Posted: 6/29/2010 6:42:04 PM EDT
|
How many passwords for various online accounts of any type do you have to remember?
I usually tend to use variations of a similar password, but I use different levels of complexity depending on the level of importance. My AKO (Army Knowledge Online) password is especially frustrating though. It easily has the most complex requirement of any account I use, and wants me to change it I think every 60 days (maybe less, I don't remember). I usually don't write passwords down, but I think for accounts like AKO, I'm going to have to start. |
|
Quoted:
14 character, 2 special characters, 2 numbers, Upper and Lower case ....and they expire every 60 days. Damn government computers. And the IT guys and auditors act suprised when they find out we all write down our super secret passwords. this for about 10 different accounts |
|
Quoted:
14 character, 2 special characters, 2 numbers, Upper and Lower case ....and they expire every 60 days. Damn government computers. And the IT guys and auditors act suprised when they find out we all write down our super secret passwords. Yep. And, when you change it, it can't match one of your last ten passwords I believe. Sometimes when changing it, I'll get a message saying that it's too similar to my last password. 
|
|
One - the one for KeePass.
Inside of KeePass I have over 70 last time I check. When I make a change on one I email it to my gmail account so I can get to it from anywhere. I use a conditional access card with a pin to get into my work computer and from there or at home I get into KeePass. |
|
Quoted: 14 character, 2 special characters, 2 numbers, Upper and Lower case ....and they expire every 60 days. Damn government computers. And the IT guys and auditors act suprised when they find out we all write down our super secret passwords. You forgot the part where you can't use your last 9 passwords(well that's a rule at the place I used to work) It's surprising that all these so called security experts fail to realize that the more complicated you make your security systems for the end user the more likely they are to write their passwords down on a little piece of paper under their keyboard. Smartcards, fingerprints, and a simple password scheme would be more secure. |
|
Quoted:
Quoted:
14 character, 2 special characters, 2 numbers, Upper and Lower case ....and they expire every 60 days. Damn government computers. And the IT guys and auditors act suprised when they find out we all write down our super secret passwords. You forgot the part where you can't use your last 9 passwords(well that's a rule at the place I used to work) It's surprising that all these so called security experts fail to realize that the more complicated you make your security systems for the end user the more likely they are to write their passwords down on a little piece of paper under their keyboard. Smartcards, fingerprints, and a simple password scheme would be more secure. PKI FTW. Single sign-on is where it's at. |
|
Quoted:
Quoted:
14 character, 2 special characters, 2 numbers, Upper and Lower case ....and they expire every 60 days. Damn government computers. And the IT guys and auditors act suprised when they find out we all write down our super secret passwords. You forgot the part where you can't use your last 9 passwords(well that's a rule at the place I used to work) It's surprising that all these so called security experts fail to realize that the more complicated you make your security systems for the end user the more likely they are to write their passwords down on a little piece of paper under their keyboard. Smartcards, fingerprints, and a simple password scheme would be more secure. Yep, I've always thought the same thing. Seeing the progression of more and more complex password requirements for various systems got to the point of being laughable. |
|
Agree. There are some other password managers to fit different preferences. I have a different password for virtually every login that I have (and I have a bunch, >100), and I remember maybe 3 of them that I use frequently, and of course the password for my password manager. |
|
Quoted:
Quoted:
14 character, 2 special characters, 2 numbers, Upper and Lower case ....and they expire every 60 days. Damn government computers. And the IT guys and auditors act suprised when they find out we all write down our super secret passwords. You forgot the part where you can't use your last 9 passwords(well that's a rule at the place I used to work) It's surprising that all these so called security experts fail to realize that the more complicated you make your security systems for the end user the more likely they are to write their passwords down on a little piece of paper under their keyboard. Smartcards, fingerprints, and a simple password scheme would be more secure. I've been saying that for years. |
|
Quoted: 14 character, 2 special characters, 2 numbers, Upper and Lower case ....and they expire every 60 days. Damn government computers. And the IT guys and auditors act suprised when they find out we all write down our super secret passwords. well, you can store those in an approved locked container you know. |
|
Quoted: Quoted: Quoted: 14 character, 2 special characters, 2 numbers, Upper and Lower case ....and they expire every 60 days. Damn government computers. And the IT guys and auditors act suprised when they find out we all write down our super secret passwords. You forgot the part where you can't use your last 9 passwords(well that's a rule at the place I used to work) It's surprising that all these so called security experts fail to realize that the more complicated you make your security systems for the end user the more likely they are to write their passwords down on a little piece of paper under their keyboard. Smartcards, fingerprints, and a simple password scheme would be more secure. Yep, I've always thought the same thing. Seeing the progression of more and more complex password requirements for various systems got to the point of being laughable. The most laughable password requirement I ran into was for a staffing agency a few years ago just to able to create an account and upload my resume. They had in their rules you could not have any repeating character what so ever, in addition to requiring a captal letter, numbers, and special character. Now I know some repeating character rules are to prevent things like 1111 aaaa ect ect. This one was so wacked out something like Asshole1990 was not allowed because of the double s and the double 9.  The only way I would have been able to create a password would have been something so complex and way out of left field I would have to write it down. Considering what was being "secured" it was way too much trouble. |
|
Quoted:
Quoted:
14 character, 2 special characters, 2 numbers, Upper and Lower case ....and they expire every 60 days. Damn government computers. And the IT guys and auditors act suprised when they find out we all write down our super secret passwords. You forgot the part where you can't use your last 9 passwords(well that's a rule at the place I used to work) It's surprising that all these so called security experts fail to realize that the more complicated you make your security systems for the end user the more likely they are to write their passwords down on a little piece of paper under their keyboard. Smartcards, fingerprints, and a simple password scheme would be more secure. YES, YES, YES. Especially when all twelve passwords have different requirements. I started writing them down in my phone after three. I've got better things to devote my memory to. |
|
Quoted:
How many passwords for various online accounts of any type do you have to remember? I usually tend to use variations of a similar password, but I use different levels of complexity depending on the level of importance. My AKO (Army Knowledge Online) password is especially frustrating though. It easily has the most complex requirement of any account I use, and wants me to change it I think every 60 days (maybe less, I don't remember). I usually don't write passwords down, but I think for accounts like AKO, I'm going to have to start. Now you have that retarded "Knowledge Based Authentication". It requires you to answer all sorts of retarded questions in order to access AKO. Essentially requiring any home user to buy a CAC reader. |
|
Quoted: A lot. The thing that sucks, is that a lot of sites don't allow you to create secure passwords. I can't tell you how many times I try to use one of my good ones, only to see "You cannot use special characters". Sounds like shitty database programming. Try requiring a special character but because of database constraints you can only use ~.  . |
|
You need a personal password policy that is easy to remember and includes information about the sight\application and year and month. Create a policy of your own and stick with it. For example not using my personal information: Date Of Birth: 07/07/77 Sight of Password: www.ar15.com Other sight using same policy: www.10-8forums.com This month\Year June 2010 Password: 07aR15cOm77 <-policy = Month of Birth + sight name lower,caps, lower,caps,~ + year born -> 07108fOrUmS77 Password: 06aR15cOm77 <- policy = Current month (changed in 30 days) + sight name lower,caps, lower,caps, + year born. -> 06108fOrUmS77 Password: 7777wwwAr <- policy = month date year of birth + application (www) + first two letters of sight, fist caps. -> 7777www10 "Hard" passwords can include special characters in your policy. |