who uses a 50 character password?

Discussion of non-phpBB related topics with other phpBB.com users.
Forum rules
General Discussion is a bonus forum for discussion of non-phpBB related topics with other phpBB.com users. All site rules apply.
User avatar
imkingdavid
Former Team Member
Posts: 2664
Joined: Sun Jul 26, 2009 7:59 pm
Location: EST
Name: David King
Contact:

Re: who uses a 50 character password?

Post by imkingdavid » Fri Oct 15, 2010 4:46 pm

Having a password manager or using the one built into your web browser is great if you're only ever on your own computer, and as long as your computer doesn't crash. If you ever have to use another computer or if your computer crashes, then you're going to have a hard to getting into those websites.

That being said, one way to prevent that is to simply memorize your email password and then you'll at least be able to use the Forgot Your Password feature on most websites in that case.

As for me, my passwords are mostly only around 11 or 12 characters long, but I doubt anyone would be able to crack them in a long time.
Don't forget to smile today. :)
Please do NOT contact for support via PM or email.
Remember, the enemy's gate is down.

Kim_Possible
Registered User
Posts: 1343
Joined: Sun Sep 21, 2008 3:57 pm

Re: who uses a 50 character password?

Post by Kim_Possible » Fri Oct 15, 2010 6:43 pm

Daniel Exe wrote:And I wonder if KeyPassX has any relation with KeePass.
As far as I know, KeePassX is a cross-platform and "lighter" version of KeePass.
imkingdavid wrote:Having a password manager or using the one built into your web browser is great if you're only ever on your own computer, and as long as your computer doesn't crash. If you ever have to use another computer or if your computer crashes, then you're going to have a hard to getting into those websites.
1. I always keep a copy of my encrypted KeePass file on my flash drive (on my key chain). It also is protected using a 256 bit AES method and will run in Windows and Linux, giving me "mobile" access to all my passwords. If I used a phone or other mobile device for web browsing (which I don't) . . . that would be more of a problem.

2. I always back up my KeepPass file onto the external HD I use for backups.

User avatar
imkingdavid
Former Team Member
Posts: 2664
Joined: Sun Jul 26, 2009 7:59 pm
Location: EST
Name: David King
Contact:

Re: who uses a 50 character password?

Post by imkingdavid » Fri Oct 15, 2010 7:05 pm

Kim_Possible wrote:
imkingdavid wrote:Having a password manager or using the one built into your web browser is great if you're only ever on your own computer, and as long as your computer doesn't crash. If you ever have to use another computer or if your computer crashes, then you're going to have a hard to getting into those websites.
1. I always keep a copy of my encrypted KeePass file on my flash drive (on my key chain). It also is protected using a 256 bit AES method and will run in Windows and Linux, giving me "mobile" access to all my passwords. If I used a phone or other mobile device for web browsing (which I don't) . . . that would be more of a problem.

2. I always back up my KeepPass file onto the external HD I use for backups.
Ah right, I hadn't considered external media for storing that information. :lol:
Don't forget to smile today. :)
Please do NOT contact for support via PM or email.
Remember, the enemy's gate is down.

User avatar
AdamR
Former Team Member
Posts: 9731
Joined: Tue Mar 02, 2004 5:40 pm
Location: Tampa, Florida
Name: Adam Reyher
Contact:

Re: who uses a 50 character password?

Post by AdamR » Fri Oct 15, 2010 9:32 pm

My KeePass vault file is stored on my local server here at home. The file (along with a few other things) is periodically backed up to two separate NAS backups. I have KeePass set up to access this vault file remotely on all my computers, so I do have true mobile access to it. The vault is protected by a >20 character password. :)

- Adam
phpBB Support: Welcome | Userguide | Knowledge Base | Search
Honored supporter of the phpBB Group!
"If I have seen a little further it is by standing on the shoulders of Giants." - Isaac Newton

User avatar
Socially Uncensored
Registered User
Posts: 19
Joined: Thu Sep 30, 2010 1:29 pm
Name: Adam H
Contact:

Re: who uses a 50 character password?

