Knowledge Base
Community

Best practice for passwords and usernames

Started by: gregg_b
On: 27/07/2016 | 12:26
Replies: 49
Reply

by: harrrrrry
on: 04/08/2016 | 12:36

rong42:

 

falling into patterns with your passwords, which could then be guessed

 

That's a bit pessimistic. For somebody to be able to guess a "pattern" of passwords, they would need to have at least some of those passwords in order to deduce the pattern. But if they can find a sequence of passwords -- then presumably, they could have have found an unchanging password too.

 

But being required to change a password frequently, or to use passwords that are more complicated than necessary, increases the probability of the user having to save it or write it down somewhere -- and that certainly increases the probability of it being found.

 

 

Get a free giffgaff Sim

Message 41 of 50
by: mangowalk
on: 13/08/2016 | 20:28
Sound advice. I was just reminding my sisters of this today!
Message 42 of 50
by: claw
on: 04/09/2016 | 08:45

mangowalk wrote:

Sound advice. I was just reminding my sisters of this today!

Yeah sometimes you can forget to change your password. Always good to change it through time. 

Message 43 of 50
by: giffer23
on: 05/09/2016 | 06:08

Great tip and reminders there @gregg_b

@thank you, Smiley Happy

Message 44 of 50
by: mangowalk
on: 06/09/2016 | 13:17

Yep

 

V very important habit to develop!

 

cheers

Message 45 of 50
by: americanfootball
on: 06/09/2016 | 17:15

As suggested by others, password managers combined with randomly generated passwords, is a great way to survive the many "leaks" we seem to have these days.

 

Two links that can be of use:

 

Check if you have an account that has been compromised in a data breach: https://haveibeenpwned.com/

 

An interesting article: "The only secure password is the one you can’t remember": https://www.troyhunt.com/only-secure-password-is-one-you-cant/

Message 46 of 50
by: zainaahmed14
on: 19/09/2016 | 20:40
Thanks for sharing this information.
Message 47 of 50
by: kromagg
on: 19/09/2016 | 22:28

I developed system for producing passwords: 

 

1. It's reliable and easy , you will never use the same passwords twice.

2. It's secure , you do not have to write it anywhere, just keep it safe in your head.

3. It's simple, you can have well over 50 passwords, yet you will still remember them all.

 

SO:

1. Choose CORE of your password: something you will well remember, it may be made up word that make sense only to you, or some important place/person/time/etc. For best results make sure your CORE has 6-8 letters minimum. Use small letters.

 

2. pick 1 or 2 letters from your password and replace them with numbers (letter "O" - number "0", letter "E" - number "3", letter "A" - number "4", letter "I" - number "1" etc.).

 

3. For each account add prefix to the CORE:

- in capital letters;

- from first letters of the service you are creating the password for;

 

4. Connect prefix with Core with one of the "special signs" (!, @, ~, *, etc.).

 

EXAMPLE:

1. I choose CORE word:                                         futurama

2. I replace letters "A" for numbers "4",                  futur4m4

3. For GIFGAF account my prefix will be "GG"       GGfutur4m4

4. I choose "~" for special sign                                GG~futur4m4

 

So my password for GiffGaff would be        GG~futur4m4

My password for let say O2 would be         O2~futur4m4

My password for BBC account would be    BBC~futur4m4

for Gmail it would be                                   GMAIL~futur4m4

for netflix                                                      N~futur4m4

 

Well you get the picture.

 

This way You don't need litter your head with all paswords, only the CORE and then just add your prefix. Isn't it fool proof? Smiley Happy

 

REMEMBER: More secure services usually asking for passwords to be at least 8 signs long, consist of capital and small letters, at least one number and 1 special sign.

Message 48 of 50
by: jpcjpc
on: 21/09/2016 | 10:45
@kromagg - but if someone finds out your adjusted core password it'll be pretty easy to guess passwords for other sites.

This could happen if your passwords are stolen from two sites where you use the same email address as your login. Hackers routinely cross reference data from multiple breaches to identify exactly this kind of password reuse.
Get a free Giffgaff Sim
Message 49 of 50
by: nataliya84
on: 28/09/2016 | 17:32
Yes, backups are very important!
Message 50 of 50