Full Version: Security questions

From: Peter (BOUGHTONP) [#1]
8 Mar 20:51
To: ALL

quote:

Please complete the following. The answers to these questions would have been chosen by you when you signed up for My T-Mobile.

Favourite place
Favourite colour

I haven't got a fucking clue what I might have put for either of those.
Odds are it was just some nonsense to get past the dumb form, because I don't have a fucking favourite fucking place.

I've already validated my email address, phone number, and username, so why the hell can't they just send a standard reset message like everyone else. :@

Instead, it looks like I'll have to figure out what I actually used for the password, and then wait a quarter of an hour for things to unlock so I can try logging in again. Or wait until tomorrow and sit on hold for half an hour before talking to someone who'll make me jump through even more dumb hoops. :@

Argh!

From: ANT_THOMAS [#2]
8 Mar 21:09
To: Peter (BOUGHTONP) [#1] 8 Mar 21:14

I assume you've managed favourite colour though?

From: Peter (BOUGHTONP) [#3]
8 Mar 21:26
To: ANT_THOMAS [#2] 8 Mar 21:29

Nope.

Again, I don't really have one; or rather, it's something that might change as often as the wind, so I'm unlikely to commit to anything in particular.

I've got a large handful of ideas of what I might have put, plus another of what I'd use for place, but together that's over half a hundred possible combinations.

Which would simply be tedious normally, but with the quarter hour lockout after 2/3 failures, I can't be arsed. Easier to narrow down the password choice I would have made - can probably get that to under a dozen possibilities if I get my brain working.

From: 99% of gargoyles look like (MR_BASTARD) [#4]
8 Mar 22:47
To: Peter (BOUGHTONP) [#3] 9 Mar 0:46

How many (nameable*) hues of dark brown and grey can there be?

* hex codes don't count! :p

From: MrTrent [#5]
9 Mar 0:56
To: Peter (BOUGHTONP) [#3] 9 Mar 1:18

You should just use the same password for everything. That's what i do.

From: Peter (BOUGHTONP) [#6]
9 Mar 1:16
To: 99% of gargoyles look like (MR_BASTARD) [#4] 9 Mar 21:36

Uh...? Quite a few.

Auburn, Burnt Umber, Chestnut, Chocolate, Mahogany, Sepia, Sienna, Walnut, etc.

I'm pretty certain I could find plenty others, and that's not even starting on the assortment of greys...

From: Peter (BOUGHTONP) [#7]
9 Mar 1:25
To: MrTrent [#5] 10 Mar 0:14

I do hope you're being facetious, because that's an incredibly stupid thing to do otherwise. :S

From: ANT_THOMAS [#8]
9 Mar 2:22
To: Peter (BOUGHTONP) [#7] 9 Mar 8:07

It makes life easier though.

From: Peter (BOUGHTONP) [#9]
9 Mar 8:12
To: ANT_THOMAS [#8] 9 Mar 12:26

So does leaving your house and car unlocked all the time.

I have a common password for unimportant things, where I don't much care, but anything significant, or that involves money, or whatever, has a distinct password.

From: Serg (NUKKLEAR) [#10]
9 Mar 10:37
To: Peter (BOUGHTONP) [#7] 9 Mar 11:30

No, but you can have a heavily encrypted TrueCrypt volume inside which you store your passwords, credentials etc. Sure beats the hell out of keeping (for example) card PIN's in a drawer in case you forget them.

From: Peter (BOUGHTONP) [#11]
9 Mar 11:34
To: Serg (NUKKLEAR) [#10] 9 Mar 12:17

So long as the password for that is sufficiently secure.

From: graphitone [#12]
9 Mar 13:02
To: Peter (BOUGHTONP) [#6] 9 Mar 14:47

(fail)

You forgot Payne's Grey.

From: Peter (BOUGHTONP) [#13]
9 Mar 14:48
To: graphitone [#12] 9 Mar 15:03

No I didn't.

From: graphitone [#14]
9 Mar 15:04
To: Peter (BOUGHTONP) [#13] 9 Mar 16:23

Right.

Yes, well - Carry On.

From: MrTrent [#15]
10 Mar 0:16
To: Peter (BOUGHTONP) [#7] 10 Mar 0:34

I'll be fine unless somebody finds out what it is.

From: Peter (BOUGHTONP) [#16]
10 Mar 0:49
To: MrTrent [#15] 10 Mar 22:40

You realise anyone with access to this server could modify the code to email them your password, then proceed to login to Amazon/eBay/etc and buy themselves lots of stuff.

And whilst you (hopefully) consider Matt and me as trustworthy, don't forget that EuroVPS staff also potentially have access - without needing to break in.

And the same thing applies to every other site you use - you don't know if your password is safely encrypted, or if anyone dodgy can already get to it.

And then there is the possibility of people breaking in and grabbing details. Or using a shared computer after you've been on it. Or sniffing unencrypted network traffic.

If you don't want the risk, change your important accounts to something secure. (Use a local password manager if your memory sucks).

From: Hugh et al le J (KOSWIX) [#17]
10 Mar 0:57
To: Peter (BOUGHTONP) [#16] 10 Mar 9:36

I have a 'basic' password for sites of no importance, and a hard one for anythign money related.

And a third one, specifically for you bunch of shifty fuckers on here :C

From: Peter (BOUGHTONP) [#18]
11 Mar 15:27
To: Hugh et al le J (KOSWIX) [#17] 11 Mar 16:34

How hard is it?

I came across this blog article on passwords, which some might find interesting:
http://blog.1smartsolution.com//index.cfm/action:posts.entry/id:271/On-Consumer-Password-Worst-Practices

From: Radio [#19]
11 Mar 15:41
To: ALL

I'm similar, I have a basic password that I use for most things, then a harder one for email.
Banks/credit card have multiple passwords anyway, so I obviously have different ones there.
My work one is different again, but only because its about the only one that has to be changed every x months. Its happy for me to just increment one letter though, so that's what I do (I'm up to 'V' now, so almost done with the alphabet)

From: Peter (BOUGHTONP) [#20]
11 Mar 15:58
To: Radio [#19] 11 Mar 16:15

quote:

has to be changed every x months. Its happy for me to just increment one letter though, so that's what I do

Yeah, my work has a similar stupid policy, and I also just cycle through characters, because I know the damned thing is still secure.

Show messages: 1-20 21-23

Reply to All

Full Version: Security questions

Back to thread list | Login

© 2010 Project Beehive Forum