Windows 10: Beware of these "Easy Password" apps

Hi there

I'm always amazed how people just PUT THEMSELVES in possible difficulties when using the Net. I know that passwords are a nuisance but those apps that store a "Virtual Safe" on the cloud where you store your passwords so any app requiring a password login just takes it from the "Virtual Safe" seems to me a potential recipe for DISASTER. - Severs do go down and do get hacked.

I'm of the old school-- a black notebook hidden away in a reasonably inaccessible place seems the best (and "Lowest tech") solution of all.

Simple and virtually HACKPROOF. Nothing is of course 100% safe but sometimes a bit of Old School Tech can still work wonders.

Cheers
jimbo

:)

 

" SOFTWARE UPDATE FAILED "

SO HERE'S THE LINK TO THAT PIC

http://i26.tinypic.com/2ihbdco.jpg

CAN U PLZ CHECK IT ACTUALLY I HAVE USED THE NOKIA SOFTWARE UPDATER B4 ... BUT I DONT KNW WHY I M GETTING THIS ERROR NOW

 

" SOFTWARE UPDATE FAILED "

i have installed windows xp sp2

previously i was using windows media center i thought i might b facing this probs due to that but then i changed it to windows xp ! n moreover i have also shown to nokia service center executives but they were not having the latest updates available ......
my pc suite is showing that new update version of firmware is available but i cudnt download it

oh gawd wat to do ?

i tried in another pc then again i got an error u need to have minimum 256 ram

please cant it b rectified ? there must b any solution to this probs please help me guyz

god bless all of u thanx

 

While, indeed, you do have to be careful. Most decent apps are "unhackable", because they use client-side encryption. Even if someone hacks the server, all they get is the encrypted info which is useless without the keys stored on your local computer.

Dashlane is one such app that does this.

However, it also means you can't access these passwords when not using an already authenticated device.

 

I'm with you on this. Little note book tucked away in another room.

 

Their is not such thing as "unhackable"!!

I do agree with Jimbo and also use his method except I use a Rolodex.
To get my passwords off my Rolodex they would have to kill me and then I wouldn't need the password anyway.

 

That's why I put it in quotes. Yes, if someone wanted to invest millions in hacking hardware to decrypt your file, sure. But, other than that, there's no way they're going to get to your data, even if they compromise the servers. Even if they have your master password, it won't help, since they need the physical keys stored on your computer as well.

Could they infect your machine with a virus, steal the keys, and your password, and then find it? Sure... but they would have to be targeting you directly, because that would require very specific knowledge of you, your systems, be able to read computer memory for decrypted keys.. and at that point, they could just install a keylogger to get your passwords.

So in other words, it's far more trouble to break the encryption of the servers when it's so much easier to just break into your home and torture you with a wrench until you give up access.

 

You don't need millions of $ invested in hardware. You need the right software, maybe find a back door, determination and time.
People are doing it all the time, you infect multiple machines with a program to turn them into shared computing bots and steal cycles from them.

 

Wouldn't they just take the money. jewelry, Flat screen TV, Computer, and other valuables and high tail it out of there?

*Roflmao2

 

If they are going to use a wrench on me I hope it's a Mac or Snapon.
I do have standards to keep.

How hard it is to steal passwords on a computer or in a Cloud I really don't know. I'm not a hacker or a thief.

What I do know is one could read all day every day about passwords and personal information being stolen from what
were considered well protected sites. Hell someone even hacked Obama's Blackberry. One would think that should of had the best security tax dollars could buy.

 

2 pieces of advice I give about the internet are. Don't just click! Read it and be sure. Second is lay low. If they can't find you they can't hack you.
Use a combination of a hardware firewall as well as a software firewall.
My computer is setup not to respond to unsolicited pings.

 

Simple.. change your passwords .. change change...

 

Yeah I basically do the same with my gold bars. Don't put em in the safe or the next burglar will know that there is good stuff and also where it is...
I just put them into my wardrobe in my bedroom under some old clothes i never wear.

...uhhmm... wait ... what?!


But in all seriousness I have advice for people who are undecided about their "personal password police" *chuckle
The way I do it... and it works out for me pretty solid and without having to use a 3rd party master key style solution...is just to
setup my passwords in the following scheme (it's not 100% according to what I do but I can tell you it is a very similar system)

FOR EXAMPLE

password for mail -> N5=i3yBz2paperK0F-4noL!

password for windows at home -> N5=i3yBz2workK0F-4noL!

password for amazon -> N5=i3yBz2stuffK0F-4noL!

password for bank account -> N5=i3yBz2emptyK0F-4noL!
(this is of course not a 1-way auth in most of the cases anyway)

so as you can see in this example case the passwords consist of 3 parts
2 parts that are identical in each password but that are using special characters, big letters, small letters and numbers
which are wrapped around one middle part that is easy to remember but is different for each password.
this way your password is not the same for every service and you still have a overall very high complexity for each password.
at the same time you can remember the identical parts easily because they are burnt into your head already...you just learn them and never forget them.
and the variable parts can be for example words that you can personally link with the service u are using them for and so they are pretty easy to remember as well.
of course you can use another logic, like use birthdates instead of words as the variable part. or soccer players. or something totally different. also there are much more ways of putting in different logic in these passwords ... you just have to be imaginative.

so yeah, basically this is kind of a master password (not variable part) solution for the poor *Biggrin

i only use different passwords when i expect the system i use it on to be prone to administrator abuse
to avoid admins checking for certain patterns. also on "unimportant" stuff like forums or (non-google-account-centralized) entertainment services. then i just use simple words or their modification. in the style and rather simple complexity of for example: n1ghtl1f3
but never the same password for more than 1 service.

 

Hi there

The point of the post wasn't to devise a password strategy but simply to point out that whatever your passwords were keeping them stored on a remote server IMO is NOT a good idea for all sorts of reasons.

However if you ARE considering password strategies a SIMPLE one which increases the Hacking complexity by a VERY considerable amount is always to insert a special character to the FRONT -- password cracking algorithms have to run for a lot longer to crack even SIMPLE passwords like PA55WORD if it's replaced by !PA55WORD. Unfortunately some logons won't allow special characters but when they do insert them in your password --but remember if you use a different keyboard --even a simple one like GB vs US the keys aren't then same for a lot of the special characters !!!! So accessing your site from say an airport terminal with their computers might cause a problem !!!

Cheers
jimbo

 

I do like Jimbo

Except my book is green. Another advantage of that is, I live alone in a foreign country, so if something happens to me the Polizei will find it(hopefully) and contact my Contacts, accounts and forums...etc and close everything, or give it to my next of kin in the States to do so.