How many Passwords?
Discussion
Curious to find out if anyone elese is the same position here
Had a count-up today. I have 53 different usernames and passwords for various stuff associated with both work and private life. I mean 53... FFS............
For these “accounts”, I’m using 23 different passwords, but I’d like to throw this out for views about whether I’m at risk
Inevitably there is a theme to the type of passwords I create use, but the main point is that I’m using one particular password for both internet banking and some social things. So it’s dawned on me that maybe I ought to have unique passwords for every finance related site and a generic one for everything else that doesn’t involve any risk of ID theft or the potential dodgy financial transactions....
The concern here is that if some clever system or person can detect my “main” password from an innocuous site, then I’m potentially at risk with the more sensitive ones
To make things worse, with so many to remember, I have to write them down...
However they are all written in another file with another feckin’ password
Am I at risk or just being paranoid?
Thanks
1967Vette, oh er sorry.....
ETA: Can't change the typo in the Heading. Should've checked before posting...D'Oh!
Had a count-up today. I have 53 different usernames and passwords for various stuff associated with both work and private life. I mean 53... FFS............
For these “accounts”, I’m using 23 different passwords, but I’d like to throw this out for views about whether I’m at risk
Inevitably there is a theme to the type of passwords I create use, but the main point is that I’m using one particular password for both internet banking and some social things. So it’s dawned on me that maybe I ought to have unique passwords for every finance related site and a generic one for everything else that doesn’t involve any risk of ID theft or the potential dodgy financial transactions....
The concern here is that if some clever system or person can detect my “main” password from an innocuous site, then I’m potentially at risk with the more sensitive ones
To make things worse, with so many to remember, I have to write them down...
However they are all written in another file with another feckin’ password
Am I at risk or just being paranoid?
Thanks
1967Vette, oh er sorry.....
ETA: Can't change the typo in the Heading. Should've checked before posting...D'Oh!
Edited by Bowler on Thursday 4th March 19:15
My Ebay and hotmail got taken over before, Paypal was the same password, but they never did anything with that, after that I chose a different password for most things- if it's just a site with no personal details on I just use my usual one, if it's something with personal stuff on it's totally individual and unique- I never remember them though.
rysfAbout 10 or so
'Financial' ones are all different ( Paypal, ebay, 'verified by Visa' etc. ) plus PIN for banking ( chip & pin with PINsentry box ). Web forum ones are generally variations on a theme so easy to remember, plus the ones for my e-mail account, broadband account, and broadband router management.
'Financial' ones are all different ( Paypal, ebay, 'verified by Visa' etc. ) plus PIN for banking ( chip & pin with PINsentry box ). Web forum ones are generally variations on a theme so easy to remember, plus the ones for my e-mail account, broadband account, and broadband router management.
I was out for dinner once with a guy who was responsible for crypto at a large database software firm which you have heard of. This was the full beard experience: 'I wrote some of the trickier bits of Unix'; 'One time, I was consulting at the NSA on an interesting problem', etc etc.
Naturally the discussion comes round to this topic - how best to have personal digital security in a hostile world. His advice, which I pretty much put in place the next day:
1. Non financial stuff - use an acronym including a date, plus a suffix specific to the site. So "my dad was born in 1960" gives mdwbi1960face for facebook, and mdwbi1960ph for here.
2. Financial stuff - a fixed number, then an acromym per site. So 983'my lloyds chequebook is green' gives 983mlcig for lloyds, and 983'santander is the worlds finest bank' for 983sitwfb. There are opportunities here of course for encoding your feelings about customer service in your password, which should help with a paypal account.
The killer from this guy: "I have two bank accounts - one at a bank where I designed the online security. But I just use that for day-to-day. I keep all my savings accounts at a bank with no online services".
Naturally the discussion comes round to this topic - how best to have personal digital security in a hostile world. His advice, which I pretty much put in place the next day:
1. Non financial stuff - use an acronym including a date, plus a suffix specific to the site. So "my dad was born in 1960" gives mdwbi1960face for facebook, and mdwbi1960ph for here.
2. Financial stuff - a fixed number, then an acromym per site. So 983'my lloyds chequebook is green' gives 983mlcig for lloyds, and 983'santander is the worlds finest bank' for 983sitwfb. There are opportunities here of course for encoding your feelings about customer service in your password, which should help with a paypal account.
The killer from this guy: "I have two bank accounts - one at a bank where I designed the online security. But I just use that for day-to-day. I keep all my savings accounts at a bank with no online services".
As above with the addition of "number for vowel substitution" where 4 = a, 3 = e, 1 = i, 0 = o.
Don't bother with "u"
Throw a ! or ? in there too and you are almost impossible to brute force crack.
Love the story with the unix pointy head.
Don't bother with "u"
Throw a ! or ? in there too and you are almost impossible to brute force crack.
Love the story with the unix pointy head.
Edited by robodonkey2005 on Thursday 4th March 22:46
Newc said:
I was out for dinner once with a guy who was responsible for crypto at a large database software firm which you have heard of. This was the full beard experience: 'I wrote some of the trickier bits of Unix'; 'One time, I was consulting at the NSA on an interesting problem', etc etc.
Naturally the discussion comes round to this topic - how best to have personal digital security in a hostile world. His advice, which I pretty much put in place the next day:
1. Non financial stuff - use an acronym including a date, plus a suffix specific to the site. So "my dad was born in 1960" gives mdwbi1960face for facebook, and mdwbi1960ph for here.
2. Financial stuff - a fixed number, then an acromym per site. So 983'my lloyds chequebook is green' gives 983mlcig for lloyds, and 983'santander is the worlds finest bank' for 983sitwfb. There are opportunities here of course for encoding your feelings about customer service in your password, which should help with a paypal account.
The killer from this guy: "I have two bank accounts - one at a bank where I designed the online security. But I just use that for day-to-day. I keep all my savings accounts at a bank with no online services".
Are you sure you want to make this info public?Naturally the discussion comes round to this topic - how best to have personal digital security in a hostile world. His advice, which I pretty much put in place the next day:
1. Non financial stuff - use an acronym including a date, plus a suffix specific to the site. So "my dad was born in 1960" gives mdwbi1960face for facebook, and mdwbi1960ph for here.
2. Financial stuff - a fixed number, then an acromym per site. So 983'my lloyds chequebook is green' gives 983mlcig for lloyds, and 983'santander is the worlds finest bank' for 983sitwfb. There are opportunities here of course for encoding your feelings about customer service in your password, which should help with a paypal account.
The killer from this guy: "I have two bank accounts - one at a bank where I designed the online security. But I just use that for day-to-day. I keep all my savings accounts at a bank with no online services".
With GMAC and Santander (or big sombreo finance as we like to call it ) there passwords have to be changed every month and can't be one that you have used recently I never thought selling cars would be more about trying to remember somany passwords let alone login passwords which can't be one of the last 12 that you have used and changes every 30 days thanks it department
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff