Time to change the passwords!

[luciusad2004]

I'm glad someone posted about this! I was going to stop by and mention the same thing as i frantically travel around the internet and change all of my passwords. I can't remember things that well so I always use the same password. Looks like I'm going to have to come up with an system to create moderately "unique" passwords for each website I use. I naively thought this would never happen to me. The scary part is that, the email i registered my Gawker account with, is the same i registered my paypal with, both sites also had the same password. I consider myself lucky to still have money in the bank.

[x88x]

Looks like I'm going to have to come up with an system to create moderately "unique" passwords for each website I use.

Passphrases. That is the answer. Easy to remember, but make them as long as possible and mix in caps, lower-case, numbers, and special characters, and you can have ridiculously strong passwords. I have a couple different passphrase templates that I use and incorporate something about each site into the phrase. That way it's easy to remember and unique to every site.

[luciusad2004]

Passphrases. That is the answer. Easy to remember, but make them as long as possible and mix in caps, lower-case, numbers, and special characters, and you can have ridiculously strong passwords. I have a couple different passphrase templates that I use and incorporate something about each site into the phrase. That way it's easy to remember and unique to every site.

That's exactly what I was thinking of doing. My current "good" password is a pass phrase with letter>number replacement and special characters but I think its critical failing is that it's not tailored to each site. It's long though and most of my friends who see me unlock my computer always comment that its ridiculously long. I generally don't use that one for internet stuff though.

I might also come up with perhaps a number of good templates and have different password "groups" Like, one for Blogs and forums, or general Internet Use, then a separate template for things like, my paypal, ebay, and bank account. That way if Joe Blow hacks Gizmodo, I don't have to worry about ALL of my passwords but just passwords in that "Group".

I also thought about just setting up a password manager on my computer with a good master password and then just Randomly generated passwords for everything but I was always kind of iffy on those sort of programs.

[Diamon]

It's long though and most of my friends who see me unlock my computer always comment that its ridiculously long.

Bet you don't have a BIOS password so anyone can still access all your files with a live CD

[luciusad2004]

Bet you don't have a BIOS password so anyone can still access all your files with a live CD

This is true lol. I dont see any of my roomates wanting to do that though, this just keeps them from logging in and messing with my stuff like my facebook or chat client while im not at my PC.

Plus I imagine if someone did want to do that, and had the know how to throw in a live CD and boot in to linux, they could probably just take my hard drive out and do it on their own computer if i had a bios password or not.

[x88x]

Bet you don't have a BIOS password so anyone can still access all your files with a live CD

On my desktop, no, and I don't really have a strong password on it either since I figure if someone untrustworthy has access to that, I have bigger security issues.

My laptop, however, is a different matter entirely. BIOS password to lock power-on, full-drive encryption, and 16 character not even remotely dictionary password. I used to use the HDD power-on password lock that my laptop supports as well, but got burned when I upgraded to an SSD and couldn't remember the master password to remove the password lock on the HDD...so I leave that alone. Full-drive encryption is good enough for me. I suppose if I were even more paranoid I could put the boot sector (only part that has to be unencrypted) on a flash drive, but, well, I'm not..so there.

[AmEv]

...they could probably just take my hard drive out and do it on their own computer if i had a bios password or not.

Since we're on the topic of passwords and security....
One of the quirks I like about Linux is, you have the option of encrypting the home folder until login.
Don't know how secure it is tho.

[billygoat333]

On my desktop, no, and I don't really have a strong password on it either since I figure if someone untrustworthy has access to that, I have bigger security issues.

My laptop, however, is a different matter entirely. BIOS password to lock power-on, full-drive encryption, and 16 character not even remotely dictionary password. I used to use the HDD power-on password lock that my laptop supports as well, but got burned when I upgraded to an SSD and couldn't remember the master password to remove the password lock on the HDD...so I leave that alone. Full-drive encryption is good enough for me. I suppose if I were even more paranoid I could put the boot sector (only part that has to be unencrypted) on a flash drive, but, well, I'm not..so there.

hmm... I really do need to upgrade the security on my laptop, probably should be doing this! lol

[Luthien]

Password changes are always a good idea...I just hate trying to remember them all.