Go Back  DVD Talk Forum > General Discussions > Tech Talk
Reload this Page >

Too Many PASSWORDS to Remember in this day and age ?

Tech Talk Discuss PC Hardware, Software, Internet and Other Technology

Too Many PASSWORDS to Remember in this day and age ?

Old 02-23-08, 12:04 AM
  #1  
Suspended; also need updated email
Thread Starter
 
Join Date: Aug 1999
Posts: 16,564
Likes: 0
Received 12 Likes on 11 Posts
Too Many PASSWORDS to Remember in this day and age ?

I've got a good memory but hell even i struggle with all the passwords and pins i have to remember. You have pins, internet banking logins, work systems logins, forum logins, other website logins (ebay, paypal etc), internet commerce logins (e.g. Amazon.com).

IT's getting ridiculous !
Old 02-23-08, 12:14 AM
  #2  
DVD Talk Legend
 
Cardsfan111's Avatar
 
Join Date: Feb 2007
Location: Indiana
Posts: 17,474
Likes: 0
Received 31 Likes on 21 Posts
It wouldn't be so bad, but so many sites/places have different rules for passwords. Minimum of 6, 8 or 10 characters. Certain number of letters, certain number of numbers, certain number of non-letters and numbers. Then you have to change your password once every 30, 60, 90 days. I'm like you, OP. I've clicked on a 'forgot your password?' link more than once in the last couple of months...
Old 02-23-08, 12:20 AM
  #3  
DVD Talk Gold Edition
 
amplified's Avatar
 
Join Date: Jun 2000
Location: Minnesota
Posts: 2,255
Likes: 0
Received 1 Like on 1 Post
No Kidding

Old 02-23-08, 12:47 AM
  #4  
Cool New Member
 
Join Date: Sep 2007
Location: Alexandria
Posts: 31
Likes: 0
Received 0 Likes on 0 Posts
I had to resort to keeping a list of my passwords in an encrypted file (which of course itself requires a password). So far I have 16 items. Email accounts, school, credit cards, store sites, insurance..... and that doesn't even include the ones I need for work - that's another 5 or so.
Old 02-23-08, 01:08 AM
  #5  
Suspended; also need updated email
Thread Starter
 
Join Date: Aug 1999
Posts: 16,564
Likes: 0
Received 12 Likes on 11 Posts
Cronius, the problem with that is if someone gets that file and cracks the password, they have your whole life !

i avoid like the plague writing down passwords.
Old 02-23-08, 01:27 AM
  #6  
DVD Talk Ultimate Edition
 
Join Date: Aug 2002
Location: Bonney Lake, WA
Posts: 4,278
Likes: 0
Received 0 Likes on 0 Posts
I used to keep all my logins/passwords to various sites in a text document, one line for each. I was up over 200 when I decided to use something a little more secure.

Right now I use the open source program KeePassX, but I think I'm going to try to find something different. It uses 256 bit AES encryption, but it's a little too unpolished for me.
Old 02-23-08, 02:34 AM
  #7  
DVD Talk God
 
kvrdave's Avatar
 
Join Date: Aug 1999
Location: Pacific NW
Posts: 86,189
Likes: 0
Received 2 Likes on 2 Posts
The local MLS requires that I change my password every 6 months. And beyond that, it can't be the same as my past 5 passwords, must contain a certain number of letters, numbers, etc.

So, because of all the passwords I have to keep for these types of silly things that don't impact my banking, etc., I have a list next to my computer of my passwords, etc. I let the MLS know this and told them that their obsession with security has the actually caused the system to be less secure because many people now do this.

