(no subject)

[badstar]

Is anyone else tired of seeing the "your password is too easy to guess" messages when making posts here?

Comments

[odalisques.livejournal.com]

Very. Especially as if you try to change your password now, it insists you have to include a number. Feh.

[mmc327.livejournal.com]

I never see that message. Then again, when I changed my password one time because I forgot it, it made me choose one that had a number in it. This was a year or two or more ago. So I had to think up something I could actually remember.

[odalisques.livejournal.com]

I can never remember the number-involved passwords, some synapse that refuses to fire, I guess. So after many lost-password dramas I gave in and keep them written down in the back of my planner and scribble notebook...which makes it significantly easier for someone to see than have to guess.

I just don't grasp logic, I guess :)

[katskorner.livejournal.com]

Oh shat! Now you've reminded me...I NO longer KNOW MY password because of that! :(

[tecie.livejournal.com]

Try replacing o's with 0's and L or I with 1.. you know, Leet :-)

[fuego.livejournal.com]

I *refuse* to change my password. I just do. i've used the same password since 1997, and if i try to use anyhting else...it just isn't a good idea. i've never had a problem with it. I've ONLY ever told 2 people what it was- one of my closest friends, out of necessity, and my mom because a conversation came up about weird passwords. Neither of them ever would have guessed my password in a million years. If anyone ever guessed my password, I think the world would end. It's that odd. (It's not anyhting bad, it's just a random word that no one, even someone who knows pretty much everything else about me would ever have any reason to associate with me.)

[tecie.livejournal.com]

Let me tell you about my job (the one I'm leaving). I support 300 commercial accounts with hundreds or more servers each. I also support internal stuff, so it's another 2000 or so servers supported directly. I have 4 spreadsheets of passwords that belong exclusively to me, and theyre all changing on different schedules (forced system changes) and all have different criteria. For example, some demand a special non alpha numeric charactar, some have to be EXACTLY 8 charachtars, and some HAVE to be all that AND have a number at a specific location inthe sequence (don't get me started on that one). That's not even mentioning the SHARED id's that the whole department uses, which are another couple of spreadsheets in and of themelves.

My advice to you is to get a couple of good strong passwords and rotate them. Easy passwords are suprisingly hard to guess. Like new2you or Sp1ng05 (note the uppercase).
Yeah, changing passwords sucks, but its not the PEOPLE that we in IT security are worried about. It's thecomputers trying common passwords. By the way, passw0rd is the most common of all.

[fuego.livejournal.com]

ok...stuff that has to be more secure, and has to contain letters and numbers and whatnot is a different story, if i have to play by the password rules, i will if i need to. but livejournal and stuff like that...there's nothing to steal.

[marilyth.livejournal.com]

*raises hand*

[katskorner.livejournal.com]

I second that.

[pagandenma.livejournal.com]

Annoyed by it, because even my husband wouldn't guess my password to this LJ account. It's very obscure and personal.

[brcmapgirl.livejournal.com]

I'm utterly confused by this post. It's really cryptic. I have never had a 'too easy to guess' message. But then again, been friends with veesnet has made me paranoid and I pick some pretty good ones.

The best thing to tell you is to have a set you can rotate. I have two pools. I can tell you one pool is famous dates in history. But you have to be a specialist. sherara might be able to guess one or two, but then I like to mess them up so they aren't guessable even if you get the right date.

I'm bad because I'll call someone like my sister and tell her to open up my email and look up something for me in my inbox. But that's only for throwaway email, not for the serious stuff (banking, shopping, etc.)

[fuego.livejournal.com]

oh...every time I post I get a message "your password is too easy to guess, click the following link to create a new pasword."

Ok, my password is a dictionary word...but you wouldn't just find it in the dictionary as I type it. And if anyone were to guess my password in fewer than a hundred guesses, I think I'd cry and give them a hundred dollars. (If the one person that I have told my password to is reading this, you don't qualify. But I don't expect you to remember it either.)

Being friends with Vees is enough to make anyone paranoid I think...though I've managed to keep up an immunity to it so far...hehe

[seaya.livejournal.com]

It's not that it's easy to guess by people. It's that it's easy to crack by programs. That's what they mean.

[fuego.livejournal.com]

too easy to crack is a little different than too easy to guess. they don't mention it and it never crossed my mind.


in any case, i'm not too worried about it. anyhting like banking or whatnot that i have concerns about is aready set up with more secure passwords.

[sunneyone.livejournal.com]

i haven't seen it yet.