USAA
Chase online banking
Marine Online
TWW
Skype
SIPRnet
vault combinations at work (2 locks)
MarineNet (online training)
mission planning computers (at work)
mission planning computers system admin log-on


There are probably a dozen more...that's just what comes to mind immediately. It's to the point where I don't even try to remember some of them...I just click "forgot my password" and go through the pain of resetting it every time I need to access it. I hate that they all have different requirements, and then half of them expire after like 30 days or whatever, and you can't recycle any of your last 10-20 passwords.

We need to get some commonplace fingerprint/retina scanning, or voice recognition, or something. Hell, at LEAST a common set of requirements so I can use the same password on most things.

9/15/2009 7:09:12 PM

just get tattoos of them

don't need to bring big brother into this

9/15/2009 7:10:21 PM

send me a PM of them and when you forget i'll reply back with your passwords

9/15/2009 7:10:58 PM

type em here and look em up evrytime

9/15/2009 7:11:14 PM

i only use about 3 different passwords

[Edited on September 15, 2009 at 7:12 PM. Reason : for dozens of accounts]

9/15/2009 7:11:41 PM

I know your pain

I have at least 5 different ones just for work... all expire every 30 - 60 days, at which point you have to make another incredibly strong password, that hasn't been used in the past 3 years.

most of my govt. customer counterparts have a controller card, which seems easier. but I'd imagine it's also pretty easy just to steal the controller card


^ yeah, most people do that. it's pretty dumb. if one password is jeopardized, then so are several private accounts

[Edited on September 15, 2009 at 7:14 PM. Reason : a]

9/15/2009 7:13:08 PM

oh if a couple of my companies ever figure some shit out

i probably won't exist anymore

9/15/2009 7:13:41 PM

Get a blackberry and use the password locker app that comes with it.

Then you've got just one password to remember so you can access your list of all your other passwords.

I wouldn't be able to live without it. Some of my passwords are 14 characters long with 2 uppercase, 2 lowercase, 2 numbers, and 2 symbols. Super convenient. Of course, you can't just go and break your cellphone contract and buy a new phone, so it's not an ideal solution.

Also, I see that you actually have the same length passwords that I do (most likely).

I'd definitely appreciate the use of biometrics in lieu of stupidly long and complex passwords.

[Edited on September 15, 2009 at 7:15 PM. Reason : ^^ I think there's a password you use with the controller card as well.]

9/15/2009 7:14:45 PM

half of them are SECRET

and the other half are my banking information and stuff

oh, thought of a couple more:


Scottrade
Naval Flight Weather Briefer
eBay

not to mention stuff like Amazon.com, Buy.com, cyclesector.com, and other forums that I try when I have a specific question about something (s2ki.net, greenhulk.net, esportbike.com, airwarriors.com...)



some of them are set to auto-login on my home computer (or primary work computer), but when i log on somewhere else, i usually just have to have a temporary password emailed to me, then change it.



man, I can't even remember what it was now, but there was some SECRET thing for the military that I had to create a password for once that required something like 15 characters...couple uppercase, couple lowercase, couple of numbers, couple of special characters. Couldn't use any of your previous couple dozen passwords, etc. None of that is unusual. The part that SUCKED was that it recognized dictionary words and keyboard patterns, and rejected any password that contained any of them. I finally gave up and satisfied all the stupid fucking requirements, then just wrote the password down.

[Edited on September 15, 2009 at 7:20 PM. Reason : ]

9/15/2009 7:16:05 PM

I was just thinking this same thing today when I got the message in my work e-mail saying it was time to change my password AGAIN!. Sad part is, we have like 5 different programs we have to log into, and none of them talk to each other. And they are on a different time frame for when the passwords need to be changed.

and the most fucked uppest part is that all of the programs (including e-mail) log out after 5 minutes of non-use. So I am constantly all day trying to remember which password i need for which program.

9/15/2009 7:17:05 PM

Get this

http://passwordsafe.sourceforge.net/

and remember just one password for your database. Anytime you have a new password, add it there. This doesn't help you much if you are away from home.

9/15/2009 7:19:07 PM

^ Yeah, but if the passwords he has are secret then he technically has to lock his hard drive up in a safe after putting them on the computer.

If it's his home computer, then putting them on there's a security violation.

I'd still recommend using a blackberry or iphone app for all the "other" passwords.

[Edited on September 15, 2009 at 7:25 PM. Reason : Can't install that software on a military computer anyway.]

9/15/2009 7:22:21 PM

use firefox, then set it up to save passwords using a master password

that way all you need is one password for it to fill in all of them

if course, this limits you to one browser on one computer, so...