Freaking genius.
Old 02-23-08, 02:38 AM
  #8  
DVD Talk Legend
 
Join Date: Aug 2000
Location: Newberg, OR
Posts: 17,281
Received 5 Likes on 5 Posts
Originally Posted by kvrdave
The local MLS requires that I change my password every 6 months. And beyond that, it can't be the same as my past 5 passwords, must contain a certain number of letters, numbers, etc.
If they don't enforce a minimum password age, just change it five times in a row, until it is back to what it started as. origp4ssw0rd->p4ssw0rd2->p4ssw0rd3->p4ssw0rd4->p4ssw0rd5->origp4ssw0rd
Old 02-23-08, 02:38 AM
  #9  
DVD Talk Hero
 
TomOpus's Avatar
 
Join Date: Jul 2002
Location: Kansas City, MO
Posts: 34,626
Received 102 Likes on 81 Posts
Passwords are a piece of cake after having to deal with access to classified material in the Navy. Safe combos and cypher locks... all numerical and you cannot keep a personal record of any of them. Then when you finally get a handle on 'em all, some yo-yo gets their clearance pulled (or someone leaves the department) and the combos have to be changed.

At least with passwords, you can set up your own system that'll make 'em easier to remember. I guess I might be lucky in that I limit how many online places I visit, so the number of passwords needed isn't too bad.
Old 02-23-08, 02:53 AM
  #10  
DVD Talk God
 
kvrdave's Avatar
 
Join Date: Aug 1999
Location: Pacific NW
Posts: 86,189
Likes: 0
Received 2 Likes on 2 Posts
Originally Posted by Jeremy517
If they don't enforce a minimum password age, just change it five times in a row, until it is back to what it started as. origp4ssw0rd->p4ssw0rd2->p4ssw0rd3->p4ssw0rd4->p4ssw0rd5->origp4ssw0rd

It is past 5 passwords or past 6 months.
Old 02-23-08, 02:59 AM
  #11  
Senior Member
 
Join Date: Aug 2001
Posts: 620
Likes: 0
Received 0 Likes on 0 Posts
That is why I just use 123456789 for all my passwords. It is so easy to remember that way.
Old 02-23-08, 05:53 AM
  #12  
DVD Talk Legend
 
Nick Danger's Avatar
 
Join Date: Mar 2001
Location: Albuquerque
Posts: 24,086
Received 144 Likes on 104 Posts
At work, we have a dozen systems which require login names and passwords. Each has a different login name, and each requires the password to be changed at a different frequency. I use the same password with a number at the end for all of them, and increase the number every time I need a new password.

Then I keep a text file on my desktop with the login name and the current password extension number for each system.
Old 02-23-08, 06:33 AM
  #13  
DVD Talk Gold Edition
 
Join Date: Jul 2002
Location: Exit 10, NJ
Posts: 2,753
Likes: 0
Received 0 Likes on 0 Posts
At work we are trying to tackle this very issue. We are doing a pilot with a password vault called VGo. The company is called Passlogix. It uses 256 AES. The things I like are you only have to remember one password to unlock the vault and you can recover the passwords used at various sites. I have no idea how much it costs but from a corporate standpoint $100/year makes it cost effective.

The big trade off with having one password is that if that ever gets compromised, the thief has access to everything I have.
Old 02-23-08, 10:15 AM
  #14  
DVD Talk Special Edition
 
Join Date: Apr 2004
Location: Texas
Posts: 1,609
Likes: 0
Received 0 Likes on 0 Posts
Originally Posted by Original Desmond
Cronius, the problem with that is if someone gets that file and cracks the password, they have your whole life !

i avoid like the plague writing down passwords.
Maybe he just stores the log-ins and passwords. If I did this I wouldn't label each with there associated website.
Old 02-23-08, 10:21 AM
  #15  
DVD Talk Hall of Fame
 
