MSE guide discussion - 60 seconds on password managers
Comments
-
"It is secure "ish" , the password is stored as a hash in the computer rather than plain text."
Really? Could you explain how you think that works? If the local computer stores a hash of the password, how would it supply the original to the website that is being authenticated to?
Local password safes are just a special case of password managers: they store an encrypted version of the password, not hashed.0 -
No but if someone rings your bank pretending to be you and saying they've forgotten the password, how are they going to contact you?Ha theres no way im giving google my banking password
And if the attacker has already used your email account to get a password reset with your mobile provider, and requested a replacement SIM for your mobile beforehand, you could be in trouble.
It won't work with everyone, and perhaps you personally have other ways to prevent this sort of scenario, but generally someone who knows your email password can cause a lot of trouble.0 -
securityguy wrote: »"It is secure "ish" , the password is stored as a hash in the computer rather than plain text."
Really? Could you explain how you think that works? If the local computer stores a hash of the password, how would it supply the original to the website that is being authenticated to?
Local password safes are just a special case of password managers: they store an encrypted version of the password, not hashed.
Yeah sorry im quite busy here ...
I was referring to the windows passwords which are stored in the sam registry hive (system32\config\sam). Hashed using LM or NTLM0 -
Jivesinger wrote: »No but if someone rings your bank pretending to be you and saying they've forgotten the password, how are they going to contact you?
.
I would hope that the last thing they would do would be to email me a new password !!
I would expect a letter inthe post with a scratch off thing0 -
-
6 seconds on password management:
Note the passwords down IN CODE somewhere safe and convenient, make them lengthy, mix/slot in some numbers mid-word/phrase, and don't choose anything obvious like offspring/pet names, football teams, or birthdays
Forget complicated password schemes and strange characters, because they are no more secure, and you will undoubtedly forget them or !!!! them up once you get to more than three
...and then don't use it for PlusNet. When I was on the phone to them the operator said "ooh, that's a really secure password you've got there!"
Well, yes, it was until your system plastered it all over your screen.0 -
It doesnt - As i said i have my hands full and was skim reading.
My humble apologies0 -
anotheruser wrote: »
My least secure says: 200 milliseconds
My medium-secure says: 16 hours
My most secure says: 3000 years
EDIT: Ha ha, person above me says about levels too!
For now, until quantum computers. :eek:Science isn't exact, it's only confidence within limits.0 -
Just checked my main passwords I use for various things.
The slowest was 34,000 years so I think I'm reasonably safe.
I agree that brain and (potentially) ink are best (but I've never written a password down in my life!).:wall: Flagellation, necrophilia and bestiality - Am I flogging a dead horse? :wall:
Any posts are my opinion and only that. Please read at your own risk.0 -
Invisible ink and Alzheimers for you then;)Just checked my main passwords I use for various things.
The slowest was 34,000 years so I think I'm reasonably safe.
I agree that brain and (potentially) ink are best (but I've never written a password down in my life!).🍺 😎 Still grumpy, and No, Cloudflare I am NOT a robot 🤖BUT my responses are now out of my control they are posted via ChatGPT or the latest AI0
This discussion has been closed.
Categories
- All Categories
- 343K Banking & Borrowing
- 250.1K Reduce Debt & Boost Income
- 449.6K Spending & Discounts
- 235.1K Work, Benefits & Business
- 607.8K Mortgages, Homes & Bills
- 173K Life & Family
- 247.8K Travel & Transport
- 1.5M Hobbies & Leisure
- 15.9K Discuss & Feedback
- 15.1K Coronavirus Support Boards