression it was a sincere compliment because ShawnD1 cares about his parents enough to do all that for them.

 

[MotionMan]

I got the impression it was a sincere compliment because ShawnD1 cares about his parents enough to do all that for them.

Nope. Reads the exact opposite of a compliment (He was berating him for treating his parents like children).

MotionMan

 

[KLin]

lastpass FTW

 

[ShawnD1]

Not secure unless you keep the binder in a safe w/ a combination biometric/password lock.

Something tells me chinese hackers won't try to break into their house

edit
My google account was hacked once and it had to be reset by sending a text to my phone. I'm guessing that was done by bots/chinese, not by someone I know.

 

[Jeff7]

Here's another one I just encountered: Sites that require you to register in order to download datasheets, except this one requires:
- 8+ characters
- At least one uppercase, one lowercase, one number.
- Cannot contain first name, last name, or company name.

So what happens if someone breaks into one of these accounts? Oh god no, they'll be able to access free product datasheets!

 

[MotionMan]

Here's another one I just encountered: Sites that require you to register in order to download datasheets, except this one requires:
- 8+ characters
- At least one uppercase, one lowercase, one number.
- Cannot contain first name, last name, or company name.

So what happens if someone breaks into one of these accounts? Oh god no, they'll be able to access free product datasheets!

At my dad's work, he would have to change his password once a WEEK, it had to have at least one capital and 1 number and a password could not be repeated for a year.

He would hang the 49ers team picture on his wall and start from the first guy in the first row and work his way through the picture until the next years picture came out (i.e. "Montana16", "Rice80", etc.)

MotionMan