http://planetside2.eu/teasers/261-im...to-our-players
So, yeah take the usual/necessary precautions and all that.
http://planetside2.eu/teasers/261-im...to-our-players
So, yeah take the usual/necessary precautions and all that.
MOTHERFUCKINGMOTHERFUCKER WETOPWIGOWMRIOHEMRHiqwmeroimoism ergoEPMTOIMEpMoiMGWEOIMIMWOIEG
How can they not learn to allow passwords longer than 20 characters.
- Tom De Roeck.
monochrom & verse publications
"Quantacat's name is still recognised even if he watches on with detached eyes like Peter Molyneux over a cube in 3D space, staring at it with tears in his eyes, softly whispering... Someday they'll get it."
They could allow passwords longer than 200 characters, the average player and internet user isn't going to use a long password, I wouldn't be surprised that if the list got leaked we saw such gems as Qwerty123 and Password1Originally Posted by QuantaCat
Long passwords means shit when someone manages to access the database with mail/passwords since well... they have your password or the hash used for password verification. (storing peoples passwords and/or creditcard info in clear text should be a capital offense). The most important bit here is to never ever use the same password as you use for your email account that way they cannot use this info to get access to pretty much everything else you have by password resets etc.
Overly complicated passwords has zero, zilch effect on security, rather the opposite as people write them down to remember them, and when they are forced to change they just add a number at the end.
Best thing to do, choose a memorable word and add "flavour". For example (I don't use this and neither should anyone else now) "R0(kP4p3rSh0tGun%!", although like you say if theyve hacked a server and decrypted your password this creates zero difference
Or a sequence of words that do not form a sensible sentence, but that are easy to summon a memorable image from. See: http://xkcd.com/936/
My personal favourite is sentence acronyms. Nice long ones. Look random to the unknowing eye, hard to memorise in a few seconds from a casual glance, but easy to recall so long as you know the sentence itself. betrslayktsi.
mickygor, Battlefield 3
Otmer, League of Legends EUW
Bastiat, Planetside 2, Miller NC
I do write down my passwords on paper. That's right, you heard me! PAPER!
Hear from the spirit-world this mystery:
Creation is summed up, O man, in thee;
Angel and demon, man and beast art thou,
Yea, thou art all thou dost appear to be!
My personal favourite is http://keepass.info/ and use it to generate and store a random password for each and every login I use. You can instruct it to generate a password of X length using some Y set of characters.
I synchronize the keepass file across devices with Dropbox, and that's secure because it itself is encrypted with a master password. So you have one huge ass password you have to remember that unlocks all your other passwords.
Love that one. So educational!
Also interesting, since what I worry about most is using similar/the same passwords for multiple things (though obviously nothing important).
I also use the XKCD method, quite usefull and easy to remember. Also not easy for any hash bashed method to unlock.
also note that many mail applications/providers support the yourmailadress+string@domain.tld This means that you can fill in your emailadress in forms followed by a + and then a string. The mail will be send to your adress, but sendto has the string attached. This way you can see where the spam is originating from, or what company is selling your mail adress. Quite usefull.
It's a great tool and I highly recommend it.
Until spammers get wise and remove the + and everything up until the @.
Concern with the XKCD method is that there isn't actually a lot of entropy there.
There's high entropy in a 4-word password if you brute force all character possibilities, but a smart attacker will get a dictionary and start combining those words, dramatically reducing the search space. Your 4-word dictionary password will be about as good as a 7 character random one (in the same order of magnitude).
If you really want to be secure, replace some characters in those dictionary words. That'll dramatically shoot up the entropy. So instead of correct horse battery staple, how about c0rrect horse battery stapl&.
This is all pretty academic. Most password breaches are from password reuse and weak passwords. If you care enough to use a correct-horse-type password, you're pretty safe anyway.
Last edited by Boris; 28-02-2013 at 10:55 AM.
For now, it works though.
Yeah. I'm glad it's not a really well known trick at the moment because that's the only thing keeping spammers from circumventing it.
To expand on the XKCD one, you can use more than four words and more than one language.
Five random words in five languages. Still easy for humans to remember but makes it more difficult to crack.
I find the best solution is to just use throw away email accounts.
I second keepass.
As well as on my desktop and notebook, I have a tiny USB keyring that I keep my keepass database on, along with portable versions (windows and linux) which means I can use it on pretty much any computer I end up using.
I was more annoyed by them because I have a system I use for all my passwords, and it usually is longer than 20 characters and still easy to remember.
- Tom De Roeck.
monochrom & verse publications
"Quantacat's name is still recognised even if he watches on with detached eyes like Peter Molyneux over a cube in 3D space, staring at it with tears in his eyes, softly whispering... Someday they'll get it."
Posting Permissions
Reply With Quote
