Doh! What a fool. I've been struggling for a while to think of an easy way to remember passwords for all the usual stuff. They recommend letters and numbers to make guessing/hacking them not too easy....it's just dawned on me....you're all probably doing it already....use car registration numbers.
I'm sorry if it's so obvious - it wasn't to me until 5 minutes ago.
|
First thing one of our tame hackers looks at is the car park......
No idea why............
(the second (after dark) is the rubbish bin or dumpsters outside, they *love* that job)
|
Yes, but I was thinking about past family cars. Having an interest in cars (is that why I'm here?) I can remember all the numbers of my dad's cars going back to 1963. I've got about 15 to choose from.
|
Ah different matter then.......
|
|
|
That's one that I use, my father's first car, a 1949 Ford E93a Anglia.
|
1949 Anglia eh. My Dad used to own one - what was the number of your Dad's car?
|
And the third thing our tame hackers use is called "social engineering" - includes things like asking innocent sounding questions............... :)
|
Well I know what Dulwich Estate\'s pasword is and it sure isn\'t a reg number. I like to play this game in reverse. Start from the password then work out your real identities..... ;o)
Now the paranoia starts!
No Dosh - Backroom Moderator
mailto:moderators@honestjohn.co.uk
|
Distressing, too. I imagined that this would be a secure site where there would be no way for the moderators to find out a password...
|
If you had the faintest idea how many people contact us having forgot their passwords, or set up numerous new accounts for the same reason, you would understand why.
May I suggest that if this worries you, you make a point of NOT using the same password for everything you do? This site doesn't involve any kind of financial transactions so I would be concerned if you are using the same details that you may use for other sites and functions, especially those relating to financial matters.
The comment about playing the game backwards was TIC, hence the " ;o) " afterwards.
|
Have you seen a doctor about that tic?
|
|
|
apable of remmebering sequences of random letters and numbers, and use them where I'm concerned about security.
For those that don't have such good memories, a useful trick is to think of a couple of lines form a song and use the initials. eg, Mary Had A Little Lamb etc gives
MHALLIFWWAS
and to make it a bit more difficult
MhalLiFwWaS
and in a muxed ip year of birth in the middle and you have
MhalL1849iFwWaS
and to really confuse someone, add in some punctuation, easy to remember but difficult for anyonne to geuss.
--
I read often, only post occasionally
|
Alternatively, take the vowels out of something e.g.
pnkpnthr
And if you really want to confuse them, swap a letter with an obvious number
p1nkpnthr
And then change your passwords reasonably regularly. Which reminds me; how do I change my paypal password?
|
Thats ok I changed it from m1pmkr to something else for you....
|
Actually a serious question - I cannot see any way of doing it, and I am sufficiently paranoid to like to change them from time to time.
|
|
|
I use the format abc123d for all of my passwords (each password being different for each account). To this I add a four-figure pin number that stays the same for all passwords (i.e. abc123d9999). I keep two copies of the passwords (without the pin) written down back-to-front (d321cba). To maintain peace of mind I always like to make sure that one copy never leaves my person (even my jammies have a zip), while the other is safely secreted away in the freezer underneath a hundred and twenty five pounds of Mexican tunny fish. However, just recently I have been thinking that perhaps my system is not as secure as it might be and I was thinking that maybe it would be a good idea if the numbers referred to a page out of my favourite book (Being Jordan) while the letters could refer to words appearing on predetermined paragraphs...
|
I shoudn't say this but I use the same password for everything. At Uni, each password is valid for only a few weeks so come expiration time, I have to think of a new one.
I have overcome this with an ingenious idea ;-) What I did was start off with the reg number of my Dad's car. THEN, I was so unimaginative I thought, "Why don't I add the car before that's licence number on", then come next expiration period, yep - you guessed it, the car before that! I'm currently on the F-Reg Golf GTi he used to have but the memory's a little hazy before that; I was only 3 at the time.
Cheers
Adam
|
|
|
I`ve been using an old one for a while.with the amount of motors around I would think it hard to find.and if plate no turned around.well see what I mean?
--
Was mech1
|
Was mech1
Steve, why did you change identity? Didn't forget your password did you? :)
|
>>Steve, why did you change identity?
It is an old nickname which I felt was a bit dated.blow me down its still there.never mind:)
>>Didn't forget your password did you?
I`ve lost track of how many Passwords I have lost/forgotton.so I decided to use car reg.cannot forget that.works for me
--
Was mech1
|
|
|
Will someone tell me why I can remember all the reg numbers of my past vehicles: THX 41, YPX 908, RYD 88, WJO 544, MVA 438 ( continues.......) but not where I just left my car keys?
|
Will someone tell me why I can remember all the reg numbers of my past vehicles: THX 41, YPX 908, RYD 88, WJO 544, MVA 438 ( continues.......) but not where I just left my car keys?
Someone just told me the reason - but I've forgotten what it was!
|
And why can i remember the Reg no of a car I had 25 years ago for 6 months, and not the one currently sitting on the drive for a year?
|
Passwords -
Take a word familiar to you e.g. swimming
mis-spell it e.g. swiming
substitute a number e.g. sw1m1ng
memorable, but totally unguessable.
Never use;
pets name
member of family's name
car make,model or reg no.
Your or family's birthday
etc.
I could find out all of those in conversation or by guessing. But I'd never guess sw1m1ng without specifically asking you.
But I can remember it.
|
But its based on a word Mark, moreover replacing i's with 1's is well known known. Using dictionary words is not recomended.
Let me give you an example. We recently ran a dictionary based password cracker over a government department intranet. 3,500 users. In 40 minutes it had cracked 96% of the passwords. (we gave up after 40 minutes as the outcome was obvious!)
In fact I just tried sw1mm1ng on our intranet and it was rejected as not meeting password policy - (when trying to change a password on our network it runs a small cracker first to see if its secure.)
|
RF,
Absolutely correct.
In a very secure military environment it was found the majority of passwords and safe combinations were based on the officer's personal Army/RAF/Navy number.
C
|
My commonly used passwords have nothing at all to do with me and you couldn't figure it out by checking into anything about me (car, birthday etc). It is the name of a place I have never been to, but sticks in my mind because the first time I ever needed to create a password, I looked away from the computer screen and saw the name printed on an item. That was 12 years ago and since then every password I create has been has been a derivative of it with numbers added to it when necessary.
After writing the above I realised that my paypal password was the same as my BR one so I changed that before posting this. Sorry No Dosh, still no dosh for you. Not from my Paypal account anyway 8-). Dead handy this thread.
For the person asking how to change Paypal passwords, just log in, go to your account, click on profile, then on password.
|
|
In a very secure military environment it was found the majority of passwords and safe combinations were based on the officer's personal Army/RAF/Navy number.
Read Richard Feynman's book - he worked at Los Alamos in the war and developed a reputation as a safecracker. Same thing really.
His best story was when he cracked the safe in the senior officer's room. After the war, the officer was away and they wanted to remove the safe as all the vital documents about the bomb were no longer kept in it. They needed to combination, though, so someone called Feynman. He opened it on his first guess; 25-50-25. The default combination that it came from the manufacturer with.
He also managed to side-step all the post-war security and found himself with access to every (yes, every) document about the bomb.
|
|
|
|