Like Tree8Likes

Password Reuse & Google

Closed Thread
Page 3 of 3 FirstFirst 1 2 3
  1. #21

    Join Date
    Jun 2005
    Location
    in my home
    Posts
    3,451

    im not familiar with HSBC's one-time password....so cant comment there.

    and fair enough that you use different methods for passwords involving your real identity. but, your original comment was that we should "remember" our passwords mentally, not using some program. The problem is that the easier it is to remember, means its not that safe, which means once someone figures out one password for you, they have access to a bunch of your data or sites you visit.

    so by using programs like this, it will give you (in my case) 20 digit random passwords, that are unique to each account in every site. this way I only need to know 1 password for the database, which makes it easier to remember a single unique password to access the database, and not 10's or 20's or 100's or whatever. and with my system, no one has access to my password, no matter what they say, without hacking into my home network and hacking into my computer, and hacking into my encrypted disc image, and then hacking my database.

    If i think of financial accounts I hold worldwide, I have around 10 different accounts for trading, credit cards, banks, and other types of money related accounts. each of those uses a different unique password. By your logic, I dont know how I would remember even just these 10 using the safe passwords I use.



    and...you say you trust shri. BUT...has he disclosed his actual password retention software he uses? And even if he did, how do you know he is telling the truth? How do you know he has absolutely no access ever to these passwords and that he is good faith would never do this.

    what if Shri gets hit by financial tsunami, website goes down from all of us ad-blocking, bank takes his homes, and the IRD hits him with some billion dollar unpaid hidden tax? do you think everyone is trustworthy with your information 100% of time? anyone can slip...and it depends on how far they can get with your password before you get screwed.


    btw...knock on wood for shri.


  2. #22

    Join Date
    Jun 2005
    Location
    Hong Kong
    Posts
    23,205

    But you're getting the risks out of proportion. You're far more likely to be hit on the head by something falling from a high building, so you'd better spend all you life outdoors wearing a hard hard (with a tin-foil lining of course).


  3. #23

    Join Date
    Jun 2005
    Location
    in my home
    Posts
    3,451
    Quote Originally Posted by PDLM:
    But you're getting the risks out of proportion. You're far more likely to be hit on the head by something falling from a high building, so you'd better spend all you life outdoors wearing a hard hard (with a tin-foil lining of course).
    well....wearing a hard hat everyday may help with my balding, but the password database requires no management or effort on my part, and helps me be secure across the entire web. i click a button, and enter 1 password. The program then auto fills the username and password for the site that is currently open, and logs me in.

    this is the idea behind the comic...being safe from not reusing passwords.

  4. #24

    Join Date
    Oct 2006
    Location
    Hong Kong
    Posts
    15,557
    Quote Originally Posted by PDLM:
    But you're getting the risks out of proportion. You're far more likely to be hit on the head by something falling from a high building, so you'd better spend all you life outdoors wearing a hard hard (with a tin-foil lining of course).
    But wasn't that the whole point of posting that cartoon?

    On one side you are saying, don't worry about passwords and use the same ones, then on the other side you are posting the cartoon which warns you of the risk of using the same passwords.......

  5. #25

    Join Date
    Jun 2005
    Location
    Hong Kong
    Posts
    23,205

    The point of the cartoon as I read it is actually that it is quite difficult to work out what you would do with all those passwords even if you did have them...


  6. #26

    Join Date
    Jun 2005
    Location
    in my home
    Posts
    3,451
    Quote Originally Posted by PDLM:
    The point of the cartoon as I read it is actually that it is quite difficult to work out what you would do with all those passwords even if you did have them...
    well...i suppose you could read it that way.
    or you could read it as a joke about google being evil in recent media.
    or...you could look at it as a joke about how easy it is for some of these companies to really do some damage.

  7. #27

    Join Date
    Apr 2009
    Location
    Hong Kong
    Posts
    6,076
    Quote Originally Posted by BenderBends:
    or you could read it as a joke about google being evil in recent media.
    Hardly a joke. Power corrupts. Google is evil.

  8. #28

    Join Date
    Mar 2007
    Location
    Gold Coast Marina
    Posts
    17,934
    Quote Originally Posted by BenderBends:
    well....wearing a hard hat everyday may help with my balding, but the password database requires no management or effort on my part, and helps me be secure across the entire web. i click a button, and enter 1 password. The program then auto fills the username and password for the site that is currently open, and logs me in.

    this is the idea behind the comic...being safe from not reusing passwords.
    I guess this is fine if you use the same computer all the time. But what if you don't? If you (as I have done) need to access your bank account online while on holiday on somebody else's machine? Do these mechanisms work then? (I have dropbox, by the way, so I can see how it might work).

    I tend to use a similar format to PDLM - one [small set] of passwords for 'I don't care if I get hacked' sites (which includes geo) and other (completely different) passwords for 'money or important stuff' sites and yet a third set for 'work-related sites'.

  9. #29

    Join Date
    Jun 2005
    Location
    in my home
    Posts
    3,451
    Quote Originally Posted by MovingIn07:
    I guess this is fine if you use the same computer all the time. But what if you don't? If you (as I have done) need to access your bank account online while on holiday on somebody else's machine? Do these mechanisms work then? (I have dropbox, by the way, so I can see how it might work).

    I tend to use a similar format to PDLM - one [small set] of passwords for 'I don't care if I get hacked' sites (which includes geo) and other (completely different) passwords for 'money or important stuff' sites and yet a third set for 'work-related sites'.
    you need the client installed on the computer to access 1Password, and I would not suggest doing this unless its your computer. However I think Pins suggestion earlier for one of those online apps probably would work from a random computer.

    I personally do not ever login to accounts on any computer that isnt mine. ive had identity theft once before, and it took ages to get things fixed. i tend to play the careful side now to save me the hassle later. that being said, there are a handful of passwords i use for some sites that are not difficult to remember, so that I can log into those accounts (like geo) when away from my devices.

  10. #30

    Join Date
    Mar 2010
    Posts
    1,194
    Quote Originally Posted by Boris:
    I have a good memory so I can remember all my passwords in my head.
    Its called " old geezer pre the machine does everything for you and stops you thinking for yourself " technology.

    You remember mental arithmetic? Of course you don't because you where all brought up on calculators. Point made I think.

    I carry maybe 60 passwords in my head... and I suck at arithmetic.... Unless you generate all your passwords arithmetically, what you say has little validity.
    Last edited by Fenix2; 15-09-2010 at 09:30 PM.