If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(PC Magazine)   The 25 worst passwords of 2011. Your password is undoubtedly on here (but we won't tell anyone)   (pcmag.com) divider line 335
    More: Fail, passwords  
•       •       •

52319 clicks; posted to Main » on 18 Nov 2011 at 5:47 AM (2 years ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



335 Comments   (+0 »)
   

Archived thread

First | « | 1 | 2 | 3 | 4 | 5 | 6 | 7 | » | Last | Show all
 
2011-11-17 08:37:34 PM  
Churchy Protestant types use "Jesus" so frequently that it's absurd.
 
2011-11-17 08:41:02 PM  
Not like it matters when you've got it written down on a post-it note stuck to your monitor.
 
2011-11-17 08:49:34 PM  

Chariset: Not like it matters when you've got it written down on a post-it note stuck to your monitor.


Only an idiot would do that. I keep mine under my keyboard where nobody would ever think to look.

I also keep the combination to my luggage under there.
 
2011-11-17 09:05:47 PM  

Chariset: Not like it matters when you've got it written down on a post-it note stuck to your monitor.


I have seen this a lot. My favorite is when they are on computers that only a one or two people are supposed to have access to that are seldom used. They stick them to the monitor, under the mouse pad, under the keyboard, I even saw one written in sharpie on the monitor.
 
2011-11-17 09:22:42 PM  

Eddie Adams from Torrance: Chariset: Not like it matters when you've got it written down on a post-it note stuck to your monitor.

Only an idiot would do that. I keep mine under my keyboard where nobody would ever think to look.

I also keep the combination to my luggage under there.


Just for a larf I put a sticky note under my keyboard that read "Ceci n'est pas un mot de passe."
 
2011-11-17 09:30:15 PM  
Here, just use one of these:

{-#%np3j}mYW,v{
^TgY7ekd2
uSt(%LtpH
Ywo|/AHtKV
pL.e*S#032
_SIWrj;8,v
W!VX"?5%R0
}xBJ>^S\7R
5B57*'Nw*Z

Password strength: 65 bits.
Should protect you against most governments.

"=l2_7>CaK9eoGw ~:4$UoP
u@.R}q QbfmB,(8%}W*:K%P
v8d&UfGJo;&j]JaxMFZnN)h
jBgeg|XC{S.S5.W$^pu>8t+
vu8b7&@g]"GSQ52`f,./7+z
Qji^g}rFEYFS ybprKMq~]D
R@y`ra$4o80;L!k|w!k2!6/
VgISLw=;x,Ba:jNLP};4QB{
E];Wb?KdHYUe\K|C;fG~.-l
W/v!i^)zU;c!=eIGh84)I/G

Password strength: 151 bits.
Should protect you against mortal civilizations.

http://www.mytsoftware.com/dailyproject/PassGen/PassGen.html
 
2011-11-17 09:56:10 PM  
I find cryptography very interesting. I'm not very good at puzzles (too impatient for decryption problems) but the principles of cryptography allow you to customize your security to the job (from simple substitution cyphers to diabolical random codes and public cyphers).

If you understand cyphers and codes (and the reasoning behind encrypting text), you have an advantage over common mortals and hackers in that you can choose passwords that are appropriate to the value of the thing being protected and the length of time it needs to be protected.

You also learn techniques for hiding the password or generating a password hint that is relatively secure.

For example, if you have a book on your desk, you can generate an very long list of book codes. Instead of using your child's birthday, for example, you could turn the date into a password.

Let's say, for example, your child was born 92-06-07. You could, for example, take the string of first characters on each line of pages 92, 6 and 7 (say three or four at a time) and generate a password which only you know and which you can easily look up if you forget it. Few people are going to think of this, but if they do there are enough numbers and names and meaningful sayings for them to have a hard time figuring out the exact method used to generate the password.

You could also take the 92nd, 6th and 7th characters on each page, repeating as necessary. There are so many possible rules you can use, and they can be made arbitrarily simple or complex withou jeopardizing your password's security in a meaningful way. You can hide the "hint" and the "password" in plain sight--post it right behind your computer monitor in the form of a poster, a memo, a table of data or the instructions for your job, your computer log-in or callling help desk.

Or you can cut out the middle man and just use a favorite line of poetry or a line from the lyrics of a song if your passwords can be long. Some hackers use dictionaries, so you'd need a long string of words to get a password as strong as a string of pseudo-random or totally random characters. But a sentence can be a surprisingly strong password because there are so many possible sentences of six or more words. The English language alone has about 1,000,000 words counting technical terms.

My message "Ceci n'est pas un mot de passe" (this is not a password) might actually be my password--or a hint to a password such as MagritteR1929, or it could be the key to a devilishly sophisticated password. If a hacker has to guess what kind of password generator you are using, they are screwed provided it is long enough and random enough--the use of letters, numbers and other keyboard symbols is a must to avoid a brute force attack, while length and unpredictability is necessary to avoid a dictionary attack.

