Sciencemadness Discussion Board
Not logged in [Login ]
Go To Bottom

Printable Version  
 Pages:  1  
Author: Subject: Please replace your passwords-
Bert
Super Administrator
*********




Posts: 2821
Registered: 12-3-2004
Member Is Offline

Mood: " I think we are all going to die. I think that love is an illusion. We are flawed, my darling".

[*] posted on 6-2-2018 at 08:18
Please replace your passwords-


As a precaution, I would suggest EVERYONE should replace their passwords ASAP.

If you are not conversant with curent thoughts on best practices for password selection, seek ye the knowledge. (Thanks, Texium. Us trilobites never needed more than 8 bits)

IF YOU LOST THE OLD ONE, Woelen IS NOW A SUPER ADMIN AS WELL AS Polverone and Bert. These are who you need to contact in order to re-set. You will need to know the ORIGINAL email you used to establish your account for this to be done.

Our resident troll seems to be interested in cracking now, rather than nuclear transmutation of the more abundant elements into the rarer ones.

20180206_111759.png - 756kB

[Edited on 6-2-2018 by Bert]

[Edited on 6-2-2018 by Bert]




Rapopart’s Rules for critical commentary:

1. Attempt to re-express your target’s position so clearly, vividly and fairly that your target says: “Thanks, I wish I’d thought of putting it that way.”
2. List any points of agreement (especially if they are not matters of general or widespread agreement).
3. Mention anything you have learned from your target.
4. Only then are you permitted to say so much as a word of rebuttal or criticism.

Anatol Rapoport was a Russian-born American mathematical psychologist (1911-2007).

View user's profile View All Posts By User
Bert
Super Administrator
Thread Topped
6-2-2018 at 08:19
Texium
Administrator
********




Posts: 4618
Registered: 11-1-2014
Location: Salt Lake City
Member Is Offline

Mood: PhD candidate!

[*] posted on 6-2-2018 at 08:29


Alternatively, this is a more effective method for making strong passwords: https://xkcd.com/936/

I'd recommend it!




Come check out the Official Sciencemadness Wiki
They're not really active right now, but here's my YouTube channel and my blog.
View user's profile Visit user's homepage View All Posts By User
Corrosive Joeseph
National Hazard
****




Posts: 915
Registered: 17-5-2015
Location: The Other Place
Member Is Offline

Mood: Cyclic

[*] posted on 6-2-2018 at 08:44


I actually changed mine a few days ago.......

https://howsecureismypassword.net/ tells me my new password would take a computer 4 Quadrillion years to crack


:D


/CJ




Being well adjusted to a sick society is no measure of one's mental health
View user's profile View All Posts By User
ninhydric1
Hazard to Others
***




Posts: 345
Registered: 21-4-2017
Location: Western US
Member Is Offline

Mood: Bleached

[*] posted on 6-2-2018 at 08:48


Mine takes 4 thousand years to crack, so it should be relatively safe.



The philosophy of one century is the common sense of the next.
View user's profile View All Posts By User
Texium
Administrator
********




Posts: 4618
Registered: 11-1-2014
Location: Salt Lake City
Member Is Offline

Mood: PhD candidate!

[*] posted on 6-2-2018 at 08:59


My old one got 7 quadrillion years, my new one... 18 decillion

Funnily enough, if you enter "correcthorsebatterystaple" it will say "Instantly- the hackers are probably onto this one by now"




Come check out the Official Sciencemadness Wiki
They're not really active right now, but here's my YouTube channel and my blog.
View user's profile Visit user's homepage View All Posts By User
JJay
International Hazard
*****




Posts: 3440
Registered: 15-10-2015
Member Is Offline


[*] posted on 6-2-2018 at 09:08


There are numerous stories where a password file was leaked from one site and cracked and then the hackers used the passwords to gain entry to other sites. It's best not to reuse a password that you use on any other site.

Of course, we all have broken that rule dozens of times over. But if you have a troll in your account, you'll wish you had secured your password.