Post by Socially Uncensored » Thu Oct 21, 2010 4:38 pm

I use full sentences, paragraphs, and book quotes... Mixed with not just letters and numbers. But then again, I'm paranoid when it comes to security.

50+ letters, numbers, and symbols. I type it out real slowly the 1st time and then let a few encrypted programs to remember them for me after that (using 128 or 256 bit encryption)

NFeVkMYcznAf
Registered User
Posts: 5
Joined: Sat Aug 21, 2010 9:59 am

Re: who uses a 50 character password?

Post by NFeVkMYcznAf » Thu Oct 21, 2010 4:44 pm

Wow what has happened to the world :D

User avatar
Pony99CA
Registered User
Posts: 4783
Joined: Thu Sep 30, 2004 3:13 pm
Location: Hollister, CA
Name: Steve
Contact:

Re: who uses a 50 character password?

Post by Pony99CA » Fri Oct 22, 2010 11:30 pm

Daniel Exe wrote:In no way am I trying to argue that any password you can remember must be weak - which is perhaps the impression I've given you.
When you say something like "So it's probably not even that strong of a password..but rather just long", I'd say that does give the impression that you think it's weak (if you allow "not even that strong" to be equivalent to "weak"). :D

Even if you just used a sentence spriknled with repeating digits, somebody would first have to guess that sentence then the digit placement and cycle. Even if I told you the sentence, would you want to try to guess the digits? A dictionary attack couldn't do that, so you'd have to use pure brute force. That seems strong to me.

Steve

User avatar
Daniel Exe
Registered User
Posts: 573
Joined: Wed Sep 14, 2005 7:59 pm
Location: Canada
Contact:

Re: who uses a 50 character password?

Post by Daniel Exe » Sat Oct 23, 2010 9:54 pm

Any password != password in excess of 50 characters in length. Again, my original comment was regarding my inability to understand why someone would want to memorize a random 50-character long string :)

User avatar
A_Jelly_Doughnut
Former Team Member
Posts: 34452
Joined: Sat Jan 18, 2003 1:26 am
Location: Where the Rivers Run
Contact:

Re: who uses a 50 character password?

Post by A_Jelly_Doughnut » Sun Oct 24, 2010 2:32 pm

I doubt anyone memorizes a passphrase of that length.

If my 50-character passphrase was
qqqq1qqqq1qqqq1qqqq1qqqq1qqqq1qqqq1qqqq1qqqq1qqqq1
I would memorize "qqqq1" repeated ten times instead of the actual full passphrase.

Then it is pretty easy to perturb such a simple passphrase to be a little more complicated.
quit1qqqq1qqqq1qqqq1QQQQ5qqqq1qqqq1qqqq1qqqq1quid1

Of course, the "complications" of the second passphrase probably serve no advantage. If some attacker was able to know that my passphrase contained only the symbols {q, 1}, then the second would be a great advantage because it cannot be described in such a simple fashion (symbol set is now {q, u, i, t, 1, Q, 5, d}. But we hope, at least, that an attacker knows nothing about the passphrase in use and must combinatorially try all options on [a-z0-9]+, a proposition which would take an infinite amount of time.
A Donut's Blog
"Bach's Prelude (Cello Suite No. 1) is driving Indiana country roads in Autumn" - Ann Kish

Popp Singh
Registered User
Posts: 317
Joined: Thu Apr 22, 2010 4:31 pm
Contact:

Re: who uses a 50 character password?

Post by Popp Singh » Thu Oct 28, 2010 12:57 am

Before anyone moans about this post or closes the thread ......READ IT ...... and look in your consciences and be honest .

I`ve been watching this thread and waiting for someone to talk about the other major , more important , aspect in this case . Now it seems to me that all that can be said about the length of passwords , their complexity , remembering them and the dificultys of cracking them has been said ........... SO ....... what about the legal aspects ? Doesnt that side interest anyone ? Isnt anyone interested in their , our all , legal rights ? In justice ? In democratic principles ?