Join Date: Aug 2002
Location: Triangle, NC, USA
Posts: 8,949
Received 9 Likes on 9 Posts
One of my pet peeves re: logins is
"Your username or password is incorrect, please re-enter".
WHICH ONE?
And if you require number/special characters, tell me that up front.
But yeah, it's getting ridiculous. Especially since virtually every website requires you to 'set up an account' for everything (if I'm entering a contest, I shouldn't have to 'set up an account').
I use Roboform on my home PC, it has at least 150 logins/passwords. Add in ten or so at work (especially with the stringent PW rules they set up), and it gets real confusing.
Old 02-23-08, 11:00 AM
  #16  
DVD Talk Legend
 
calhoun07's Avatar
 
Join Date: Oct 2001
Posts: 14,401
Likes: 0
Received 1 Like on 1 Post
Originally Posted by cardsfan111
It wouldn't be so bad, but so many sites/places have different rules for passwords. Minimum of 6, 8 or 10 characters. Certain number of letters, certain number of numbers, certain number of non-letters and numbers. Then you have to change your password once every 30, 60, 90 days. I'm like you, OP. I've clicked on a 'forgot your password?' link more than once in the last couple of months...
At my job, I do back office work for my bank, and I log in on their system with a certain format of a password. Thankfully, I pretty much use the same password over and over again (we have to change it quarterly) but just change the number at the end (started at 0001 and am up to 0023 at this point...I guess it helps me keep track of the time I am ticking away there...).

We also have a sister bank that I have to access through a remote desktop, and though they use the same software as my bank, their IT department requires a different format for passwords.

The worst I've experienced is the Federal Reserve. I have to access their Fed Line and they constantly require me to change my password and they REALLY don't like you to use anything you had before and change just a few letters. And the worst part is you can't just sign on their site in the morning and leave it up. About every 15 minutes or so you are required to put your password back in, even if you are active on the site. The Federal Reserve's Fed Line site is the most damned annoying thing I've ever come across, and they make you come up with pretty complex passwords or it will reject them (you are dealing with sensitive information, so I can kind of understand) and I am sure the rule about having to re-enter your password every 15 minutes or so is because they want to make sure you didn't just leave your computer and somebody else tried to access the site while you were taking a leak. But it doesn't stop it from being annoying.

I've gotten to a place where, at least at work, I have a Word document saved on my computer with my passwords. Some places let me copy and paste, some don't. At least the Fed Line let's me copy and paste. I will be extremely pissed off if they ever change that.

And it appears to be getting worse...banking sites (my bank was the first I saw roll this out and now my credit card websites and my phone company website does this) are requiring TWO security questions to gain full access to the site, so it's not enough to remember user names and passwords, I now have to remember answers to stupid ass questions and not all of them are questions I would have the same answer to all the time. I think the phone company asked me what country I want to visit the most. Heck, that always changes for me, depending on the mood I am in!

Last edited by calhoun07; 02-23-08 at 11:03 AM.
Old 02-23-08, 11:04 AM
  #17  
DVD Talk Legend
 
calhoun07's Avatar
 
Join Date: Oct 2001
Posts: 14,401
Likes: 0
Received 1 Like on 1 Post
Originally Posted by sjrab16
That is why I just use 123456789 for all my passwords. It is so easy to remember that way.
You must not be accessing anything with sensitive information on it. Anything I deal with at work would NEVER allow anything like that!
Old 02-23-08, 11:16 AM
  #18  
DVD Talk Legend
 
Sean O'Hara's Avatar
 
Join Date: Nov 2005
Location: Vichy America
Posts: 13,533
Likes: 0
Received 0 Likes on 0 Posts
At work we are trying to tackle this very issue. We are doing a pilot with a password vault called VGo. The company is called Passlogix. It uses 256 AES. The things I like are you only have to remember one password to unlock the vault and you can recover the passwords used at various sites. I have no idea how much it costs but from a corporate standpoint $100/year makes it cost effective.
There are several open source programs that do the same thing for free -- KeePass, and Password Safe being the best. You can choose what form of encryption to use. And if you're really paranoid about security, you can protect the password database with both a password and a keyfile on a USB memory stick -- for an attacker to get access to the database, he'd need the memory stick, the password, and access to the computer with the database.
Old 02-23-08, 11:31 AM
  #19  
DVD Talk Legend
 
