General discussion

All Comments

  • Author
    • #3027700

      I think it’s the idea of keeping a moving target

      by nicknielsen ·

      In reply to Ok, why change passwords on a schedule?

      I change mine because I’m forced to, and I do the same thing everybody else in that situation does: I work sequentially: password1, password2, password3, etc. I know that’s not the intent, but I have to remember 9 passwords for work. I’ll be darned if I’m going to make it hard on myself.

      • #3027628


        by ansugisalas ·

        In reply to I think it’s the idea of keeping a moving target

        If people can remember 9 passwords, they should preferably be 9 good passwords, for 9 different sites.

        • #3027613

          But that’s the problem

          by nicknielsen ·

          In reply to Exactly

          People don’t remember 9 different passwords, they remember just one, for 9 different sites.

          All 9 of mine are quite similar, but not identical. Again, I’m not going to make it any harder than it has to be.

        • #3027573

          That’s the problem…

          by ansugisalas ·

          In reply to But that’s the problem

          People have limited patience with security.
          Heck, I know that logging in as admin isn’t safe for day to day stuff, but I still can’t get used to not being able to do those three semi-rare things that require admin status without *gasp* changing users for half an hour.
          But focusing on a few meaningful measures and hammering them in loud enough, people could learn to use at least different security levels of passwords. To have f.ex. one unique for banking, one unique for official crap, one for low-security activities and one for potential risk activities. That falls within the 3+2 range of different things people can remember, and it makes a big difference both over low-difficulty passwords and over having the same passwords for critical and risky/lowsec activities.

        • #3027539

          I have lots of patience with security

          by nicknielsen ·

          In reply to That’s the problem…

          My passwords are all based on a strong phrase that includes case changes, numbers, and special characters and gets a 71% from Password Meter. All the passwords based on that phrase (except two) score 90% or better. The two exceptions do not allow me to use the entire phrase because they are limited to 8 alphanumeric characters, but they are only valid inside a physically secured area.

    • #3027640

      multiple reasons.

      by .martin. ·

      In reply to Ok, why change passwords on a schedule?

      If someone is trying to get into your computer without you knowledge, it is harder if the password is changing, i.e., every time the password changes, they essentially have to start again.

      If someone knows your password, and is using your account without your permission, if you change the password, they are locked out.

      • #3027629

        And how often are good passwords cracked?

        by ansugisalas ·

        In reply to multiple reasons.

        The bad guys spend their resources wisely, why spend time cracking “1kz3hARjeeEa” when they can crack 10^6 instances of “admin” in the same time?

Viewing 1 reply thread