Someone has made a statement about another person . The police have investigated and useing the statement and probably details from his ISP they didnt get enough evidence to charge him . On the basis of what was in that statement and maybe details from his ISP they got a warant to search his house . They didnt find any evidence against him . The ISP has told the police what they know = every IP adress that he has had contact to for at least several months if not more than a year . The ISPs are legaly obliged to save that info = the IP adresses that he contacted , when , for how long and how much trafic he sent and recieved and from where . From that info they didnt get any suspicious details like the IP adresses of known criminals . If they had they would be able to get warants to search those peoples houses and gather evidence . Again .... remember throughout this investigation they havent found any / enough evidence to charge him . SO they do the dirty buisness that they are so well known for and so good at and charged him with not provideing evidence against himself !!!!!! He was found guilty and put in prison .

Things to think about ------>

Was the guy of previous good charakter ? It sounds like it to me as there was no mention of past offences wich would normaly happen if there had been offences .

That law and the laws about ISPs keeping peoples conection data for months to more than a year were introduced ...... because of the oh so convenient "terror threat". The guy is not a "terrorist" and is not acused of being one or haveing conections to "terrorists" .

It has abolished the right to silence , the right to not give incriminating evidence against oneself , the right to privacy and habeas corpus ......the back bones of british and many other countrys legal rights systems .

Now unsubstantiated statements are enough to try someone , find them guilty and inprison them .

What are they going to do when he gets out ? Try him again ? I hope not as part of british and many other countrys law says trhat a person cant be tried and punished for the same offence more than once . With that in mind what was the point in trying him , and then putting him in prison in the first place ?....... If he is a perv he could be haveing a better time in the nick than the judges wanted .......... LOL.....

Prisons dont work in fact they are counter productive in the extreme . A very very large percent of people who get sent to prison get sent again later in their life . A good example is someone gets sent down for a petty offence . When he is in criminal university .....Ooops !!! sorry prison ..... he learns how to steal cars , bypass burgler alarms and meets REALY big profesional criminals and makes international criminal conections . He also comes out with a grudge against society , the police , the courts and the government ......... and it costs US money .

There is a realy disgusting trick that they could use and that is when he gets out do a gate arrest on him . ( = They wait till he walks out of the doors of prison and arrest him at the gate ) . That means that they can then lock him up again while they do more investigations . Again back to the war against islam ....... it used to be that in the unUK they could hold people for two working days ...... not includeing the weekend = when they dont like someone they arrest him on a friday morning and hold him till monday , now that length of time has been increased . I dont know how long it is now but i have read something about 1 month . If that doesnt work then they can take him back to court for ignoreing a court order and lock him up again . They can continue doing that untill the end of time because every time he goes to court they make a court order against him and each one is a seperate charge .

Anyone who thinks that just because someone is acused of something and a judge orders a house search that that person is guilty or anyone who refuses to give evidence is guilty / must have done somethig wrong forgets ...... sorry ....... 6 million jews , the inquisition , the US cold war , vietnam , korea , iraq , palastine , the reasons why the founding fathers left the unUK to found the US ......... blah blah the list is endless .

One of the main principles that the US state is based on is the right to carry arms and to form malitias .......... because the people who made the US constitution believed that joe public has the right to defend himself and his country against his own government if they step out of line = The people who made the US constitution believed that governments cant be trusted 100 % , that a democracy is the will of the people and that governments dont always respect that and do undemocratic and criminal things .

Have you got any secrets ? If asked would you tell big brother all of them ? Have you NEVER broken any laws ? If you have then you are a criminal as there is no such thing as an ex-criminal = MOST ....BS..... ALL of us are criminals . Are the people here who use long passwords criminals ?

I hope noone feels ofended by that ...... if they do they should examine their thoughts and reactions and ask themselves why and explain it here ......... i just think its a to important aspect to not talk about .

