Brett
Guest
I use WinRAR archiver with encrption for storing passwords.
I remember most passwords but as I get older ....
I remember most passwords but as I get older ....
I have always understood it that the compromised data (passwords, ssn's etc) are available for sale. You just don't know when it will happen. If you have been exposed in a data breach it's already out there. I know that the chrome password manager will tell you if you have a compromised password.I don't get the deal about changing passwords periodically.
If no one "found" your password in the last 90 days, I'd
think that means it's still a good password going forward.
.
It is rare that plain text passwords are compromised. What is compromised is usually encrypted passwords. The longer the password, the longer it would take them to decrypt it. Thus why you want longer passwords vs shorter but harder to remember ones;So, I dont really understand why you need a long password. Is a 25 character password that much safer than a 8 or 9 character password?
Do they really hack anyones indiividual account? They just get the information from lists of passwords that come from files that have been hacked? How would the length make you safer?
I have a basic password I use on many sites - similar to TUG. What is there to hack from TUG or Shoprite or Cruise Critic or similar? I use more unique passwords for important sites.
Each additional character makes the possible combinations to guess the password exponentially larger, which in turn means it takes exponentially longer to guess by brute force (trying different combinations over and over and over...). With a long enough password and enough possible characters to choose from (which is why adding in numbers and special characters is encouraged) for each space, it could take even a high-powered computer years to crack it. Shorter passwords, especially with only letters, can take considerably less time.So, I dont really understand why you need a long password. Is a 25 character password that much safer than a 8 or 9 character password?
Do they really hack anyones indiividual account? They just get the information from lists of passwords that come from files that have been hacked? How would the length make you safer?
I have a basic password I use on many sites - similar to TUG. What is there to hack from TUG or Shoprite or Cruise Critic or similar? I use more unique passwords for important sites.
a passphrase is very good as password and easier to remember it but you must create an unknown one like you did in your example and not use a common or famous citation like betterlatethennever, tobeornottobethatisthequestion because hackers may try those passphrases like they try password, abc123, qwerty, all other well known weak passwords and all compromise passwords from lists available on the dark web.It is rare that plain text passwords are compromised. What is compromised is usually encrypted passwords. The longer the password, the longer it would take them to decrypt it. Thus why you want longer passwords vs shorter but harder to remember ones;
How an 8-character password could be cracked in just a few minutes
Learn how an 8-character password can be cracked in just a few minutes and how you can protect your password from security threats.www.techrepublic.com
As for basic sites, as long as you don't use the same password for sensitive sites such as banking or sites that may store your payment information then you should be fine. In either case, if you are using some kind of password keeper software (like the ones mentioned in the thread title), then why not create a complex password for all sites you sign up for since you don't need to actually remember them all.
Edited to add;
It seems that easy to remember phrases are good to use, easy to remember and still hard to crack; Something like "mydogwenthikingtobuysomecarswith50$"
I use Last Pass. I use a very very difficult master password and yes now I've changed it. Since they were hacked, although all is encrypted, I've changed PW on all my financial accounts. I use the longest most complicated ones allowed by a given site. Unfortunately there are still many sites that have smallish password criteria.
The biggest change I've made is to eliminate allowing my main bank to have access to all my outside accounts. I liked that so I can see them in one place. Inconvenient but I don't trust that anymore. Also have been advised to never let your password manager know your email password. And I'm considering using more than one password manager thereby splitting up accounts. Sigh....
I get it through my son’s family plan, which he gets from his employer. Part of what makes me trust it is that it’s a large international company that is still using it when they tell their employees to get off it I guess I will too.My company offers me a free lastpass account, but I havent used it.