A lot of the smarter security geeks give you some idea how strong your password before you finalize it. This makes it impossible for the luser to be really stupid, at least in the selection of the password.

Nobody can save a blabbermouth or an idiot.

The great thing about a long password is that it can be something you already have memorized and still be secure because there's no need to write it down and little risk of you forgeting it. Also, the "hint" can be anything--it doesn't even have to be a word or factoid. It could be that office toy you've had on your desk for years before chossing it as a hint to your new password.
 
NFA [TotalFark]
2011-11-17 10:18:42 PM  
Pfffttt...

Who worries about passwords? The bootable USB I keep in my wallet will give me ALL your passwords in less than 3 minutes.
 
2011-11-17 10:23:56 PM  
www.ihiji.com
FTW
Just make sure master password is strong. Last password I made would take ~8,000 years to crack at 10,000 attempts per second.

/of course, a key logger would negate that
//yubi key would help with that
 
2011-11-17 10:47:59 PM  
hunter2
 
2011-11-17 11:49:27 PM  
!Q@W#E$R%T^Y isn't one of them?
 
2011-11-18 12:17:46 AM  
My passwords include some pretty obscure stuff. So obscure in fact that I doubt the average farker would get the references.
 
2011-11-18 12:24:26 AM  

brantgoose: Here, just use one of these:

{-#%np3j}mYW,v{
^TgY7ekd2
uSt(%LtpH
Ywo|/AHtKV
pL.e*S#032
_SIWrj;8,v
W!VX"?5%R0
}xBJ>^S\7R
5B57*'Nw*Z

Password strength: 65 bits.
Should protect you against most governments.

"=l2_7>CaK9eoGw ~:4$UoP
u@.R}q QbfmB,(8%}W*:K%P
v8d&UfGJo;&j]JaxMFZnN)h
jBgeg|XC{S.S5.W$^pu>8t+
vu8b7&@g]"GSQ52`f,./7+z
Qji^g}rFEYFS ybprKMq~]D
R@y`ra$4o80;L!k|w!k2!6/
VgISLw=;x,Ba:jNLP};4QB{
E];Wb?KdHYUe\K|C;fG~.-l
W/v!i^)zU;c!=eIGh84)I/G

Password strength: 151 bits.
Should protect you against mortal civilizations.

http://www.mytsoftware.com/dailyproject/PassGen/PassGen.html


VgISLw=;x,Ba:jNLP};4QB{

I'm changing mine to this one. Something about Vaginal Cole Slaw maybe.
 
2011-11-18 01:09:59 AM  
Hey, that's the combination to my luggage!
 
2011-11-18 01:23:47 AM  
Fiddl3sticks;;

Meets system requirement of at least one uppercase, one lowercase, one numeral, one special character, more than 8 characters long, easy to type and remember.
 
2011-11-18 01:32:01 AM  
I use the same password for everything and nobody will ever guess it. It's uP7hep00p3r. See how hard that is to guess? I'm totally secure.

Oh wait-
 
2011-11-18 02:06:25 AM  
all eleventy of my passwords are perfectly cromulent words.
 
2011-11-18 03:10:22 AM  
michael as a password? Give me a break.

That's my real first name. That is something that I would never use as a password. Ever.
 
2011-11-18 03:15:43 AM  
I would've thought that by 2011, most systems would require all passwords to have both numbers and letters. Guess I'm wrong.

Also, [insert xkcd.jpg here]
 
2011-11-18 03:58:02 AM  
Did you know you can type your Fark password in here and it will still censor it? Like this:

*************

See? It works!
 
2011-11-18 05:13:53 AM  
What's even worse? Days later, the password was still "nbu123."


Well, changing the password after the hack would be like locking the garage after the barn door stole the horse's car.

Or something like that.
 
2011-11-18 05:54:12 AM  
No god?
No l337 spelling of 'password' with the standard changes?
 
2011-11-18 05:55:04 AM  
My password is the name of my cabbage patch kid mixed with a random number or two.

I feel good about it.
 
2011-11-18 05:56:02 AM  
I just use seven asterisks!!
 
2011-11-18 05:56:09 AM  
I use the full birth name of one of my favorite people and the year they were born. Never been cracked. They do have a unique name though.
 
2011-11-18 06:01:11 AM  
Use lines from songs, with numerals on the end. You'll remember them, and they're hella long if you want.

proudariadneonewordmywilltosustain11

lovetokickmyfeetwaydowntheshallowwater01 etc

then when it's new password time, just go to the next line -

shooflydragonflygetbacktomother01

/protip - the gsa box should NOT be 1234....
 
