Cruisers Forum
 


Reply
  This discussion is proudly sponsored by:
Please support our sponsors and let them know you heard about their products on Cruisers Forums. Advertise Here
 
Thread Tools Search this Thread Rate Thread Display Modes
Old 12-10-2017, 21:22   #61
Registered User

Join Date: Jul 2013
Location: Refit in Port Townsend, WA
Boat: 1984 Slocum 43
Posts: 425
Re: Passwords In A Paperless World

We use Dashlane.
Mycroft is offline   Reply With Quote
Old 13-10-2017, 17:53   #62
Registered User

Join Date: Oct 2007
Location: nh
Posts: 10
Re: Passwords In A Paperless World

i have been using a device called a RecZone Password safe and findn it easy to load info,add info, easy to search and delets, edit info.
Paul Casey is offline   Reply With Quote
Old 13-10-2017, 20:31   #63
Registered User

Join Date: May 2008
Posts: 3,196
Re: Passwords In A Paperless World

A lot of the password suggestions are fighting the last war - not this one. Any 8 character password can be broken in a few minutes with a specially configured $1000 computer. Try this tester from Dashlane:

https://howsecureismypassword.net

Two factor security (where a code is sent to your phone when a new computer tries to login) is the biggest step forward in years. If a site offers it, ALWAYS use it. It makes it just about impossible for a guy to sit in Russia and break into your account if your phone is in your pocket in Ft. Lauderdale - even if your password is 1234.

Most hacks in the last few years are not by cracking passwords but tricking you into giving the hacker a password - called Phishing. A complicated password won't help if you hand it over. Never enter any information after clicking on an email link. Go to the site a different way (like a Google search).
CarlF is offline   Reply With Quote
Old 13-10-2017, 21:12   #64
Registered User
 
Jman's Avatar

Join Date: Sep 2012
Location: Northeast, USA
Boat: Luders 36
Posts: 237
Re: Passwords In A Paperless World

Quote:
Originally Posted by CarlF View Post
A lot of the password suggestions are fighting the last war - not this one. Any 8 character password can be broken in a few minutes with a specially configured $1000 computer. Try this tester from Dashlane:




That only works if you are trying to guess a known password. If you only have three guesses at it before a time out occurs, game over, even a 60 second time out will take the few minutes to years or 100 of years. That is what the complicated passwords are about.

Two phase is way better, agreed, but why do I have to go through this every month with my bank that has not even had one missed guess?

Answer: it makes the company look better when they get hacked from within... once a hacker is in, he reverses the encryption algorithm and now knows everyone’s password. Or worse it was never encrypted in the first place so he just discovers the password. Now he has a list of passwords and emails to try at other establishments, no guessing to worry about. So he now takes his list that he got barnaclejoescheapboatparts.com and sees if they will work at Wells Fargo or Citibank. Fortunately barnacle joe did not force you to use eight characters and special letters and numbers like it did at Wells Fargo, so you just used a simple password. It fails when trying to get into your bank account. But a few people who were trying to make their lives easy, used their special password at joes, and then they are breached.
Jman is offline   Reply With Quote
Old 13-10-2017, 22:06   #65
Registered User
 
maxingout's Avatar

Join Date: Dec 2006
Location: Cruising
Boat: Privilege 39 Catamaran, Exit Only
Posts: 2,722
Re: Passwords In A Paperless World

Thank you to the people contributing to this thread. I am just converting to the paperless world, and all the suggestions are a great help. Lots of options.

I need to investigate iPhone and iPad apps that are used for encryption of data. To my knowledge, nothing on my phone is encrypted, or if it is, I did not realize that it was encrypted.

So the next phase is to figure out how to encrypt things on my iPhone and iPad.
__________________
Dave -Sailing Vessel Exit Only
https://Maxingout.com
https://PositiveThinkingSailor.com
maxingout is offline   Reply With Quote
Old 13-10-2017, 22:40   #66
Registered User

Join Date: May 2008
Posts: 3,196
Re: Passwords In A Paperless World

JMan - absolutely agree about missed password counters. Even better, my iphone and ipad erase themselves if the screen unlock code is missed 10 times.

This erase feature combined with two factor is very secure. Even if someone steals my phone they can't unlock it to read the two-factor code. And if they have a website password, they can't get into the phone to use it. If they try a different computer, then the two factor code is needed.

Also agree that any important site (email accounts, banks, etc.) should always use a password that is not used anywhere else.

Also agree that some two factor systems are poorly designed or inconvenient. Almost all the new ones just send an SMS code. The code is only required if a new computer is used to login or an account change is requested - like trying to change the password. Except for these rare situations, no two factor code is required. I'd get after your bank to update their system.
CarlF is offline   Reply With Quote
Old 14-10-2017, 04:52   #67
Registered User
 
CaptTom's Avatar

Join Date: Apr 2004
Location: Southern Maine
Boat: Prairie 36 Coastal Cruiser
Posts: 2,567
Re: Passwords In A Paperless World

Quote:
Originally Posted by Jman View Post
...Now he has a list of passwords and emails to try at other establishments, no guessing to worry about. So he now takes his list that he got barnaclejoescheapboatparts.com and sees if they will work at Wells Fargo or Citibank...
Any indication this has ever really happened?

