Discussion in 'Off Topic' started by Digital Doctor, May 9, 2012.
Y U No leave my Gmail alone ?
Cool Gmail feature though
Is that a new feature or is it the first time you had something like this?
Same thing happened some time ago
Gmail say they "prevented it".
I had same thing happen to me from China, I went ahead and put on the double access security, sends a text to my cell phone to get in.
At first I thought it was an advert
Mine was accessed from Asia at some point as well. Check your "sent mail". In my case, they sent out fake WOW mails.
No idea how they ever got a hold of my password, but yeah.
My passwords are typically 50+ characters (longer usually) mixed with letters, numbers, symbols (and spaces to if possible). I've used whole paragraphs & chapter phrases from books mixed with numbers & symbols too.
Key point is NOT to use the same password in important places.
Just changed away from using this, so I could provide a good example (ie...no longer in use)
I took this
And had used this as a password
That's great until I try and type it in using my iPod. Then I just melt down and cry as passersby point and stare.
Get 1password, it's for windows, mac, ios, etc. Syncs over dropbox, use it constantly. Unique passwords for every login, and as long as the service allows. I never type any passwords anymore.
And of course, any security question is unique if possible, and the answer is never the truth, the answer should be as long and complex as the password (and also unique).
I had a password thing for my iPod. I kept everything in there. SSNs, VIN numbers for vehicles. You name it and it was in there. Last OS update erased them all. Let's just say I'm a bit leery about keeping passwords in a cloud for this reason and the reason that I can't be entirely sure of the security. You'd think places would have good security, but then you hear about Twitter, Sony, PayPal, Microsoft India, Facebook....
That is good up until the point where you consistently use the same letter/number/symbol to replace the same letter. Anytime you add ANY point of consistency to a password you increase the likely hood it can be cracked. In that situation a longer password is actually worse because it gives them more points of comparison. Once I learn that 7h3 = the, I can deduce that 7h1$ = this and I'm off and running. Put this at the speed that a computer can think and it's cracked in no time. Letter substitutions are one of the worst passwords, and often the most recommended.
A password like e#J"_81jN is actually better than what you posted.
If you sync over dropbox it wouldn't matter. You can get all your systems stolen. You buy a new one, install it, tell it to sync over dropbox, and you get it back again. Change the master password and move forward.
Most mobile security apps store everything plain text, 1password guys understand crypto, privacy and security and are constantly improving on it.
But by all means, especially since all those big sites are so poorly behaving in their responsibilities (Sony, hello 22 times?) it's perhaps a good idea to NOT use a single short easy to guess pass on ALL these sites.
haystacking passwords is even more secure than that. . What he's using is predictable and part of huge dictionary files. Quite insecure, despite the length:
Nice link Floris, describes that process very well.
Steve Gibson for the win!
That whole paragraph was your gmail password?
Not Gmail. Some place else less important, but with 2 step verification as well.
Separate names with a comma.