A computer can guess more than 100,000,000,000 passwords per second. Still think yours is secure?

1 Like

Yup I think mine is secure

1 Like

2FA seems to be the way to go, Amazon is probably one of the biggest targets on the internet, I like their security very long passwords and 2FA. Loads of sites crapout at 8+ characters, can’t take special characters but that’s probably a good sign your data isn’t secure !

I’m still pretty certain my password which equals Pa$$word is still pretty secure. :wink:

Good point about the length and special characters but I would not praise Amazon since they will sell your PII to anyone if the price is right. Don’t trust globalist especially those touting how secure and private the are.

Long and complex PWs take up storage and compute cycles that may seem trivial but multiplied by millions upon millions it adds up.

1 Like

Amazon is the anti-christ however I’m addicted, other UK e-shop websites are horrible to use. I’m sure they are making money off me but they do offer 2FA which I haven’t seen on any other e-shop site I use.

You’re right about storage but really, a 256 character password is no difference to me as I use a password manager, if the cost of implementing long passwords for companies is too expensive they should be out of business. However, I just think they have implemented shorter passwords for their ease.

Yup, their ease and wallet. PW manager is the way to go, shame the U.K. has few options for you.

1 Like

You guys run Bitwarden of something else?

Went from KeePass to KeePassXC as it includes 2FA, when I looked at bitwarden included 2FA for the paid version.

@neogrid. I run bitwarden_rs server at home – wasn’t aware that 2FA was a “premium” or paid feature. The rs implementation gives you all the premium stuff. Thanks for mentioning keepassXC. Prior to BW was using just KeePass. Dumb me wasn’t aware that the project forked.

hmm looking at their pricing you have to pay for 2FA (ok not so expensive but these are lean times), that is the Authenticator for other sites/applications not the bitwarden application itself. Maybe it’s also a premium feature.

I’m from the last century so I still use a laptop, keeping the authenticator with the password manager is easier, I previously used authy on my phone but I don’t trust my phone.

passwords vs passphrases

If you use a password, then the game of cracking is guess the word
If you use a passphrase, the game becomes cracking the phrase
If you use a passphrase with high entropy, the game becomes much harder for the cracker

Example

  • Password = corvette
  • Passphrase = red2016corvette
  • Passphrase with entropy = sixteencorvettefiresrocks
  • High entropy passphrases = {sixteen#corvette&!fire@23rocks;

https://password.blue/test.html

https://www.grc.com/haystack.htm

1 Like

That’s all great but I use Axa insurance, they have 8 character maximum and do not allow special characters, do not have 2FA obviously. Only discovered this after paying for my policy.

Evidently most companies are not concerned about customer security until they are in the press.

Will give points to Amazon, with 64 char and 2FA, that will be pretty difficult to crack.

1 Like

password1 is not secured?

LeL

Oooof that password storage system is from the 1970’s. Is it based on potato?

Neither is GOD, Admin, LAGNAF, Sex123, BOSS, Owner, qwerty, 123456789 or 987654321

Fire-triangle

Who told you my password is ‘secure’?

Most of my systems that I log into (banks, financial…) only give you 5 tries at the password then you need to go through the reset process. This would be a RED flag when I would try to log in (after the attempts) the auto response is that I have used my 5 login attempts and that i need to reset my password. I guess I could calculate how long it would take to crack my password with only 5 attempts each time. I am also in the process of trying to implement this into my IOT Pi/Arduino projects.