New
#11
Hi there
You've mis-understood the whole concept
You don't need to calculate / hack the password -- you've got the key info that the user types in in Plain text-- that is transmitted to the application.
You need to go to "Hacking School class 101" !!!!!!. Also read up if you are using wifi what a Data analyser can do --simple basic Engineering - if anybody studies that any more.
Not trying to be aggro here but a lot of stuff we thought was SIMPLE in the 1980's seems to be forgotten these days --for example you can make a Phone jammer by simply creating for a few cents a White noise 2.4 / 5 GHZ Oscillator generator -- but I'll bet zillions of people haven't a clue about how to make one. !!! Mobile phone signals - microwatts -- a 5mw (milliwatts -- many times bigger than the average mobile phone signal) device about the size of a 10 pack cigarette packet with a 9V battery will KILL any phone reception for about 100 metres !!!!!. All you need is a simple Inductor and a capacitor plus use the "magic Formula" --
To start you off -- here's a Wiki article - but it's high School physics 101.
(Don't underrate us old fashioned Engineers just yet !!!).
LC circuit - Wikipedia, the free encyclopedia
Cheers
jimbo
I'm liking Lastpass, it's very convenient. I don't fully understand how secure it is but I haven't been using it long. I'm thinking along the lines of what is the best way to store a backup copy of your passwords rather that how do you manage your passwords, I mean we could all agree that using a password manager is much more convenient than entering passwords manually all of the time right?
Keeping them on a notepad sounds like the simplest method. Would it be worth keeping encrypted copies on a backup drive as well?
I'm a firm believer in having an 'air gap' between the password storage medium and any computer network.
You could store passwords on a password protected file on a USB stick, ensuring the PC is not connected to the internet whilst editing/ reviewing the file. I don't recommend storing sensitive passwords stored on the PC or any cloud storage. You can choose whether to print the passwords and store them in a safe location if needed. Ensure you shred or preferably burn any old password printouts.
Hi there
I'll agree Convenience is far superior -- but I think the point here wasn't how Convenient the system was but what was the most secure way of storing passwords.
There's always a trade off between Security and Convenience -- a simple "Reward to Risk" or "Risk to Reward" ratio -- people will have to make their own minds on that.
I agree that there's far too many times we need to enter passwords - however one of the WORST systems I've seen is Amazon on a phone.
You can simply login and BUY something without entering a password or even a Credit / Bank card number if these are remembered on your phone / account. That is way TOO convenient !!!!.
I'm not sure what the answer is here -- passwords seem a 20th century way of trying to solve a 21st century problem -- 20 - 30 years ago or even 10 I doubt whether people had too many different online / work accounts. Now people could easily have 30 or 40 or even more accounts in various places.
Using Biometric systems doesn't work either -- you've seen Hollywood movies removing people's eyes / thumbs etc to get round that problem.
Maybe humans should be issued with a unique GUID at birth - that at least would be a unique id and on entering the number perhaps some questions could be answered that only the individual would know. In case of a wrong answer a "Warn" or "Hack" alert could be triggered -- so if someone was being held hostage at the keyboard they could deliberately type in a wrong answer which would flag a warning to the appropriate authorities.
However the idea of having a "Planet wide ID" seems a bit too totalitarian to me so I'll admit I just don't know. !!!!
Cheers
jimbo
Probably more the most secure way of keeping a *backup* of passwords, but I suppose the way in which you store them in general is still worth considering as well... Lastpass makes this easy but I do feel a bit unsure about having my data with a 3rd party. I believe it is all encrypted on their servers though?
I don't like the idea of autofill passwords, credit cards etc.
Last edited by Kol12; 03 Oct 2016 at 05:49.
I just use Word and password protect the file. By 'air gap' I mean I'm never connected to the internet when editing a file containing passwords and the USB stick containing the password file is removed before I reconnect. Best to restart the PC if you are paranoid about password data remaining in memory!
Hi there
another equivalent expression is "Footnet" where you physically have to remove a device from one machine and attach it to another -- pencil and paper works similarly --you have to retrieve the document, then manually (or scan) the contents into the computer. !!
Came from the old IBM Mainframe days where you used to have a lot of data on Mag tape reels -- The tape drives weren't on the whole shareable so you (or the Computer Operator) had to physically dismount a reel from one machine, walk over to machine 2 ("Foot net"), mount it and it would be useable on machine 2.
Cheers
jimbo