2011-11-18 06:01:53 AM  
I use common, everyday words. From an obscure, near-dead language.
 
2011-11-18 06:03:29 AM  
imgs.xkcd.com
 
2011-11-18 06:03:52 AM  
jellynipples
 
2011-11-18 06:04:28 AM  

jaylectricity:
VgISLw=;x,Ba:jNLP};4QB{

I'm changing mine to this one. Something about Vaginal Cole Slaw maybe.


It's a good topping for the roast-beef sandwich. But if you use it while pregnant, you might wind up having cabbage-snatch kids.
 
2011-11-18 06:04:53 AM  
they make good spy sentences

micheal football
letmein trustno1 iloveyou
master ashley bailey
sunshine shadow superman

and my favourite

Monkey dragon baseball

/purple monkey dishwater
 
2011-11-18 06:05:48 AM  
I trust in The Lord for my cyber security needs. You should to. Come on and get happy!
 
2011-11-18 06:09:14 AM  
brantgoose: each line of pages 92, 6 and 7

Ebooks don't have pages.

This reminds me too much of some old school games where you needed to punch in some info from the manual when asked.
 
2011-11-18 06:18:01 AM  
My password is 8 asterisks with no spaces. Sometimes I don't even have to type them in. Sometimes I'll use 10 in a row
 
SH
2011-11-18 06:19:24 AM  

brantgoose: Here, just use one of these:


Rubbish.

Use passphrases.
http://passphra.se/

Check strength here:
https://www.grc.com/haystack.htm

Complain to sites that limit the passwords enough that you cant use the strong phrases (like my bank).
 
2011-11-18 06:20:45 AM  
If presented with a password prompt just type (in all caps) "OVERRIDE ALL SECURITY".

It works every time.

// ...or at least it does in movies
 
2011-11-18 06:21:29 AM  
In college, I had set my password to "somethingeasytoremember". I was really proud of myself and thought myself really witty and ironic when I would tell people, "Yeah, my password is just something easy to remember." That is, until someone figured out what I meant and trashed my VMS shell account.

Good lesson learned. I deserved every bit of it.
 
2011-11-18 06:22:55 AM  
I have a Master Format for mine. There are variations with numeral and special character placement, but the core remains the same. It is better than keeping up with 40-50 unique codes.
 
2011-11-18 06:24:24 AM  
3.bp.blogspot.com

Someone didn't bother reading my carefully prepared memo on commonly-used passwords.
 
2011-11-18 06:27:10 AM  
I've been known to use high ASCII characters in some of my more important passwords. Not all sites will accept it though.
 
2011-11-18 06:34:30 AM  
My password starts with one of two key fob seeds with 6 random numbers.

a coin toss decides which fob will be used for the week.

for six hours I will randomly select one number from the selected key fob as my new password numbers.

Once I get 6 numbers and have wasted 6 hours I'll use "password" like any normal user....
 
2011-11-18 06:35:31 AM  
correcthorsestaplebattery
 
2011-11-18 06:39:02 AM  
ah, I see it's been posted
 
2011-11-18 06:40:45 AM  

Fritriac: [imgs.xkcd.com image 640x519]


Quite so.

The problem is we've written libraries of software that developers use that doesn't allow for a memorable password to be put in. Until those libraries and all the software built from them is updated... we're stuck.

I'm a pretty big geek and I struggle to remember all a "secure" password. So I write it down somewhere. S/he who control my iPad controls the server farm.
 
2011-11-18 06:45:03 AM  
Really the XKCD carton is right. Just use a sentence from one of your favorite books. I ran mine through LoPHTcrack back in the day, and after 18 hours using brute force and plenty a processing power, it had come no were close to busting it.

To all the geeks out there, what is a good successor to LoPHTcrack?

/Not a Black Hat
//I wear a white one
///Just horribly lazy
 
2011-11-18 06:47:49 AM  
The password is asstastic

That's right

ass

tastic
 
2011-11-18 06:49:15 AM  

lordargent: brantgoose: each line of pages 92, 6 and 7

Ebooks don't have pages.

This reminds me too much of some old school games where you needed to punch in some info from the manual when asked.


Ebooks do have pages, but they change based on font size... You could always try something with 10-25-73-6: Meaning font size 10, first word on each page, or something similar to that...

Just a little more help in an already obvious thread...
 
2011-11-18 06:50:51 AM  
12345

/Not druish.
 
2011-11-18 06:51:38 AM  
rick$antoruma$$lubemilkshakefroth

so secure, so easy to remember
 
2011-11-18 06:52:57 AM  
My password is cooler than yours!
 
Displayed 50 of 335 comments

First | « | 1 | 2 | 3 | 4 | 5 | 6 | 7 | » | Last | Show all



This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »






Report