Is you password strong, Holla Forums?

Is you password strong, Holla Forums?

Other urls found in this thread:

passwordstore.org/
youtube.com/watch?v=u5pnDkrCsDQ
theregister.co.uk/2016/07/12/password_reuse_checking_tool/
youtube.com/watch?v=jdyiZSPYm9s
twitter.com/SFWRedditVideos

...

All my passwords are generated using pwgen, so yes.

More than 60 characters which of course include numbers and symbols. Only takes me about 30 minutes to memorize it and I change it every month or every time the paranoia sets in.

I hope you aren't saying you use the same password for everything.

Absolutely not.

That's good. I met a guy once that did something similar where he generated a long password and memorized it, but then used it for literally everything since he didn't want to memorize more than 1 long password. One of the websites he used stored his password insecurely in plain text, and just about every account he owned got stolen. kek

Is 4(6m9#&[email protected]/* */_:2S strong?

i set my passwords to a long random string and then just reset it via email it every time i need to actually use the website

no my passwords are easy, never been hacked since I'm not a faggot

No, you pleb.
u»%ÓTfÙÎø¯×\,9{TºìÂÁ8&fHöñB¥¢ó¾hdädñä¡ë|O1AOG/¦NÖ{ä¬ÆJZ3SiÅ5´øì+úEá

Not any more

I store my keys in TPM and use a 4 char password to access them.

Stronger than your grasp of the English language.

My password is extremely good. I use those face recognition "passwords", but instead of my face, I use my dick. Plenty of people have pictures of my face, but nobody has a picture of my dick.

I use diceware and a randomly generated salt. I think I'm pretty good to go.

Why don't you save the webm with original filename? >>>Holla Forums9996390

That feature's been broken for months now, at least for me.

yes, and since months people tell each other to right click and save it until it get's fixed. It uses the original name then.

This, password managers are so convenient aswell i dont know why theyre not the standard

Assasinx35x88
what is your opinion on this password? i use it everywhere

No. most of my passwords are the same unless i have to add a 1 or a !. Someday ill be hacked but such is lfe.

I think they have this thing called paper and you can write shit on it.

b-but then you will have 3 passwords! oh no! didnt you watch the webm?

Passwords (And The Troubl….webm
As you can see, the site is doing everything correctly according to the standard for setting a download name. Your browser is what's broken.

I have a basic password algorithm for a given website and its address:

T.123pthewebsitesbrandnameorpurpose

And its different for each website yet easily memorable

Weird. Firefox, Seamonkey and Qupzilla/Webkit on Gentoo don't work, while Qupzilla/WebEngine and Chromium work fine with right click on Windows.

That's still very vulnerable to a manual attack. If someone sees that password it's obvious for them to replace the part with the website's name to try it on other sites.

I wouldn't be surprised if there are even automated attacks that check for that strategy. And I'm almost certain that there are automated attacks that add the service's name to the list of things to combine and try.

What's the deal with stupid sites like kongregate or neopets requiring email? I get it if you want to confirm someone's account if you're in a business environment, but if the site's just for fun make it optional, don't be a faggot. After all, telephone number isn't required, so why would email.

I think this used to work on Holla Forums, Holla Forums and Holla Forums, but not on other boards.
It doesn't work for me on icecat

I also use the month and year that made the website account. Most of my passwords are 20 character range but each one is unique and I can remember them. I do set 3 tiers for my passwords lower tier vulnerable as you said the other two have the seasonal foods when the passwords are made one produce the other is meat. I'm a cook so it comes naturally to me.

No, it's not implemented correctly as per spec, due to CORS or whatever.

That's much better. Still, the website name adds almost no strength.

can you guys recommend good password managers? I am a bit paranoid here and don't know which one to trust.

KeepassX is good.

Avoid anything proprietary (i.e. not open source) or online.

tr -dc '[:graph:]' < /dev/urandom | head -c 64; echo;

keepass, keepassX as this guy said.

Avoid Lastpass, its compromised.

You should do something like this:

Password = sha512('yourMasterPass'+'-'+'service.com')

e.g. sha512([email protected]/* */@g'+'-'+'gmail.com')

... and then concat to 16 chars.

That way one service compromised does not run the risk of compromising you anywhere else.

Any opinion on pass?
passwordstore.org/

I use it and haven't had any problems with it yet.

That's literally what I use in my .bashrc:
printf "%.${length:-32}s" "$(openssl sha256 -binary

passwordstore.org/

This is a bad idea. If you get hacked they'll get your master password and technique rather than just whatever sites you logged into before noticing.

...

you came in this thread and posted nothing of value.
Why even bother?
Don't you have pacman to config?

actually believing this

it's )(zV3z03
please don't delete this post

I got a password manager now, keepassx. What exactly can I do with this now? Is it just a piece of software to store my passwords? E.g. when I try to log in I look it up there, or does it actually enter my passwords into a website if I browse using firefox or chome?

You use it to store and generate passwords. There's a right-click option to copy them to your clipboard.

