U.S. CitiesCity-Data Forum Index
Go Back   City-Data Forum > General Forums > Science and Technology > Internet
 [Register]
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
View detailed profile (Advanced) or search
site with Google Custom Search

Search Forums  (Advanced)
Reply Start New Thread
 
Old 03-28-2016, 02:56 PM
 
Location: Mableton, GA USA (NW Atlanta suburb, 4 miles OTP)
11,319 posts, read 22,732,496 times
Reputation: 3895

Advertisements

Quote:
Originally Posted by Skyl3r View Post
You represent a pretty small percentage of users, I'd be willing to guess.
Anecdotes don't dissuade me.
Good, and they shouldn't. You're right ... once a password escapes, things could get ugly in many (most?) cases, and periodic changing of passwords does reduce the damage.
Reply With Quote Quick reply to this message

 
Old 03-28-2016, 03:03 PM
 
Location: 10110001010110100
6,385 posts, read 10,841,220 times
Reputation: 5589
Quote:
Originally Posted by WannabeCPA View Post
Currently I have all my passwords written down on a single piece of paper, obviously not ideal were something to happen to that piece of paper.
It'd not be too bad as long as you have a horrible handwriting that only you can read and you are backing up that piece of paper to another piece of paper, periodically.

Reply With Quote Quick reply to this message
 
Old 03-28-2016, 03:07 PM
 
Location: Mableton, GA USA (NW Atlanta suburb, 4 miles OTP)
11,319 posts, read 22,732,496 times
Reputation: 3895
Quote:
Originally Posted by TurcoLoco View Post
It'd not be too bad as long as you have a horrible handwriting that only you can read and you are backing up that piece of paper to another piece of paper, periodically.

I used to transliterate all of my passwords and PINs out phonetically in Tolkien's Tengwar.

Yeah, I used "Elvish" before it was cool. :-)

Last edited by rcsteiner; 03-28-2016 at 03:08 PM.. Reason: Don't judge me. :-)
Reply With Quote Quick reply to this message
 
Old 03-29-2016, 09:27 AM
 
Location: Cleveland, Ohio
11,815 posts, read 13,954,365 times
Reputation: 8047
Quote:
Originally Posted by TurcoLoco View Post
It'd not be too bad as long as you have a horrible handwriting that only you can read and you are backing up that piece of paper to another piece of paper, periodically.

LOL That might work for me!
Reply With Quote Quick reply to this message
 
Old 04-04-2016, 02:25 AM
 
24,503 posts, read 35,955,968 times
Reputation: 12847
Quote:
Originally Posted by rcsteiner View Post
Oh, you guys are using BIOS and other device passwords?
Not just passwords. As another poster mentioned, there are lazy IT departments that will still rely on a password or two. But today's competent IT departments will implement something more secure such as OTP, hardware token, or an RSA key.
Reply With Quote Quick reply to this message
 
Old 04-04-2016, 07:26 AM
 
Location: HoCo, MD
4,581 posts, read 8,190,996 times
Reputation: 5113
Quote:
Originally Posted by NJBest View Post
Not just passwords. As another poster mentioned, there are lazy IT departments that will still rely on a password or two. But today's competent IT departments will implement something more secure such as OTP, hardware token, or an RSA key.
They may be lazy - or they just don't have the funds (or business case). Moving away from straight a/n passwords actually allows you to be lazy. In my experience, password resets are the overwhelming majority of the help desk calls. Having tokens/MFA reduces them.

However, implementing tokens can be expensive. Assuming it can be done in the first place. Most that chose to use it will also want SSO so they can utilize the same authentication mechanism across all applications. Which is another cost.
Reply With Quote Quick reply to this message
 
Old 04-05-2016, 12:27 PM
 
Location: Mableton, GA USA (NW Atlanta suburb, 4 miles OTP)
11,319 posts, read 22,732,496 times
Reputation: 3895
Quote:
Originally Posted by NJBest View Post
Not just passwords. As another poster mentioned, there are lazy IT departments that will still rely on a password or two. But today's competent IT departments will implement something more secure such as OTP, hardware token, or an RSA key.
Yeah, we use an RSA key for the main VPN, and I'm not quite sure how the secondary VPN works. :-)

When I worked for an airline, we used to have a handheld RSA FOB with a digital key that we had to enter.
Reply With Quote Quick reply to this message
 
Old 04-25-2016, 10:06 PM
 
24,503 posts, read 35,955,968 times
Reputation: 12847
Quote:
Originally Posted by macroy View Post
They may be lazy - or they just don't have the funds (or business case). Moving away from straight a/n passwords actually allows you to be lazy. In my experience, password resets are the overwhelming majority of the help desk calls. Having tokens/MFA reduces them.

However, implementing tokens can be expensive. Assuming it can be done in the first place. Most that chose to use it will also want SSO so they can utilize the same authentication mechanism across all applications. Which is another cost.
Lazy is perhaps, the wrong term. I was using the term simply because it was used by Tek_Freek in relation to IT organizations with bad security practices. The lack of MFA is a bad security practice. If you can log into a system with just a user name and password, you should question the competency of your IT organization.
Reply With Quote Quick reply to this message
 
Old 04-25-2016, 10:16 PM
 
4,696 posts, read 2,431,029 times
Reputation: 6205
Quote:
Originally Posted by Macrina View Post
I've used 1Password for several years and am so pleased with it. Go here for information, if you want: https://agilebits.com/onepassword Yes, there are versions of the app for your desk or laptop, also for mobile devices.

It is not free, but it is expertly designed and presented in a manner which can be understood even if one is not a professional computer & software tech. I think it's worth every penny. 1Password is one of the most highly rated password managers.

I encourage you to check it out. They offer a free trial period, which is really a great idea. That way you can see exactly what you're getting. They also have really good customer service.
I've had 1Password for years and have never paid for it...
Reply With Quote Quick reply to this message
 
Old 10-17-2016, 06:15 PM
 
Location: New York City
47 posts, read 29,496 times
Reputation: 86
Quote:
Originally Posted by WannabeCPA View Post
How are your passwords usually stored? ... Anyone have any advice.
If you want to keep them closer to you, bookmark the sites in your browser and store the passwords in the Description field (or 'Title', vis-a-vis MS I.E./Edge).

Not a bad security feature, 'cause even if someone accesses your machine, bookmarks are the last place they'll look.

If you sync your bookmarks with an 'cloud' service, for extra security you might want to tag them such that they don't sync. Depends on if you need the pswd remotely.

I also store some passwords in my (Google) Contacts, using some type of low-level anonymizing scheme, such as site/pswd but without the corresponding username, or username/pswd without the site.
Reply With Quote Quick reply to this message
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.

Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.


Reply
Please update this thread with any new information or opinions. This open thread is still read by thousands of people, so we encourage all additional points of view.

Quick Reply
Message:

Over $104,000 in prizes was already given out to active posters on our forum and additional giveaways are planned!

Go Back   City-Data Forum > General Forums > Science and Technology > Internet
Similar Threads
Follow City-Data.com founder on our Forum or

All times are GMT -6. The time now is 11:58 PM.

© 2005-2019, Advameg, Inc. · Please obey Forum Rules · Terms of Use and Privacy Policy · Bug Bounty

City-Data.com - Archive 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35 - Top