[Edited on 6-2-2018 by JJay]




View user's profile View All Posts By User
Tsjerk
International Hazard
*****




Posts: 3032
Registered: 20-4-2005
Location: Netherlands
Member Is Offline

Mood: Mood

[*] posted on 6-2-2018 at 09:44


Quote:
https://howsecureismypassword.net/

although likely to be safe, better not to enter passwords here which you still use. It would be worth a fortune to get all the passwords entered....




[Edited on 6-2-2018 by Tsjerk]
View user's profile View All Posts By User
happyfooddance
National Hazard
****




Posts: 530
Registered: 9-11-2017
Location: Los Angeles, Ca.
Member Is Offline

Mood: No Mood

[*] posted on 6-2-2018 at 11:17


Quote: Originally posted by Tsjerk  
Quote:
https://howsecureismypassword.net/

although likely to be safe, better not to enter passwords here which you still use. It would be worth a fortune to get all the passwords entered....




[Edited on 6-2-2018 by Tsjerk]


I know, right? It's like, "It would take a million years to crack your password, if you HADN'T JUST GIVEN IT TO US."
View user's profile View All Posts By User
Texium
Administrator
********




Posts: 4618
Registered: 11-1-2014
Location: Salt Lake City
Member Is Offline

Mood: PhD candidate!

[*] posted on 6-2-2018 at 16:09


Quote: Originally posted by JJay  
There are numerous stories where a password file was leaked from one site and cracked and then the hackers used the passwords to gain entry to other sites. It's best not to reuse a password that you use on any other site.

Of course, we all have broken that rule dozens of times over. But if you have a troll in your account, you'll wish you had secured your password.
Yes, that's why I decided to make a new one for here even though my old one was very strong.



Come check out the Official Sciencemadness Wiki
They're not really active right now, but here's my YouTube channel and my blog.
View user's profile Visit user's homepage View All Posts By User
Σldritch
Hazard to Others
***




Posts: 310
Registered: 22-3-2016
Member Is Offline

Mood: No Mood

[*] posted on 7-2-2018 at 02:15


Does the password reset button work now or will it still lock you out off your account?
View user's profile View All Posts By User
wg48
National Hazard
****




Posts: 821
Registered: 21-11-2015
Member Is Offline

Mood: No Mood

[*] posted on 7-2-2018 at 04:01


Quote: Originally posted by Σldritch  
Does the password reset button work now or will it still lock you out off your account?


I tried three times th change my password and failed. I assumed it was my finger trouble.

Oops! thinking about it yourr probably talking about the request PW reset button.
View user's profile View All Posts By User
diddi
National Hazard
****




Posts: 723
Registered: 23-9-2014
Location: Victoria, Australia
Member Is Offline

Mood: Fluorescent

[*] posted on 7-2-2018 at 16:31


is 8 billion years enough? wait til we get quantum computers.

so what this is saying is that in the time my password could be cracked, i may have stuck to one of my new year resolutions




Beginning construction of periodic table display
View user's profile View All Posts By User
SWIM
National Hazard
****




Posts: 970
Registered: 3-9-2017
Member Is Offline


[*] posted on 7-2-2018 at 16:36


Well, goodbye to my trusty old friend PASSWORD123.

I can still use it for my bank and credit cards, right?

EDIT: Changing passwords working fine right now.

[Edited on 8-2-2018 by SWIM]

EDIT: as to qwertyuiop mentioned below, I actually used to be an etaolinshrdlu man myself.
It's one row of keys on the old Merganthaller linotype machine.

It did leave me vulnerable to hackers who were 90-year -old former typesetters, but how many of those can there be?



[Edited on 8-2-2018 by SWIM]

[Edited on 8-2-2018 by SWIM]

[Edited on 8-2-2018 by SWIM]




View user's profile View All Posts By User
j_sum1
Administrator
********




Posts: 6333
Registered: 4-10-2014
Location: At home
Member Is Offline

Mood: Most of the ducks are in a row

[*] posted on 7-2-2018 at 16:46


qwertyuiop[ is your new friend if you want a truly random-looking password.
:P




View user's profile View All Posts By User
ninhydric1
Hazard to Others
***




Posts: 345
Registered: 21-4-2017
Location: Western US
Member Is Offline

Mood: Bleached

[*] posted on 7-2-2018 at 17:34


Quote: Originally posted by j_sum1  
qwertyuiop[ is your new friend if you want a truly random-looking password.
:P


You can type it with one stroke of a finger too.




