U.S. CitiesCity-Data Forum Index
Go Back   City-Data Forum > General Forums > Science and Technology > Computers
 [Register]
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
View detailed profile (Advanced) or search
site with Google Custom Search

Search Forums  (Advanced)
Reply Start New Thread
 
Old 09-17-2018, 01:39 PM
 
28,619 posts, read 40,600,178 times
Reputation: 37291

Advertisements

Got an alert from Google that someone not at my IP address used my Google password. This was not a simple password! Whoever it was was in my city and only 4 characters were different in the IP used and mine. Not my wife. She was playing Witcher 3 at the time.

So I created an even more complex password and changed my account. Hers is different, and she did a quick temp change (it was very late) and will create a more complex one today.

I now have her convinced to use Lastpass so her passwords can be much more complex and she can throw away that piece of paper she keeps hidden away.
Reply With Quote Quick reply to this message

 
Old 09-17-2018, 01:49 PM
 
28,619 posts, read 40,600,178 times
Reputation: 37291
Interestingly when I check the address Google gave me it shows it being in Atlanta, Fayetteville, and Las Vegas.
Reply With Quote Quick reply to this message
 
Old 09-17-2018, 02:23 PM
Bo Bo won $500 in our forum's Most Engaging Poster Contest - Tenth Edition (Apr-May 2014). 

Over $104,000 in prizes has already been given out to active posters on our forum and additional contests are planned
 
Location: Ohio
16,897 posts, read 33,637,170 times
Reputation: 13858
Quote:
Originally Posted by Tek_Freek View Post
I now have her convinced to use Lastpass
I use Lastpass competitor, Dashlane. Dashlane has a fairly new feature where they'll report back when they find any instances of my email address on the dark web, associated with a password breach. It has found a few of those, associated with a gmail account I rarely use and sites that I've never visited.

You might consider investing in something like that, since you've had a breach, just to see if the baddies using your account info shared it on the dark web. IIRC, there are other sites that offer that service.
Reply With Quote Quick reply to this message
 
Old 09-17-2018, 04:53 PM
 
2,360 posts, read 1,287,974 times
Reputation: 2093
def be checking other accounts and make sure they are not using same password as others are. I have 2 logins that uses 13 letters ,so had to write that sh down. lol

At work we are require to change ours every 30 days, and cant be in sequential anymore so no more password1, password2 next month.. has to be different with no letters the same. And min went from 8 to 12 letters now..
Reply With Quote Quick reply to this message
 
Old 09-17-2018, 05:06 PM
 
40,212 posts, read 41,808,108 times
Reputation: 16755
Quote:
Originally Posted by Tek_Freek View Post
This was not a simple password!



If you use the password elsewhere that is how they likely obtained it. A password on site like this is typically encrypted in the database and the password itself is the key. Encryption is typically not that strong out of performance concerns. If someone is able to decrypt and it's same password used for email account they can try it on your email account used to register.


Specifically for here this site is no https, if you are using public wifi or a third party intercepts that communication otherwise the password is sent plain text. .
Reply With Quote Quick reply to this message
 
Old 09-17-2018, 06:31 PM
 
28,619 posts, read 40,600,178 times
Reputation: 37291
Quote:
Originally Posted by thecoalman View Post
If you use the password elsewhere that is how they likely obtained it. A password on site like this is typically encrypted in the database and the password itself is the key. Encryption is typically not that strong out of performance concerns. If someone is able to decrypt and it's same password used for email account they can try it on your email account used to register.


Specifically for here this site is no https, if you are using public wifi or a third party intercepts that communication otherwise the password is sent plain text. .
One use PW. 18 characters. A thorough mix of upper/lower case/symbols/numbers.

The new one is longer.
Reply With Quote Quick reply to this message
 
Old 09-17-2018, 06:32 PM
 
28,619 posts, read 40,600,178 times
Reputation: 37291
Quote:
Originally Posted by Bo View Post
I use Lastpass competitor, Dashlane. Dashlane has a fairly new feature where they'll report back when they find any instances of my email address on the dark web, associated with a password breach. It has found a few of those, associated with a gmail account I rarely use and sites that I've never visited.

You might consider investing in something like that, since you've had a breach, just to see if the baddies using your account info shared it on the dark web. IIRC, there are other sites that offer that service.
A friend uses that.

I'll try it. Thanks!
Reply With Quote Quick reply to this message
 
Old 09-17-2018, 06:34 PM
 
28,619 posts, read 40,600,178 times
Reputation: 37291
Quote:
Originally Posted by hitpausebutton2 View Post
def be checking other accounts and make sure they are not using same password as others are. I have 2 logins that uses 13 letters ,so had to write that sh down. lol

At work we are require to change ours every 30 days, and cant be in sequential anymore so no more password1, password2 next month.. has to be different with no letters the same. And min went from 8 to 12 letters now..
I'm setting time aside today to go over all mine and my wife's.
Reply With Quote Quick reply to this message
 
Old 09-18-2018, 08:56 AM
 
Location: Cleveland, Ohio
11,825 posts, read 13,964,257 times
Reputation: 8060
Quote:
Originally Posted by hitpausebutton2 View Post
At work we are require to change ours every 30 days, and cant be in sequential anymore so no more password1, password2 next month.. has to be different with no letters the same. And min went from 8 to 12 letters now..
That's really dumb and most security experts agree nowadays.
One very complex password is better then changing passwords monthly. Even when password changes were the thing MONTHLY is absolutely ridiculous.

The safest kind of password you can use is 4 unrelated words. Doesn't need special characters or any of that.
Example: GiraffeStoreVolvoMagazine is a better password then: p4ssw0rd!

Reply With Quote Quick reply to this message
 
Old 09-18-2018, 10:38 AM
Bo Bo won $500 in our forum's Most Engaging Poster Contest - Tenth Edition (Apr-May 2014). 

Over $104,000 in prizes has already been given out to active posters on our forum and additional contests are planned
 
Location: Ohio
16,897 posts, read 33,637,170 times
Reputation: 13858
Quote:
Originally Posted by Peregrine View Post
The safest kind of password you can use is 4 unrelated words. Doesn't need special characters or any of that.Example: GiraffeStoreVolvoMagazine is a better password then: p4ssw0rd!
While I agree that it's a secure password, a 26-character password takes a long time to type on a smartphone keyboard.
Reply With Quote Quick reply to this message
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.

Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.


Reply
Please update this thread with any new information or opinions. This open thread is still read by thousands of people, so we encourage all additional points of view.

Quick Reply
Message:

Over $104,000 in prizes was already given out to active posters on our forum and additional giveaways are planned!

Go Back   City-Data Forum > General Forums > Science and Technology > Computers
Similar Threads
Follow City-Data.com founder on our Forum or

All times are GMT -6.

© 2005-2019, Advameg, Inc. · Please obey Forum Rules · Terms of Use and Privacy Policy · Bug Bounty

City-Data.com - Archive 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35 - Top