Sean O'Hara's Avatar
 
Join Date: Nov 2005
Location: Vichy America
Posts: 13,533
Likes: 0
Received 0 Likes on 0 Posts
Originally Posted by dtcarson
One of my pet peeves re: logins is
"Your username or password is incorrect, please re-enter".
WHICH ONE?
That's a good thing. Let's say a hacker has done research on you and selected a hundred words and phrases you might be using as usernames and passwords. If the system lets him know that he got one right, he only has to try a hundred combos. If it doesn't, he has to try a hundred thousand combos to hit every possible iteration.

And if you require number/special characters, tell me that up front.
You should always uses numbers/special characters, even if the system doesn't require it. Maybe for something trivial like DVD Talk it doesn't matter, but in general it's a bad idea not to use numbers and symbols -- and tacking a number to the end doesn't make it much better; you need to do something that can't be figured out through a simple dictionary attack.
Old 02-23-08, 11:34 AM
  #20  
DVD Talk Limited Edition
 
Dr. Henry Jones, Jr.'s Avatar
 
Join Date: Jun 2005
Location: My Car
Posts: 6,750
Likes: 0
Received 0 Likes on 0 Posts
write down your passwords in your diary
Old 02-23-08, 01:09 PM
  #21  
JM
DVD Talk Special Edition
 
Join Date: Dec 1999
Posts: 1,156
Likes: 0
Received 0 Likes on 0 Posts
As mentioned above, KeePass Password Safe is one of the best solutions for securely keeping track of your passwords. It is free and open source, so it is subject to peer review for vulnerabilities or backdoors. http://keepass.info/
Old 02-23-08, 02:54 PM
  #22  
DVD Talk Legend
 
Dr Mabuse's Avatar
 
Join Date: Jun 2007
Location: 75 clicks above the Do Lung bridge...
Posts: 18,946
Likes: 0
Received 2 Likes on 2 Posts
i've always heard RoboForm Pro was the best software for managing passwords and such...

Link...

is also manages forms and etc...

i've always seen it get good reviews...
Old 02-23-08, 05:37 PM
  #23  
DVD Talk Godfather
 
DVD Polizei's Avatar
 
Join Date: Jan 2002
Posts: 53,612
Received 132 Likes on 96 Posts
RoboForm is the way to go, but the "Pro" version only installs on one PC. It remembers which website you go to for entering in a specific password, and will fill it in for you with a simple mouse click. It's made my life much easier in this area.

I bought the USB Flash version, RoboForm2Go, which stores all the encrypted info on the flash drive and runs from the flash drive, leaving no presence on the computer you're using it on. So, you could take it anywhere, on any computer. I'd get the "2Go" version rather than the Pro version.

Other comments on it:

http://forum.dvdtalk.com/showthread.php?t=489916

Last edited by DVD Polizei; 02-23-08 at 05:44 PM.
Old 02-23-08, 06:49 PM
  #24  
DVD Talk Ultimate Edition
 
Join Date: May 2006
Location: Winnipeg, MB, Canada
Posts: 4,813
Likes: 0
Received 1 Like on 1 Post
I just have them all listed in a Microsoft Word document with a password to get into the document.

Only one problem: I forgot the password!
Old 02-23-08, 07:32 PM
  #25  
X
Administrator
 
X's Avatar
 
Join Date: Oct 1987
Location: AA-
Posts: 10,818
Received 19 Likes on 16 Posts
I have hundreds of them written on paper and filed alphabetically by site name.

I don't keep them on the computer which can be compromised. Anybody wants my passwords they'll have to break into my house and I think I'd notice that. Either they'd have to take the file of papers or they'd have to spend a pretty long time copying or photographing them.

Thread Tools
Search this Thread

Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service - Do Not Sell My Personal Information -

Copyright 2018 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.