My gut says the bad guys are really looking to hack into the system that already contains what they want (financially or politically). Not the individual account of Joe Boater who may or may not have an account at any one of millions of banks worldwide. Seems it would be a LOT of work, repeated for each individual user, to scan the world for rare related account with the same password AND user ID.
CaptTom is offline   Reply With Quote
Old 14-10-2017, 05:31   #68
Registered User

Join Date: Dec 2015
Location: Annapolis
Boat: Moody 54
Posts: 44
Re: Passwords In A Paperless World

I suggest generating a common stem that you like and meets all requirements such as "good4us!" and add the capital initial of the company at the beginning. Now you have a capital letter, a number, and a character. Then technically all your passwords are different, and you only need to remember the stem and if you need the ! at the end or not.
MamaKube is offline   Reply With Quote
Old 14-10-2017, 07:17   #69
Registered User
 
krafthaus's Avatar

Join Date: Apr 2011
Location: Saskatoon, Canada & Eastern Caribbean
Boat: Lagoon 420
Posts: 437
Re: Passwords In A Paperless World

We use Lastpass with a very secure password to get in that database.
The layout of the app is very good to use and keeps things well organized.
__________________
Wherever we want to go, we go. That's what a ship is you know - it's not just a keel and a hull and a deck and sails, that's what a ship needs. But what a ship is...really is, is freedom. ~Johnny Depp as Capt. Jack Sparrow
krafthaus is offline   Reply With Quote
Old 14-10-2017, 10:51   #70
Registered User
 
Rock-Head's Avatar

Join Date: May 2015
Location: St. Augustine, FL
Boat: 1978 Lancer 30 MkIV
Posts: 150
Re: Passwords In A Paperless World

For those using threes for "E's" and such, there is a library of common substitutions that hackers/crackers use consistently. The password that is difficult or even impossible for a human to guess, much less remember, is one that is simple for a computer to guess. IMO in this day & age, 8-12 character passwords of mumbojumbo makes for poor security.

Key components to a good, secure passphrase is randomness, length & ability to recall.

Food for thought:

Click image for larger version

Name:	password_strength.png
Views:	55
Size:	90.8 KB
ID:	157712
Rock-Head is offline   Reply With Quote
Old 14-10-2017, 12:06   #71
cruiser

Join Date: Jan 2017
Boat: Retired from CF
Posts: 13,302
Re: Passwords In A Paperless World

https://www.theverge.com/2017/8/7/16...-cybersecurity
john61ct is offline   Reply With Quote
Old 14-10-2017, 12:27   #72
Registered User
 
maxingout's Avatar

Join Date: Dec 2006
Location: Cruising
Boat: Privilege 39 Catamaran, Exit Only
Posts: 2,722
Re: Passwords In A Paperless World

More research on the password puzzle.

https://youtu.be/Q0GeMSFGIgI
__________________
Dave -Sailing Vessel Exit Only
https://Maxingout.com
https://PositiveThinkingSailor.com
maxingout is offline   Reply With Quote
Old 14-10-2017, 13:06   #73
Registered User

Join Date: May 2009
Location: Massachusetts
Boat: 40' Silverton Aftcabin with twin Crusaders
Posts: 1,791
Re: Passwords In A Paperless World

Quote:
Originally Posted by Dsanduril View Post
One other thing, passwords really shouldn't be pass words - they should be pass phrases. Length is your friend. No less than the person who wrote the NIST standards on passwords and complexity recently apologized publicly and said that complexity (special characters, numbers, etc.) in a short password was not the right way to go, length was the key.

Think "The qu!ck br0wn Fox jumped over the lazy dog"

Yes indeed! The bank where I have a CC (only own one CC) recently required new passwords with both lower and upper case letters, number and a special character symbol.

So I called the bank to complain about their requirement. I was very politely told that was necessary and if I didn't like it to go elsewhere. AHOLES!
foggysail is offline   Reply With Quote
Old 14-10-2017, 13:17   #74
Registered User

Join Date: May 2009
Location: Massachusetts
Boat: 40' Silverton Aftcabin with twin Crusaders
Posts: 1,791
Re: Passwords In A Paperless World

I thought things were getting out of control when I finally had to use an accountant for taxes. Now people are telling me they need a service for passwords?????

ENOUGH
foggysail is offline   Reply With Quote
Old 14-10-2017, 13:43   #75
Registered User
 
Simi 60's Avatar

Join Date: Jun 2016
Location: Australia
Boat: Milkraft 60 ex trawler
Posts: 4,059
Re: Passwords In A Paperless World

Quote:
Originally Posted by Dsanduril View Post
One other thing, passwords really shouldn't be pass words - they should be pass phrases. Length is your friend. No less than the person who wrote the NIST standards on passwords and complexity recently apologized publicly and said that complexity (special characters, numbers, etc.) in a short password was not the right way to go, length was the key.

Think "The qu!ck br0wn Fox jumped over the lazy dog"
And do you keep the same pass phrase for everything or do you have to remember a book?
Simi 60 is online now   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Going PAPERLESS afloat? SecondBase General Sailing Forum 32 11-10-2017 15:04
World Ocean Database and World Ocean Atlas Series GordMay The Library 2 15-01-2007 21:14
starting a business in 3rd world florensic Boat Ownership & Making a Living 7 13-01-2004 05:16
Hello world of cruisers filit7 Meets & Greets 0 09-03-2003 22:40

Advertise Here


All times are GMT -7. The time now is 14:06.


Google+
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2022, vBulletin Solutions, Inc.
Social Knowledge Networks
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2022, vBulletin Solutions, Inc.

ShowCase vBulletin Plugins by Drive Thru Online, Inc.