9/15/2009 7:23:26 PM

i use a system for my passwords
i have one general personal, one sensitive (bank etc)

plus at the end i add a number that relates to the website, like the number of letters in the website

so even if i forget all i have to know is the 1 of 2 passwords and count the letters

9/15/2009 7:26:50 PM

^^IIRC, those are stored in plain text.

I use https://lastpass.com/ and there's a system intact if you forget your master password.

[Edited on September 15, 2009 at 7:32 PM. Reason : .]

9/15/2009 7:30:53 PM

There are at least 15 passwords I have to remember for work. Unfortunately, due to the different rules of the different systems I use, most can not overlap.

9/15/2009 7:57:16 PM

Quote :

"There are probably a dozen more...that's just what comes to mind immediately. It's to the point where I don't even try to remember some of them...I just click "forgot my password" and go through the pain of resetting it every time I need to access it. I hate that they all have different requirements, and then half of them expire after like 30 days or whatever, and you can't recycle any of your last 10-20 passwords."

Yeah, half the fucking sights I have to log into for work must include no repeating characters, at least one numeral, at least one upper and lower case letter, at least one Mandarin Chinese character, one Egyptian hieroglyph, and two Hebrew numerals.

And like Duke said, they expire every 30 - 90 days and you can't use your last 20 passwords.

9/15/2009 8:00:54 PM

HP requires a 15 character password, however they make up for it by letting you keep it for a year

9/15/2009 8:04:20 PM

I know!! I have 8 at work (hard drive, log in, LotusNotes, SAP1, SAP2, Sharepoint, vmail, SRA access) all of which have to be changed every 30-60 days and cannot repeat within 12 months, 4 banks, 2 credit card, mortgage account, 2 retirement accounts, 3 email, 2 hotel, 3 airline, and about 18 other online accounts (ie orbitz, amazon, ebay, etc)...

I cheat at work... I have to. I have a folder that has my passwords. But double lock it up at least.

9/15/2009 8:13:58 PM

Just write them on post it notes and stick 'em to the monitor like my grandmother.

9/15/2009 8:14:23 PM

a few months ago i changed my passwords for every site i have used in the last 2 years and it was well over 150 sites i had to change

9/15/2009 8:26:09 PM

just change the password for all of them to "password"

9/15/2009 8:30:15 PM

I wish I could change them all at the same time to keep the changes consistent, but it never seems to work out that way.

9/15/2009 8:31:24 PM

me too! i just had to change my school email password and they make me make it like 9 letters long with a cap a number and a symbol

i cannot remember all that

9/15/2009 8:41:11 PM

Quote :

"The part that SUCKED was that it recognized dictionary words and keyboard patterns, and rejected any password that contained any of them. I finally gave up and satisfied all the stupid fucking requirements, then just wrote the password down."

ha ha yes, I've noticed this myself. In the end those rules make passwords less secure because people get frustrated and write them down. is that ironic?

One suggestion I got was to make up a sentence and make your password the first letter of each word, with some letters written as symbols or caps or whatever. great, so now I have to remember a whole sentence and which letters were different and this is supposed to be easier? thanks for nothing

9/15/2009 10:58:47 PM

I heard someone say at a defense contractor site that they would just add numbers to the end of their 'default' password; MyPassword1, MyPassword2, MyPassword3, ...

9/15/2009 11:00:16 PM

Quote :

"a few months ago i changed my passwords for every site i have used in the last 2 years and it was well over 150 sites i had to change"

it's that time again

12/13/2010 1:08:42 PM

I've used the same one password for everything since 1999

Living on the edge

[Edited on December 13, 2010 at 1:15 PM. Reason : and there are at least three other people who know that password now that I think about it]

12/13/2010 1:10:54 PM

Quote :

"I've used the same one password for everything since 1999 Living on the edge"

You dumbass.

Now qntmfred can log into all your accts.

J.k

We're not stupid. Different websites require different stipulations for what they consider to be a safe password. "Must be 6 letters, have a number, symbol, begin with a capital letter" there's no way you can have the same password. Even if you tried to do a universal password, some deny symbols altogether and some require them. I stand by my statement.

12/13/2010 1:25:24 PM

u wrong

12/13/2010 1:27:42 PM

qntm are you saying that the tww db was compromised?

or are you talking about the gawker thing?

12/13/2010 1:27:43 PM

you can use a password vault on your non-classified computer, and I'm sure the techs on the classified side of the house have something similar. Since you don't (or at least you fucking should not be) use your unclassified computer/network to access the classified network, you should be good to go.

That's what I did when I was working on both unclassified and classified systems.

12/13/2010 1:30:46 PM

^^ gawker. i've been meaning to update stuff for a while now anyways

12/13/2010 1:32:49 PM

We've made a thread like this before.


Just make a file on your computer.

Put it somewhere obscure on your computer. Example(Replace/Append a .doc file in a readme section of some program you never use.)

