Posted on 11/13/2017 2:11:11 PM PST by nickcarraway
Dear John: A question: In the grand scheme of things, what is the point of having a password?
Equifax gets hacked, Yahoo gets hacked. I don’t put my mother’s maiden name or my Social Security number on any of my password-protected accounts because those who do provide such information seem to get hacked.
Passwords provide a false sense of security. Oh, and make sure your password includes letters, numbers and a certain number of digits, blah, blah, blah, so it is difficult to remember and difficult to compromise. Yeah, sure! M.K.
(Excerpt) Read more at nypost.com ...
We don’t need passwords. We’ll just log into the bank and look for our account without a password. A name will do.
Good question. Let's ask our panelists, starting with John Podesta...
They still matter, but no one is asking why all our sensitive financial information was recorded about us without our consent and put into a huge database in such a way that a hacker could get it all.
Why was it all open to access? Why wasn’t it divided into segments so no one hacker could get it all at one time?
Why are we not being compensated? A year of free monitoring is a joke. Monitor what? The information is already out there!
We had no choice! They took the information about us without asking us!
LOL!...........................
They still matter, but no one is asking why all our sensitive financial information was recorded about us without our consent and put into a huge database in such a way that a hacker could get it all.
i.e. it is no longer on you to prove your identity was stolen. Rather, it is on them to prove it wasn’t.
I say this because of what you posted above.
I use a system where the password for each site is a combination of a secret phrase (changed periodically) and a simple transformation of the site name that I can do in my head.
I’ve never had a second account hacked in 20+ years.
How many characters are we talking here?
If you use a password, that you means you don’t trust someone.
VERY intolerant.
Shame, Shame.
Maybe use Special Fonts? Like fish, airplanes, geometric symbols?
Passwords are like the lock on your front door. They exist to keep basically honest people honest. Against experienced thieves/hackers they are no more than a speed bump.
Example; The secret phrase is ‘One flew over the cuckoos nest’ and the site is Facebook.
Take the first and last letter in each word in the phrase with digits literal and vowels substituted with digits, followed by the last 4 chars in site name shifted up, last char caps.
Final password: 1fw0rt3csnt@nnJ
Example; The secret phrase is ‘One flew over the cuckoos nest’ and the site is Facebook.
I have almost 100 passwords. All these great systems work if one has just a few passwords. Once you have more than four or five, the systems fall apart.
Pass WORDS ... bad
Pas PHRASES ... good
“I love red roses!” is a really strong password and is easy to remember. Yes, I understand that it completely misses the point of the article.
Nobody mentioned Key Loggers once. Even if you have 100 characters in a PW, a key logger makes all that moot. No mater what your system is, knowing what you just typed wins every time.
As one who consults in cybersecurity and who specializes in the financial industry, I can tell you that the majority of the time, hackers get it though simple means. Once in, there is no separation of services within the institution.
Think of a hospital. Does the parking attendant or security guard need to have access to patient billing? Does the maintenance staff need to have access to the nurses station? Do Doctor’s need to have access to accounting and billing? While everyone recognizes the need for “need to know” controls - few actually implement them.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.