There might be browser extensions that integrate with it.

What the fuck is wrong with this kid? Sounds like a down syndrome britcuck with a mouth full of peanut butter.

I think he is a guy from India living in the UK.

you*

I see, it is mainly used to store passwords. Would have been nice if it made entering them easier too. I have like 25 accounts for steam only and probably about 100 accounts for other websites.

Fuck off underage

That's my job faggot

Very fucking Indian guy, guy with long nose is his roomate or some shit and is named Ajamal. Guy doesn't speak a word of indian so I don't know whats going on.

He's a paki you retard.

He is a brown person, what does it matter what country it is. India was just a guess.

search for keepass plug-ins.

Hmmm.

I played with the idea of creating a git server, have pass fetch the passwords. The passwords would be pRNG, with a script to remind me to change passwords every 6 months.

But then, what would I do if there was an outage?

Why git?

He has a video making fun of people like you

youtube.com/watch?v=u5pnDkrCsDQ

25 characters, full keyboard, randomly generated by keepassx.

My password database password is a 9 word diceware passphrase.

so anyone who cracks one password will be able to guess all the rest. great job.

this is literally automated now. theregister.co.uk/2016/07/12/password_reuse_checking_tool/

Perhaps. What is considered a strong password?

pencil and paper

I am normally not a fan of xkcd, think they are a bunch of sjw faggots, but this one comic is imo not bad.

I usually make passwords like that. They don't always work, because sometimes websites don't allow you to uses space, or sometimes it's to long for them to handle but I try those where ever they work.

that xkcd is terrible advice. A dicionary attack will break those types of passwords easily

This.

However, I think the unwritten thing in that xkcd comic is that you're supposed to use parts of the words, e.g., "cohobast" (COrrect HOrse BAttery STaple)

No, that lowers entropy a lot. There are 275 word-starting two-letter combinations in my /usr/share/dict/words. That would give 32 bits of entropy. You actually get less than that because the word list I used is almost 100,000 words, which is much more than just the "common" words the comic talks about.

Just use meme words that aren't found in the dictionary.
eg, toppestoftopkekkersm80

anyone using those services desires to have them stolen

Really? How exactly would that work? I take 4 random words sometimes not even in english and they are somehow expected to guess it?

How would that work? There are just a dozens possibilities out there. It could be 3 random words, 4 random words and the person guessing doesn't even know if I use spaces or not. I could for example have a password like "Banana Leather Squirrel Funny", either that way, or without spaces like this "BananaLeatherSquirrelFunny". Now I might be wrong, but it just seems hard for me to believe that someone would guess a password like that with a piece of software.

It's not unheard of to get several billion hashes a second on consumer hardware; given a targeted attack, you could guess all 4 combinations of common words in a single day.

But wouldn't they have to know that the password is 4 random words in the first place? How would they guess that?

...

According to recent talk Stealing Bitcoin With Math, $50 on Amazon EC2 lets you check 750,000,000 bitcoin brainwallets in under 24 hours. They demonstrated how a deposit to a wallet derived from a random 5 character upper/lowercase passphrase was stolen within seconds.

Try sending a couple satoshi to a brainwallet hashed from some variation on "dumb user loses money" and see for yourself how effective that scheme is. Then realize that many password databases use schemes even shittier than unsalted sha256 and clamp down the maximum character length.

Moz!Gus(((***)))
try and hax me, use this for everything.
t. Holla Forums

get out, kike.

That's why I also go with either the name or the most prominent design of the website or the purpose of the website. I only go with the website name if its a new website I'm using.

But like if the website uses a certain color scheme I will choose the color name like red scarlet magenta etc. Or if the purpose like public trading fun money or something else along those lines. Whatever makes it more familiar to me.

...

Can't have your money being too secure, can we?

No, he's just a Paki, that's how they sound.

0/10, you do not deserve the Hitler dubs.
>>>/oven/

He had a picture of himself in one of his videos, he is definitely brown. But still, that shouldn't be a reason to hate him.

Oh well, everyone has their pitfalls.

So do I. Trump is an idiot populist rich kid with no actual opinions, by the time he builds his stupid walls America will be out of money. He has no idea what it's like to earn a hard days work, daddy always gave him everything and even then he ran his company into the ground.

damn, I was going to come here to ask if keefox was secure, but people still bother remembering multiple passwords?

Add underscores or numbers
boom, dictionary attack failed

I beg to differ.
At 6:53 you can see his white hand:
youtube.com/watch?v=jdyiZSPYm9s

You realize trump has >500 companies and each bankruptcy meant a company lost all of it's money, not him.
That's literally

Dictionary attacks can take into account random symbols.

>stores it in plain text to do string comparisons on, because it asks for 3 of the characters at a time

banks guarantee your money to a certain degree, just don't use your bank password for anything else.

Say what you will about him but it's just lying to deny his success as a businessman. He turned that "small loan" of a million into billions. Yes he's bankrupted a few of his businesses, but he's had hundreds. He has a stellar track record of success in business.

.

...

/