Even if they do a search for this file, readmes are everywhere on your computer and are plentiful and are boring to read.

If you're STILL afraid that they'll be able to find the file, password protect the file.

If you're STILL convinced that they'll be able to hack that, then design your own crypt for the information. For example, if your password is dog, type "Kodof9Ldo%PPLlg" The decrypt code is "Whats the second lowercase letter after each last instance of a capital letter". <--- don't write it down.

Shit can't be cracked unless you tell someone.



[Edited on December 13, 2010 at 1:35 PM. Reason : .]

12/13/2010 1:33:49 PM

Ah good old Please enter a 16-26 character password that follows the following 20 or so odd rules.

12/13/2010 1:45:00 PM

i like to keep it simple. i use the tinyurl to tww and its wins

12/13/2010 1:46:58 PM

I'm irritated by inconsistent password requirements/rules. One site demands that I have special characters, mixed cases, and numbers, and the other site refuses anything that isn't just numbers and letters.

12/13/2010 2:58:35 PM

I used several versions of one password as well

Its so profanely obscene that no one would ever guess it

12/13/2010 3:04:25 PM

FF add-on: Sxipper


greatest ever

12/13/2010 3:47:31 PM

Quote :

"Just make a file on your computer. Put it somewhere obscure on your computer. Example(Replace/Append a .doc file in a readme section of some program you never use.) Even if they do a search for this file, readmes are everywhere on your computer and are plentiful and are boring to read."

I wouldn't even look for your password, I'd just compile a dictionary of every word on your hard drive and enter that dictionary into my password cracker. You're talking like 30 seconds of work here. Chances are there will be another instance of that password in your SAM, NTUSER, or browser history if it isn't in plain text somewhere else on your drive.

Quote :

"If you're STILL afraid that they'll be able to find the file, password protect the file."

See above. This isn't going to stop any forensics person from accessing the file.

Quote :

"If you're STILL convinced that they'll be able to hack that, then design your own crypt for the information. For example, if your password is dog, type "Kodof9Ldo%PPLlg" The decrypt code is "Whats the second lowercase letter after each last instance of a capital letter""

This would be a little more difficult and mostly more time consuming because the special characters, but between stemming and other password cracking tools this isn't stopping any forensics person worth a shit.

[Edited on December 13, 2010 at 3:51 PM. Reason : .]

12/13/2010 3:48:39 PM

^^^ n1gg3rn4z1cl34v3l4nd$734m3rR4p157

[Edited on December 13, 2010 at 3:50 PM. Reason : ^ I'll kick you in your Ribs]

12/13/2010 3:50:02 PM

cleveland?

12/13/2010 3:52:00 PM

indians?

I'm not so much a fan of biometric security features as I am cognitive.

For instance, let's say you are assigned 5 faces of unknown people when you create a password for an online bank. Every time you log on, it will show 25 faces and anywhere between 1-5 of "your" faces will show up. You have to correctly pick out these faces each time. It's easy for the end user to remember the faces of the assigned people, but someone trying to access your account would never be able to get through that portion of the login.

[Edited on December 13, 2010 at 4:04 PM. Reason : .]

12/13/2010 3:54:19 PM

Quote :

" This would be a little more difficult and mostly more time consuming because the special characters, but between stemming and other password cracking tools this isn't stopping any forensics person worth a shit."

there's no password cracking tool to decode a code within your own readme text file. Nothing is going to respond saying "access granted" or "access denied". They'll never be able to crack it. ever.


Unless you tell them the key.

noob.

[Edited on December 13, 2010 at 4:22 PM. Reason : .]

12/13/2010 4:21:30 PM

You should stick to pizzas, n00b, because Accessdata's password recovery toolkit will crack that.

I do digital forensics for a living btw

12/13/2010 4:39:56 PM

There's nothing to crack you idiot

12/13/2010 4:50:51 PM

your pussy "encryption"

if that's what you want to call it

[Edited on December 13, 2010 at 4:55 PM. Reason : sausage or pepperoni?]

12/13/2010 4:54:32 PM

Your trolling sucks.

[Edited on December 13, 2010 at 4:56 PM. Reason : My 3 year old son can troll better.]

12/13/2010 4:55:39 PM

correct me if I'm wrong. But AccessData password recovery toolkit only works on executable applications or files on the host machine, not cracking a cypher or a bit encryption of a password, in which the password would need to be accepted by a server that's probably not going to be on the host network.

I'm gonna go with GeniuSxBoY on this one since the key could be anything, the readme file would be useless.

12/13/2010 5:12:08 PM

I answered the question incorrectly in my initial response.

PRTK wouldn't be able to crack an internet password. What I would do is make a golden dictionary from the host machine and then try those passwords server side.

I was really just trolling though.

12/13/2010 5:25:09 PM