I`d like it if you were all grown up enough to talk about it and this post without throwing excrement at me ...... please . We are all in this , life , situation together and blind faith in justice and legality has never got anyone anywhere nor has wearing rose coloured glasses ....... or trivial skin deep chat .

User avatar
imkingdavid
Former Team Member
Posts: 2664
Joined: Sun Jul 26, 2009 7:59 pm
Location: EST
Name: David King
Contact:

Re: who uses a 50 character password?

Post by imkingdavid » Thu Oct 28, 2010 2:05 am

I'm sorry, but I don't entirely understand what your post has to do with this subject? Having a long, complex, and secure password has nothing to do with how legal or illegal someone is. Maybe I'm just missing your point?
Don't forget to smile today. :)
Please do NOT contact for support via PM or email.
Remember, the enemy's gate is down.

User avatar
Daniel Exe
Registered User
Posts: 573
Joined: Wed Sep 14, 2005 7:59 pm
Location: Canada
Contact:

Re: who uses a 50 character password?

Post by Daniel Exe » Thu Oct 28, 2010 5:46 am

oleg-karow is discussing the legal implications of the article (and the boy's sentence), rather than the original topic question regarding password-length. I don't think it's entirely off-topic, although it may not have been the original author's intentions.
Drage of Freckleton, near Blackpool, was sent to a young offender institution for 16 weeks
He didn't co-operate. Considering the original investigation was related to child exploitation, it was a serious enough matter. I'm surprised he even got 16 weeks, but I guess you'd expect that considering the subject matter of the original investigation. What sucks is that his computer will be in the possession of authorities for a heck of a long time as they try to crack it open - it's not going to do anyone any good, especially if he was innocent.

User avatar
JimA
Community Team Leader
Community Team Leader
Posts: 7344
Joined: Thu Jul 31, 2008 5:54 am
Location: The Netherlands
Name: Jim Mossing Holsteyn
Contact:

Re: who uses a 50 character password?

Post by JimA » Thu Oct 28, 2010 6:58 am

I like to believe that one who's innocent, has got nothing to hide. There might be some embarrassing stuff on that computer, but somebody innocent would never risk a prison sentence for that.

So, obviously, there is something weird about this case. Yet, that is not a crime in the US, nor anywhere I presume. But the officers did get a search warrant for his house and his computer. You only get a search warrant when there's reasonable suspicion of having something to do with a (serious) crime, like child exploitation. What this guy did was not handing over any evidence that could have potentially made a conviction in this case. That makes him guilty of obstruction of justice.
Image Jim Mossing Holsteyn - Community Team Leader
Knowledge Base | Documentation | Board rules

If you're having any questions about the rules/customs of this website, feel free to drop me a PM.

Kim_Possible
Registered User
Posts: 1343
Joined: Sun Sep 21, 2008 3:57 pm

Re: who uses a 50 character password?

Post by Kim_Possible » Thu Oct 28, 2010 8:16 pm

JimA wrote:What this guy did was not handing over any evidence that could have potentially made a conviction in this case. That makes him guilty of obstruction of justice.
What if the "evidence that could have potentially made a conviction in the case" wasn't a password, but was a confession? Would not confessing making him guilty of obstruction of justice as well? When should we (the justice system) say, "You go to jail for not helping us convict you" and when should we say, "You can't be coerced with the threat of prison into incriminating yourself."

It's not always an easy call.

User avatar
3Di
Registered User
Posts: 12887
Joined: Mon Apr 04, 2005 11:09 pm
Location: Milan (IT) Frankfurt (DE)
Name: Marco
Contact:

Re: who uses a 50 character password?

Post by 3Di » Thu Oct 28, 2010 8:33 pm

ok, but what all of this have a do with the discussion itself, at the end of all?

Post Reply

Return to “General Discussion”

Who is online

Users browsing this forum: AmigoJack and 35 guests