The philosophy of one century is the common sense of the next.
View user's profile View All Posts By User
Bert
Super Administrator
*********




Posts: 2821
Registered: 12-3-2004
Member Is Offline

Mood: " I think we are all going to die. I think that love is an illusion. We are flawed, my darling".

[*] posted on 7-2-2018 at 18:00


For years, it was PASSWORD_HERE

The instructions were always very clear: "ENTER PASSWORD HERE" What changed that we're supposed to make up our own now?

[Edited on 8-2-2018 by Bert]




Rapopart’s Rules for critical commentary:

1. Attempt to re-express your target’s position so clearly, vividly and fairly that your target says: “Thanks, I wish I’d thought of putting it that way.”
2. List any points of agreement (especially if they are not matters of general or widespread agreement).
3. Mention anything you have learned from your target.
4. Only then are you permitted to say so much as a word of rebuttal or criticism.

Anatol Rapoport was a Russian-born American mathematical psychologist (1911-2007).

View user's profile View All Posts By User
mayko
International Hazard
*****




Posts: 1218
Registered: 17-1-2013
Location: Carrboro, NC
Member Is Offline

Mood: anomalous (Euclid class)

[*] posted on 7-2-2018 at 18:15


Quote:
Two days earlier he has received a desperate phone call from Jacopo Belbo, his colleague at a Milan publishing house. Before being abruptly cut off, Belbo has time only to tell him that he is in extreme danger, and that he must consult the files on their office word processor. But as soon as he loads the machine, a message appears: 'Do you know the password?' he gazes helplessly at the computer, knowing that Belbo's life depends on his being able to key in the correct word. Rapidly he calculates that 'it would take... two thousand years to go through all the possibilities.'

https://www.theguardian.com/books/1989/oct/12/fiction.jonath...

spoiler: the computer is accessed by answering the question honestly: "No".





al-khemie is not a terrorist organization
"Chemicals, chemicals... I need chemicals!" - George Hayduke
"Wubbalubba dub-dub!" - Rick Sanchez
View user's profile Visit user's homepage View All Posts By User
Melgar
Anti-Spam Agent
*****




Posts: 2004
Registered: 23-2-2010
Location: Connecticut
Member Is Offline

Mood: Estrified

[*] posted on 7-2-2018 at 19:39


Some more relevant xkcd comics about passwords:

https://xkcd.com/792/

https://xkcd.com/538/




The first step in the process of learning something is admitting that you don't know it already.

I'm givin' the spam shields max power at full warp, but they just dinna have the power! We're gonna have to evacuate to new forum software!
View user's profile View All Posts By User
ficolas
Hazard to Others
***




Posts: 146
Registered: 14-5-2016
Member Is Offline

Mood: No Mood

[*] posted on 8-2-2018 at 08:12


Quote: Originally posted by Texium (zts16)  
Alternatively, this is a more effective method for making strong passwords: https://xkcd.com/936/

I'd recommend it!

Dictionary attacks could crack that. No one uses pure bruteforce when trying to crack a password
I may be wrong tho, it may be too slow even for a dictionary attack because of 4 words.

[Edited on 8-2-2018 by ficolas]
View user's profile View All Posts By User
Twospoons
International Hazard
*****




Posts: 1326
Registered: 26-7-2004
Location: Middle Earth
Member Is Offline

Mood: A trace of hope...

[*] posted on 8-2-2018 at 12:27


Given that most people have a vocabulary of about 5000 words they use regularly, choosing four words gives you 6.25^14 combinations (allowing repeated words). Given the number of people that cant spell I guess that number goes up a bit. I would have thought it would be fairly easy to screw up a dictionary attack by tossing in an odd letter/number/symbol somewhere - like always using a # between words 1 and 2. Or by using words from different languages.

"correct!chevalbatterystaple" has to be harder to crack by dictionary attack.




Helicopter: "helico" -> spiral, "pter" -> with wings
View user's profile View All Posts By User
Bert
Super Administrator
*********




Posts: 2821
Registered: 12-3-2004
Member Is Offline

Mood: " I think we are all going to die. I think that love is an illusion. We are flawed, my darling".

