• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Password Strength

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Originally posted by: RebateMonger
It's amazing how many sites are STILL only allowing up to seven characters and no special characters. Many of those sites are banks.
Click to expand...

That was one of the things that prompted my question. I've been seriously constrained by site limitations before. I use 2 passwords for everything. One is for forums and things, and the other is for more important stuff. My medium strength password I mentioned earlier is due to website constraints, and there's a couple that can't use my full password. I had to make an adjustment :^S. It wasn't my first choice, but I don't want 10 passwords that are all completely different. I don't write them down, so I have to keep them in my head.
 
Originally posted by: RebateMonger
It's amazing how many sites are STILL only allowing up to seven characters and no special characters. Many of those sites are banks. And don't even get me on those special "Security" questions. Ask Sarah Palin how secure those are.

As far as Windows passwords, LONG (16-plus character) passphrases with at least one mis-spelled word or other abnormality are good enough for me. All of my machines will lock out about ten billion times before those are guessed by a brute-force or dictionary attack.

While maybe not optimal, the people who get broken into are those using Security questions or common, short, passwords. Those are VERY common, even as Administrator accounts on servers. There's no reason to waste time on ten billion brute-force attempts when so many PCs, servers, and email and bank accounts have easy-to-guess passwords. Email accounts are great, since most contain emailed passwords and account information, and many folks don't consider them important enough to protect with strong passwords.
Click to expand...

Thanks for reminding me, I've been meaning to change my email password to this badass one I thought up a few weeks ago. Done.
 
Originally posted by: RebateMonger
Originally posted by: lxskllr
I don't write them down, so I have to keep them in my head.
Click to expand...
I keep my list in a high-encryption Excel 2007 spreadsheet that's backed up a couple of ways.
Click to expand...

All you need is keepass and dropbox. using dropbox you can keep keepass in sync between all your computers. This way all you need to remember is one password.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top