We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
MSE News: Google Chrome warning: Be careful with online passwords
Options
Comments
-
I was expecting this article to be useful and tell me something I didn't know. It's not exactly done that as most of us have just found out!0
-
My advice:
1. Never use the password save feature of a web browser
2. Use different passwords for all sites
3. Make your passwords strong (ie. minimum of 8 characters, containing a mixture of lower case and upper case letters, numbers and special characters where supported)
In my opinion it is better to have a strong password that you keep written down than have an easy to remember password that can easily be guessed or cracked. The risk of someone breaking in to your house and stealing the piece of paper you have them written on is very low. The risk of an easy to break password being hacked online is much greater.
Geek Alert!
A technique I use is to create a number of easy to remember password 'elements' and then combine them in different ways to form multiple passwords. I then record my passwords in a form of code that only I understand but is very easy to remember.
For example:
I like Formula 1, so I could create a password element based on a driver's surname. Let's use 'alonso'. I then modify this by making the second letter a capital and converting the 'o's to zeros so we get 'aL0ns0'.
I could make as many of these password elements as I like based on different subjects but always using the same modification strategy (ie. second letter captial, convert 'o' to '0'). I then use the subject name as the code for that password element.
The second part of my password is a number that I know off by heart eg. a loved one's mobile number. Let's say it's 07123456789. What I'll do is append a number of these digits to my chosen password element. If we take my aL0ns0 element and combine it with the first 3 digits of my number then we get aL0ns0071. For reference this scores 89% for password strength at https://www.passwordmeter.com. By adding an exclamation mark on the end it scores 100%. So we have a very strong password which is 'aL0ns0071!'
This would be difficult to remember so we can write it down in a code the makes it easy to remember. My code for this password would be:
f1-3-ex
I know my F1 password element is 'alonso' with my conversion technique applied. The 3 represents the first 3 digits of my memorable number and the ex means an exclamation mark.
By using various combinations of different password elements, different numbers of digits from my memorable number and various special characters I can make many secure passwords without having to remember them character by character.0 -
I never have used this feature, always seemed like an unnecessary risk to me.0
-
And in other news - people without Anti Virus software installed are more likely to get infected.0
-
What it does though is store all your user ids on mobile chrome0
-
Personally, I find it easiest to use a password generator that allows you to create a password without even typing it in and then stores the password for one-click entry but using high-level encryption. You need to have a master password setup to be able to use the service, which protects against this type of fault.
The simple truth is that nobody should be using public terminals or shared computers to access sensitive information because not only can these problems occur but they can also be relatively easily inserted with keyloggers and other scripts designed to steal information.0 -
Million_Percent wrote: »My advice:
1. Never use the password save feature of a web browser...
Exactly! can't see the point of saving them anywhere.Posts are not advice and must not be relied upon.0 -
Can it be added the to article ways of maintaining the functionality of storing passwords on your computer but with improved security through the likes of password add-ons such as lastpass?0
-
This is not news. Its been like this for years.
Your meant to have a password for each user that uses the computer.0 -
I agree it's not sensational news, but it does highlight how easy it is to find out somebody's passwords. Find one and you've probably got the password they use for many sites.
If a Chrome user left their computer unattended for a few minutes, someone that way inclined could jump on and find out their stored passwords. Chances are that it would reveal their account login password as well. It's the sort of thing that gets kiddie hackers going - they can impress their mates and cause chaos with their "hacking" skills.I’m a Forum Ambassador and I support the Forum Team on the In My Home MoneySaving, Energy and Techie Stuff boards. If you need any help on these boards, do let me know. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com.
All views are my own and not the official line of MoneySavingExpert.
0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.9K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.9K Work, Benefits & Business
- 598.8K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards