Sometimes people use very obvious passwords.
The other thing I do is create a new email address for each site i have an account on. It is easy to then workout where all of the spam is coming from.
A bit easier if you run your own mail server.
A bit easier if you run your own mail server.
Nothing is unhackable.
I'm partly similar to Sim. I do reuse passwords, but have a few different ones depending on the security of the site and the potential damage that could be done by being hacked. For example, I don't care so much about Somersoft
, but am more concerned about my internet banking.I also use an encryption program with The One Key to rule all others. In my case it's one I wrote myself that's not compatible with any other publically available program, so I'm not too concerned about people trying to hack that program. It uses NIST-approved AES (Advanced Encryption Standard), so it's not just something I made up myself. As has been discussed, the main weakness is usually in the complexity of password chosen. Dictionary attacks typically work very well, especially against plain hashes similar to what's used with many Linux password files.
I think Sim's approach is good: chose random strings for passwords that you can just copy and paste when needed, and just remember one complex password to access them all, changing it periodically.
The main downside of that though is if you ever need to access the service away from your computer, you're in the sh|t!
GP
This is what i was talking about earlier -- what if you are travelling and need to access your internet banking or buy some shares? Are you in the sh|t or is there another way to access your password file? I think you could install the program onto a USB stick and run the file from it?
Another way is to email yourself the passwords which is what i have done as a backup. Probably a bit risky but the actual email would be hard to find if someone ever hacked my hotmail account as it's kept in one of my random folders amongst 1000's of others.
Sim
Administrator
That's what USB keys or online storage is for (which includes gmail).
As shuggy mentioned, you can set up KeePass and similar programs to run off a USB key so you can access them from any computer.
That does still leave you somewhat vulnerable to keystroke loggers (never use a computer you don't trust - especially not to log in to an important website).
... but then, that is what ultra-light laptops and netbooks are for. Why would you ever use an untrusted computer to do something important? Pay a few hundred dollars for a cheap netbook and this is never a problem.
I've got a two month trip coming up and I'm in 2 minds about getting a small notebook to take with me. I don't have check in luggage and my carry on is only 7kg so I need to find something light.
I can use email, whatsapp and browse web from a phone but need a notebook if I need to do internet banking. Computers are also handy to empty out my camera memory cards onto the portable 2TB hard drive I'll have with me.. but I could always pop into an internet cafe to do that.
I've just come back from a trip using iPad mini and a smartphone. (Sim's post was from a few years ago, that wasn't an option then).
My camera had a wifi connection. I copied pix onto the smartphone, which was backed up onto the cloud automatically whenever wifi was available.
That's a great site! I just put in my computer login and got rated at 90%But i found this site that tests password strength and mine came in at 12%
So i made up another one which is now 80% strong and easy to remember.
My very old hotmail login is only 57% but I can easily up that to 93% with a simple change I can remember.
I use a different password for every computer and every web site. I will be testing all my passwords and changing them if the % is too low.
so paranoid
Just a warning to take that password security thing with a pinch of salt. I just put in a temporary password that I was justing when my router got hacked and it came out at 78% - Strong. After I got hacked, I checked it was actually my dumb temporary password that was the reason and it was. It only took me a few minutes to hack my own router with that password which I have since upgraded of course. I would be looking for something over 90% if I were you.
Or sensible.
I have had my router hacked and all my downloads used up for 2 months in a row. I don't want any of my accounts hacked.Why can't you do your internet banking on your phone?
Because I've had my phone hacked before so I don't trust it to keep any valuable information on.
Perthboy, how did you hack your own router? Was it by using a brute force program?
kali linux booted from a dvd and then brute force over wireless. I wanted to have the experience of someone outside my house hacking my system, which is why I went wireless. I was surprised at how quick and easy it was. Of course I changed the password on my router immediately. It shows how easy it is to become complacent about security. I live in an area with a stable population, so I know all my neighbours. Because of that, I was not concerned about using a less secure password temporarily while I sorted out some issues. I sorted out the issues but forgot to change the password back. A new neighbour moved in and suddenly my download quota dissapeared. I didn't put 2 and 2 together until it happened again. Then I logged into my modem and saw half a dozen new devices that did not belong to my network. Pretty slack of me but also poor form from my neighbour to use up a 50 gb download limit. Get your own dam internet kid!
I sometimes use my phone to do internet banking, but I don't keep anything on the phone (AFAIK). I don't use the app but go to the full site. Is that safer?
I log in, do my transfer, log out.
What happened when your phone was hacked? What were they looking for?
Scary stuff all this
.Similar threads