[*] posted on 8-2-2018 at 12:55


If you use a well remembered quote, complete with capitalization and punctuation?

How large is the body of material returned by googling "popular quotes"?




Rapopart’s Rules for critical commentary:

1. Attempt to re-express your target’s position so clearly, vividly and fairly that your target says: “Thanks, I wish I’d thought of putting it that way.”
2. List any points of agreement (especially if they are not matters of general or widespread agreement).
3. Mention anything you have learned from your target.
4. Only then are you permitted to say so much as a word of rebuttal or criticism.

Anatol Rapoport was a Russian-born American mathematical psychologist (1911-2007).

View user's profile View All Posts By User
Chemetix
Hazard to Others
***




Posts: 376
Registered: 23-9-2016
Location: Oztrayleeyah
Member Is Offline

Mood: Wavering between lucidity and madness

[*] posted on 8-2-2018 at 15:05


Arrrrgh! passwords, the frikken bane of modern existence.

Software drives the most simple and banal tasks these days and is still protected by more security than a PC4 lab.

Imagine this, I want to pick up a note pad and a pencil and write a few notes but the note pad has upgraded it's software recently and the pencil has has recently been bought by the note pad company and now wants me to open a new account so that it will synchronise with the pad front page. But the password entry page for the pencil is telling me I can't use Chemitex as my user name because that user name is taken.

I can't get into the pad account to reset the password and user name to resolve this because it somehow thinks the same password I have been using all this time is wrong and has locked me out, and the code that was sent to my phone to reset the password can't be entered because I can't get beyond the lockout screen. And I get a message in my e-mail telling me there has been unusual activity with my account could I please log in and change my password to prevent hacking!!!!!!! So now I can't use the pencil and and the pad because of conflicting passwords and incomprehensible security software......THANKS MODERN TECHNOLOGY!
View user's profile View All Posts By User
Bert
Super Administrator
*********




Posts: 2821
Registered: 12-3-2004
Member Is Offline

Mood: " I think we are all going to die. I think that love is an illusion. We are flawed, my darling".

[*] posted on 8-2-2018 at 15:43
NOBODY had any problems changing/remembering passsords?


I am very happy if this is true.




Rapopart’s Rules for critical commentary:

1. Attempt to re-express your target’s position so clearly, vividly and fairly that your target says: “Thanks, I wish I’d thought of putting it that way.”
2. List any points of agreement (especially if they are not matters of general or widespread agreement).
3. Mention anything you have learned from your target.
4. Only then are you permitted to say so much as a word of rebuttal or criticism.

Anatol Rapoport was a Russian-born American mathematical psychologist (1911-2007).

View user's profile View All Posts By User
j_sum1
Administrator
********




Posts: 6333
Registered: 4-10-2014
Location: At home
Member Is Offline

Mood: Most of the ducks are in a row

[*] posted on 8-2-2018 at 18:07


Quote: Originally posted by Bert  
I am very happy if this is true.

Not entirely true. I had some issues with autofill not doing what it was supposed to do and thought I was locked out for a while. That would have been annoying.

Let me stress the importance of not having duplicate passwords for different sites or even related derivatives. Hackers trade libraries of compromised passwords and use these to mount attacks on other sites. The last thing you want is for an online purchase from a pretty obscure seller three years ago to be the stimulus for identity theft and compromise of your sensitive information.

Having done a bit of reading on the subject I am a fan of the correcthorsebatterystaple method but I use a different vocabulary set. Not the 2000 most common words but instead a library of obscure facts and whimsical events from my life -- which form suitable mnemonics. Hey, you gotta do something useful with the library card number you had when you were 10 or the cullinary disaster Aunt Gertrude performed that Christmas when Brian got plastered.




View user's profile View All Posts By User
The Volatile Chemist
International Hazard
*****




Posts: 1981
Registered: 22-3-2014
Location: 'Stil' in the lab...
Member Is Offline

Mood: Copious

[*] posted on 8-2-2018 at 19:32


J_sum, I see you read the 'Hardy Boys'...



View user's profile Visit user's homepage View All Posts By User
 Pages:  1  

  Go To Top