Your Password must be at least 10 characters long.
Your Password must contain at least one upper-case character.
Your Password must contain at least one number.
Your Password must contain at least one of the following special characters: - () . & @ ? ' # , / " +
>>47762713
> not using a password manager like keepass
I already follow all of those, gg
>>47762713
Wait a second... if all password required services start using these requirements doesn't that essentially make using those precautions useless as the passwords crackers can eliminate passwords that dont contain them?
>>47762733
>using a password manager like keepass
>>47762846
Yes, and actually many people will put these special required characters at a specific location that is the same for most other people as well, e.g. at the end or beginning of their password
>>47762713
>Your Password must be at least 10 characters long.
Isnt more lenght = more secure, and the rest is just bullshit?
>>47762713
>Your Password must be at least 10 characters long.
>Your Password must contain at least one upper-case character.
>Your Password must contain at least one number.
>Your Password must contain at least one of the following special characters: - () . & @ ? ' # , / " +
just write it down on the post-it note, and put it up on your monitor
>>47764925
>Isnt more lenght = more secure, and the rest is just bullshit?
Yes and No, it can't have a pattern. If your password is a sentence on wikipedia then it can be cracked.
But in general long = good.
http://arstechnica.com/information-technology/2013/06/the-secret-to-online-safety-lies-random-characters-and-a-password-manager/
http://arstechnica.com/security/2013/08/thereisnofatebutwhatwemake-turbo-charged-cracking-comes-to-long-passwords/
http://arstechnica.com/security/2013/10/how-the-bible-and-youtube-are-fueling-the-next-frontier-of-password-cracking/
>>47764925
The thing is most of the time they give you other specific criteria to fill that just make it easier for crackers to attack
>can't have more than 2 repeating characters (aaa, 111)
>can't have sequential characters (abc, 123)
It starts negating some of the benefits of a longer password because just those two things cut down on a fucklord of passwords needed to be tried for a brute force attack
And a lot of the times people just use the minimum character count needed so I'd say 70% of the time they'll only need to run through the entire combination of 8 character passwords with
1) At least one capital letter
2) At least one number
3) No repeating
4) No sequential
Someone needs to go through the numbers and see if forcing these critera adds too much advantage to an attacker
cool story bro
>>47764963
>>47762864
>random faggot comes across your computer
>he now has access to everything
The best system is perfect memory.
g>wQoR)z"#X%.4^Skz&Fyz9KSQWRkD|mAK^Iqb`LEbM#\@_{k^?(C"\PD4Trw?k{6FLv33=4]aiq<FRObc"]eFtMIBy<vHmTG+N+`uT":3>UsPuG>]}$T/^|D%c5Bo+ut8$$8dINTtNv8t)rK*K%l0}=fPgVjg#&8$*8zc?.F5h=jZ}@C.3]{?nh(jMF?f`t.)(]I$pjG?@#Nqwtmnk/dbG3jE&YnqQq^0KYb/.=3VV9=|w&"r>16qOki$HQ{0jQ
>>47764968
My password is just random words like that comic password pic thats on the internet somewhere
>>47765061
nice blog
//N1gg3RF4gg0t\\
>>47765058
>not setting keepass to hide passwords
>not having a strong master password
>not closing keepass when you're done or leave the computer
This isn't rocket science here people.
>>47762713
$W@gggggggg
>>47765058
Someone hasn't used keepass
>>47765385
Someone has down syndrome.
>make a strong password
>at the beginning use the first letter of what service it's for
Bam. Different passwords, still secure.
>>47765404
Your an idiot.
>>47765428
Better than using the same one for everything, you fucking faggot
>>47765545
Yeah, in the same sense that a closed but unlocked door is more secure than no door at all. It's true, but it's not better by much and still completely inadequate.
>>47765428
>Your
>use backslash in password
>have to escape it when logging in
My passwords are all SHA256(servicename + masterpassword)
>your password must be less than 8 characters long
>your password cannot contain special characters
>all passwords are case-insensitive
This is my fucking bank. They treat HELLO and hello the exact same when you input your password.
>>47769052
I've discovered at one of my banks it logs me in even if I mistype up to 2 letters of my password
aka
password and plsswird both work
>>47765186
This. Holy crap, how can anyone refute the use of a password manager?
>Use strong master password
>Encrypt password file.
It's so damn easy.
>>47769089
Get a new bank dude. That is fucked
I just write them down on a post it note I keep in my wallet.
Good luck hackers.
>>47762713
>your password cannot be over 16 characters
0Pi$aFAGGOT
>>47769104
how about the obvious ones
>keeping all your passwords in the same place
>trusting closed source software with your fucking passwords
you would be more secure with something like truecrypt, where you keep a small encrypted volume with a text file of your saved passwords. i wouldnt do this, but it is a much better solution. memorize your fucking passwords, even long ones would simply take an hour with some minor studying. stop being a retard
>>47765589
Lol? If its a password that by all accounts is great, 10+ char length, completely random, special characters out the ass ... why would this impact security at all?
It's a great idea.
>>47764963
...you're joking right
>>47769123
>wallet gets stolen
>ID, cash, credit cards, and the password to all online banking and paypal passwords
>rekt
>>47765028
Yes, it absolutely does benefit an attacker. I'm too lazy to calculate the entropy right now, but when you disallow repeating or sequential characters, entropy falls DRAMATICALLY.
The best way to ensure strong passwords is to run a proposed password through a dictionary, and if it's not there, accept it. Nothing else other than a minimum length. No presence/absence of numbers, capitols, punctuation, etc. Nothing. Just maximum entropy across a long string that doesn't occur in dictionaries.
Hash it right and you'll never get cracked.
>write password on paper
>put paper in waistband of underwear
It's foolproof
>>47762713
lel I work in a call center, do tech support for employees, so many fucking people have shit passwords you have no idea. Sometimes where they put the username they'll end up putting their fucking passwords, swear to fuck. They would often also use the name of the comapny+1
SN^#UfGIw#Y8QJz&ZZ#i#3iESMLeh9Zwk^j5OfuPwzAE7*xP*gyE$GgDCaml3E59Xe!qQLNUNdlVu$06S76M6CT%PYKhr1aS4Se