You are not logged in. [Log In]


Forums » General Discussion » The Water Cooler » Enter Password Here:

Page 1 of 2 1 2 >
Topic Options
Rate This Topic
#403397 - 04/21/14 12:43 PM Enter Password Here:
MarkSJohnson Offline
shareholder in the making

Registered: 09/27/04
Posts: 11437
Loc: Central NH
I really need to change all my passwords, and I'm running into the same quandary that every other computer user deals with: Creating a totally different, nonsensical password for every site is the safest but unwieldy solution, and using 012345 everywhere is easy but useless from a security standpoint.

Right now, I use variations on a theme for the 60 or so websites that I use, and I keep those on a paper and .txt document that I can refer to as needed. (Am I sharing too much info in a public forum???) smile

I need to make an email address change on all these sites and thought I would come up with a more secure but more manageable password system while I'm at it.

For the first time, I'm looking into Password Management software (primarily Roboform Everywhere) and wonder what everyone else is doing?
_________________________
::::::: No disrespect to Axiom, but my favorite woofer is my yellow lab :::::::

Top
#403399 - 04/21/14 12:58 PM Re: Enter Password Here: [Re: MarkSJohnson]
ClubNeon Offline
connoisseur

Registered: 02/06/09
Posts: 3466
Loc: Western Maryland, USA
I do something like this:

1. Take a password only known to me.
2. Use it on every site, but...
3. Hash it with the domain of the site.

For example:
Say I'm using the password, "password".
For axiomaudio.com I would take the string, "password+axiomaudio.com", and run it through a hashing algorithm.

I have the tools on my computer to do my own hashing, but you can use a site like this: http://www.sha1-online.com/

So "password+axiomaudio.com" hashed with MD5 becomes: 287398526177c51d26bfc383fb4a27f8

You can use some rule to shorten the password. Like only use the last 12 characters. To make it a little stronger, capitalize the last letter, and change the second number to it's "shifted" version.

So the final password becomes: c3*3fb4a27F8

Using those rules, you can always figure out what your password for a site should be, and it will be unique for each domain.
_________________________
Pioneer PDP-5020FD, Marantz SR6011
Axiom M5HP, VP160HP, QS8
Sony PS4, surround backs
-Chris

Top
#403401 - 04/21/14 01:14 PM Re: Enter Password Here: [Re: MarkSJohnson]
MarkSJohnson Offline
shareholder in the making

Registered: 09/27/04
Posts: 11437
Loc: Central NH
Thanks Chris! But then how do you remember that password for convenience when re-entering the site?
_________________________
::::::: No disrespect to Axiom, but my favorite woofer is my yellow lab :::::::

Top
#403403 - 04/21/14 01:19 PM Re: Enter Password Here: [Re: MarkSJohnson]
tomtuttle Offline
axiomite

Registered: 06/20/03
Posts: 8488
Loc: Tacoma
I'm interested in this topic, too. Thinking about paying for LastPass, since I often use my phone and/or iPad in addition to PC.

I'm not sure I'm quite geeky enough to use Chris' method.
_________________________
bibere usque ad hilaritatem

Top
#403404 - 04/21/14 01:21 PM Re: Enter Password Here: [Re: MarkSJohnson]
CatBrat Offline
axiomite

Registered: 08/05/09
Posts: 6015
Loc: Milky Way Galaxy
Passwords have always been a weak point for me. I picked a few several years back and keep using them over and over again. Definitely need a better way. I like combining 2 or more words with different capitalization and including numbers.

Top
#403405 - 04/21/14 01:23 PM Re: Enter Password Here: [Re: MarkSJohnson]
J. B. Offline
connoisseur

Registered: 01/19/11
Posts: 1291
Loc: Quebec, Canada
what i've been doing for years is this:
i think up a phrase like: "No body will ever break that pass word but me".

then when i have to write the password, i only write the first letter of each word; this is the result:
"nbwebtpwbm".
if a site also wants at least one number in the password, then i just add the number 1 at the end.

no one can ever guess at the phrase i use, much less at the pass itself, and this combination of letters can't be found anywhere.

works good for me.
_________________________
See: http://www.blu-ray.com/community/gallery.php?member=Gelli
or: Axiom Gallery

Top
#403406 - 04/21/14 01:31 PM Re: Enter Password Here: [Re: MarkSJohnson]
ClubNeon Offline
connoisseur

Registered: 02/06/09
Posts: 3466
Loc: Western Maryland, USA
Originally Posted By: MarkSJohnson
Thanks Chris! But then how do you remember that password for convenience when re-entering the site?

