New
#11
It's a good policy to regularly change your passwords and don't use words in them, randomise them as much as possible.
It's a good policy to regularly change your passwords and don't use words in them, randomise them as much as possible.
You might laugh now, but I use addresses as passwords, usually places like hotels or landmarks I have visited, but also home addresses for people important to me.
This sounds complicated, but I can assure you it is extremely easy. I have used this "password protection" system for years, without any issues.
An example. Let's say I need an additional Outlook.com account, and a good password for it. There's a pub in London I have reasons to remember, in 44 Elizabeth Street, post / zip code SW1W 9PA.
My passwords always start with post / zip code, followed by the house / building number and street name. In addition, as this example is about a new Outlook.com account, I need to remember it has a 16 character limit for password.
I would now set the new email account's password as SW1W9PA44Elizabe, 16 first characters from the address written in my way (zip, house #, street). I have an encrypted, password protected password list (Excel workbook) stored in OneDrive. I would now add this account as Outlook 5 - London to that list (I have 4 Outlook.com email addresses already). Part of that list would look like this:
Outlook 1 Isle of Skye 16 Outlook 2 Oslo 16 Outlook 3 Utsjoki 16 Outlook 4 Carrara 16 Outlook 5 London 16 Gmail 1 Charleston FULL
The number after the city in the list reminds me of password length. As Gmail allows really long passwords, FULL in cities assigned to Gmail accounts means I can use the full address; for Outlook, the password in this example would be SW1W9PA44Elizabe, the same address used as Gmail password would be SW1W9PA44ElizabethStreet.
Note that cities in above list are naturally not the real ones I use!
OK, I now have a strong, long password with upper and lower case letters and digits. Together with 2FA, access to my accounts is as secured as possible.
I have no issues in remembering the places or landmarks I associate with each city, they are all important places / companies / people for me. I only use one city for one password, so even if I forgot the password to this sample Outlook.com account, I would check my encrypted list, see the password hint is London. Remembering the place I used in London, I could now use Bing to find their address and be able to sign in.
Kari
I should point out, this is not ransomware. Ransomware is when malware encrypts your hard drive, and demands a ransome to get your data back. At best, this is more like a bad blackmail attempt.
Hi, with this detailed explanation on "how it works" it shuld be possible to brute force your encripted password.
Dont ask to me how, i'm not into cracking passwords but this video explains
WARNING the video is NOT a "how to crack password" tutorial, it just explains how it can theoretically be done
YouTube
Please tell me how?
You have information that my "Outlook 5" account password hint is "London". You have absolutely no idea about what is my "Outlook 5" email address, and even if you had, you have absolutely no idea about what the place / address I associate with "London" is.
As you seem to be clever, could you please tell tell me how you could find my email address and password for account "Outlook 5", without knowing what first name.last name combination I have used to create that account, and what place / address in London I had on my mind when creating the password?
And, let's not forget the 2FA. Even if you had my email address, and the password, you could not sign in without a code sent as text message to my mobile phone.
You might be clever, but I strongly advice you not to reply. You might just make more fool of yourself.
Kari
Hi Kari, sorry I edited the original message, possibly while you were answering me, so you find additional info there.
I think the video is quite clear, I'm not referring to "the table" as a viable informantion but to the explanation on how you "compose" your password.
I'm talking about cracking the password, not about gaining access to accounts or authenticate