Thursday, November 24, 2011

Internet passwords

I am beginning to get pissed off about the requirements of some websites when you're creating a new account, when it comes to choosing your password. It's getting to a point where all the symbols on the keyboard must to be used, which makes passwords really hard to remember.

This isn't the worst I've seen...

I admit they make them really hard to guess, but whoever uses passwords that are "guessable" deserve to be hacked in the first place.

It's really easy to come up with a password that is only letters and that sticks to your head.

heymanitsmeletmein -> Secure, easy to forget, hard to guess, hard to find by brute force.

Randy22# -> Hard to remember, although secure online, easy to crack by brute force if it's a local file.

What's more, websites advise you to never repeat a password. So if I'm signed up to half a dozen forums, three email services, online banking, two gaming portals and wikipedia, how many upper-lower-case-number-and-symbol passwords can I remember before I forget one and have to go through the process of "recover your password" just to forget that one the next day as well?

Passwords should be whatever you want, and as such, at your own risk if they are too easy to guess. If you use your dog's name as the key to your important stuff, then it's your fault for being stupid when some guy signs in and starts sending spam to all your contacts.

I finish my rant with the classic XKCD strip that wraps it all up perfectly:

7 comments:

  1. I really agree with this. Though over time I've managed to come up with passwords, the more you use the harder it is to remember them, and it does seem computers crack them easier. It reminds me of a joke I read in another webcomic "If your security software was any good it wouldn't matter that my password is "password".

    ReplyDelete
  2. Ah xkcd <3
    Didn't know that websites now say that you should use all the symbols for the password :/
    May be they are in cahoots with hacker groups :P

    ReplyDelete
  3. You should start using password manager.. like LastPass or 1Password.
    Lastpass is free and comes as addon for many browsers.

    ReplyDelete
  4. well over the cours eof the years since websites have forced me to change or use diferent password i have resorted to store my password in a txt file inside a crypted file with a strong password.. yeah long password that consists of words that mean something special to me and no one else (no one would ever guess them by relation) and a few numbers, and the websites passwords i use are... easier in comparasion,. but mostly for games and stuff i dont care if i get haxed XD

    ReplyDelete
  5. that's so true, but i had to memorize a 32 word encryption so now i just base my passwords off of bits of the encryption lol.

    ReplyDelete
  6. I totally agree. Every time I have to use uppercase and numbers I forget my pw and have to use the pw reset.

    ReplyDelete