$18.00
GeekGold Bonus for All Supporters: 125.78

7,483 Supporters

$15 min for supporter badge & GeekGold bonus
47.2% of Goal | left

Support:

Steven Woodcock
United States
Unspecified
Unspecified
flag msg tools
mb
Duh:

http://arstechnica.com/security/2016/08/frequent-password-ch...
2 
 Thumb up
0.05
 tip
 Hide
  • [+] Dice rolls
Shawn Fox
United States
Richardson
Texas
flag msg tools
Question everything.
mbmbmbmbmb
Yeah I've pointed that out many times. Changing your password all the time doesn't increase security and neither does have a bunch of random characters in your password either. Accounts get automatically locked after 3 failed password attempts (or so) these days anyway. Other basic features such as two factor authentication being required any time you try to log in from a new device also is important.

Basically don't use passwords that are really common or something that is derived from something else that is obvious about you and no one is going to be able to break into your account by guessing what your password is. Also don't use the same password for your bank account that you use on other low security sites (like bgg for example), that is a great way to have all your shit stolen.

Hackers break into systems by using bugs, dumpster diving, physical access, social engineering, etc, not by guessing passwords.
2 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Shawn Fox
United States
Richardson
Texas
flag msg tools
Question everything.
mbmbmbmbmb
Also, I use a nice piece of freeware called KeePass to store my passwords. I had to resort to this method due to all the web sites that require frequent password changes. So I can just use KeePass to generate a new password and copy/paste it. The KeePass software encrypts all your password information locally, protected by a password of course. I then copy the keepass password database file to another location as well as emailing it to my gmail account.

Yes, I know email in general isn't secure, but the password database is encrypted using strong encryption. Maybe the NSA could crack it if they really wanted to, but why would they bother.

http://keepass.info/

2 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Dwayne Hendrickson
United States
Oklahoma City
Oklahoma
flag msg tools
mbmbmbmbmb
My password is combination of the name of the most popular Liberal and the most popular Conservative on RSP, in conjunction with the number of sock puppet accounts divided by the number of days since someone was last banned times the number of days since the last Hitler reference, in mixed case with two nonconcurrent special characters.
5 
 Thumb up
0.25
 tip
 Hide
  • [+] Dice rolls
Mac Mcleod
United States
houston
Texas
flag msg tools
mbmbmbmbmb
Yea it sucks. TQBFJOTLD%12 used to be secure but I had to change it so many times.

However, MPINS#123 is secure and I can remember it.

But just in case, I'm going to write it down here in RSP.
11 
 Thumb up
0.25
 tip
 Hide
  • [+] Dice rolls
Steven Woodcock
United States
Unspecified
Unspecified
flag msg tools
mb
maxo-texas wrote:
Yea it sucks. TQBFJOTLD%12 used to be secure but I had to change it so many times.

However, MPINS#123 is secure and I can remember it.

But just in case, I'm going to write it down here in RSP.


We won't tell, promise...


Ferret
1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Alexandre P.
France
Strasbourg
France
flag msg tools
mbmbmbmb
Don't use a password, use passsentence: longer and easier to remember.

Currently Iamhappytowatchthe2016USAelectoralyearfromoutside has my preference.
2 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Jorge Montero
United States
St Louis
Missouri
flag msg tools
I'll take Manhattan in a garbage bag. With Latin written on it that says "It's hard to give a shit these days"
mbmbmbmbmb
Password manager + 2fa is the one sensible solution. Then you change your password manager's password as often as you find reasonable.

Without a password manager, security is just a bunch of lies. Your best bet then becomes resetting your password every time, in essence doing the same as a password manager, but with your primary email account as the key.
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Mac Mcleod
United States
houston
Texas
flag msg tools
mbmbmbmbmb
The issue I'm running into with 4 computers, 2 tablets, and a phone is successfully changing the password on all 7 devices and not ending up in a death loop.
1 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Tom McVey
United States
SF Bay Area
California
flag msg tools
mbmbmb
maxo-texas wrote:
The issue I'm running into with 4 computers, 2 tablets, and a phone is successfully changing the password on all 7 devices and not ending up in a death loop.


Ponying up the fee for 1Password solved a lot of problems. Two factor authentication is also essential, at least for your primary email account.
1 
 Thumb up
0.05
 tip
 Hide
  • [+] Dice rolls
Andy Leighton
England
Peterborough
Unspecified
flag msg tools
mbmbmbmbmb
Xahendir wrote:
Don't use a password, use passsentence: longer and easier to remember.

Currently Iamhappytowatchthe2016USAelectoralyearfromoutside has my preference.


Yes this would be much harder to crack than something like MPINS#123 (which isn't very secure at all).
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
J
United States
Lexington
Kentucky
flag msg tools
admin
mbmbmbmbmb
sfox wrote:
Also, I use a nice piece of freeware called KeePass to store my passwords. I had to resort to this method due to all the web sites that require frequent password changes. So I can just use KeePass to generate a new password and copy/paste it. The KeePass software encrypts all your password information locally, protected by a password of course. I then copy the keepass password database file to another location as well as emailing it to my gmail account.

I use 1Password and the device syncing is handled automagically via Dropbox or iCloud.

Password managers are a must have, especially since I have to keep up with my whole families passwords shake
 
 Thumb up
 tip
 Hide
  • [+] Dice rolls
Front Page | Welcome | Contact | Privacy Policy | Terms of Service | Advertise | Support BGG | Feeds RSS
Geekdo, BoardGameGeek, the Geekdo logo, and the BoardGameGeek logo are trademarks of BoardGameGeek, LLC.