Learn to perform MD5 hashes in your head?

I just use the save password feature of the browser (and have a bookmarklet that removes the instruction from a site telling the browser to not save the password on the few sites that do that). Then I have a master password in the browser to keep prying eyes out.
_________________________
Pioneer PDP-5020FD, Marantz SR6011
Axiom M5HP, VP160HP, QS8
Sony PS4, surround backs
-Chris

Top
#403407 - 04/21/14 01:35 PM Re: Enter Password Here: [Re: MarkSJohnson]
ClubNeon Offline
connoisseur

Registered: 02/06/09
Posts: 3466
Loc: Western Maryland, USA
Create a bookmark with the following string as the URL:

Code:
javascript:(function(){var%20ca,cea,cs,df,dfe,i,j,x,y;function%20n(i,what){return%20i+%22%20%22+what+((i==1)?%22%22:%22s%22)}ca=cea=cs=0;df=document.forms;for(i=0;i<df.length;++i){x=df[i];dfe=x.elements;if(x.onsubmit){x.onsubmit=%22%22;++cs;}if(x.attributes[%22autocomplete%22]){x.attributes[%22autocomplete%22].value=%22on%22;++ca;}for(j=0;j<dfe.length;++j){y=dfe[j];if(y.attributes[%22autocomplete%22]){y.attributes[%22autocomplete%22].value=%22on%22;++cea;}}}alert(%22Removed%20autocomplete=off%20from%20%22+n(ca,%22form%22)+%22%20and%20from%20%22+n(cea,%22form%20element%22)+%22,%20and%20removed%20onsubmit%20from%20%22+n(cs,%22form%22)+%22.%20After%20you%20type%20your%20password%20and%20submit%20the%20form,%20the%20browser%20will%20offer%20to%20remember%20your%20password.%22)})();


Then if you click that bookmark on a site that doesn't allow password saving it'll disable that code. You might have to click it again when visiting the site next to allow the loading of your saved password. You can get GreaseMonkey to do the same thing automatically, if it is too much of a problem.
_________________________
Pioneer PDP-5020FD, Marantz SR6011
Axiom M5HP, VP160HP, QS8
Sony PS4, surround backs
-Chris

Top
#403408 - 04/21/14 01:36 PM Re: Enter Password Here: [Re: J. B.]
CatBrat Offline
axiomite

Registered: 08/05/09
Posts: 6015
Loc: Milky Way Galaxy
Originally Posted By: J. B.
what i've been doing for years is this:
i think up a phrase like: "No body will ever break that pass word but me".

then when i have to write the password, i only write the first letter of each word; this is the result:
"nbwebtpwbm".
if a site also wants at least one number in the password, then i just add the number 1 at the end.

no one can ever guess at the phrase i use, much less at the pass itself, and this combination of letters can't be found anywhere.

works good for me.


I used this method years ago with "We All Live In A Yellow Submarine" or waliays.

Top
#403409 - 04/21/14 01:43 PM Re: Enter Password Here: [Re: MarkSJohnson]
ClubNeon Offline
connoisseur

Registered: 02/06/09
Posts: 3466
Loc: Western Maryland, USA
If you're using the same phrase for all sites, it doesn't matter how hard it is to guess. All it takes is for one site to screw up, and a bot to be programmed with their leaked list, and all your accounts will start being hacked (well, at least your webmail accounts, because that's what spammers want).
_________________________
Pioneer PDP-5020FD, Marantz SR6011
Axiom M5HP, VP160HP, QS8
Sony PS4, surround backs
-Chris

Top
Page 1 of 2 1 2 >

Moderator:  alan, Amie, Andrew, axiomadmin, Brent, Debbie, Ian, Jc 
Forum Stats

15,238 Registered Members
15 Forums
24,017 Topics
424,292 Posts

Most users ever online:
883 @ 03/04/17 05:06 PM

Top Posters
Ken.C 18044
pmbuko 16437
SirQuack 13571
CV 11677
MarkSJohnson 11437
0 registered ()
46 Guests and
3 Spiders online.
Key: Admin, Global Mod, Mod
Newsletter Signup