Good read for anyone who wants to know what makes an insecure password. http://arstechnica.com/securit... correct horse battery staple is now pretty weak if used on its own. Best to use a password manager that creates long random passwords.
Steven Perez,
John (bird whisperer),
Steve Cleary,
bentley,
Andrew C (✔),
Jenny H.,
Jennifer Dittrich,
and
imabonehead
liked this
Or use systems that don't use passwords at all.
- Scoble, Alex Scoble
2 factor authentication
- Jeff (Team マクダジ )
Windows needs to be able to use RSA certificates out of the box like Linux can.
- Scoble, Alex Scoble
Maybe I have a high pain tolerance, but I don't find two factor annoying
- Jeff (Team マクダジ )
Every few months I have to open Google's two-factor app. It's been painless. For most sites I use a password manager. I don't trust sites to keep my password secure so I can't reuse even a long unique cryptic password.
- Amit Patel
Any recommendations for password managers? I used Roboform until the second time that they wanted me to pay for free lifetime upgrades.
- Greg GuitarBuster
Greg - I use Lastpass for personal and Business. Its worth the cost and works well for what it provides.
- CW
1Password4LYFE
- Akiva
Didnt lastpass have a securty breach?
- Jeff (Team マクダジ )
LastPass had a suspected security breach, was open about it and detailed what steps they took to prevent another one. As far as I know, no accounts were compromised because of their breach and I haven't heard of them having another.
- Scoble, Alex Scoble
LastPass has no single point of failure as your hashes are stored on each of your devices that it's installed on. I use two factor for the main password and I'll take randomized passwords for each site/service over non-randomized passwords generated by a human every day of the week.
- Scoble, Alex Scoble
Maybe I'll give them a shot
- Jeff (Team マクダジ )
It's free if you just use it on your Windows laptop or workstations, Jeff. $12 a year if you want it on all your mobile devices too. #MoneyWellSpent
- Scoble, Alex Scoble
And you can integrate the master pass with Google's time based authentication system.
- Scoble, Alex Scoble
one interesting thing I got from this is that a site's salt is relatively unhelpful for security because weak passwords get cracked anyways -- and that helps crackers find the salts as well.
- Andrew C (✔)
Once quantum computers are more widespread, anything that doesn't utilize some sort of two-factor authentication is going to be ripe for cracking.
- Victor Ganata
Thanks, CW and Alex for the suggestion. I installed LastPass. Now, for serious threadjacking...things an insecure password/system might say "Does this make my hash look fat?"
- Greg GuitarBuster
WTF? That doesn't make any sense. Why aren't they pushing people to use Google Authenticator wherever it can be used?
- Scoble, Alex Scoble