cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Passwords and learning from others mistakes

zubel
Community Veteran
Posts: 3,793
Thanks: 4
Registered: ‎08-06-2007

Re: Passwords and learning from others mistakes

‎17-12-2007 12:49 PM

I think the point is that people being people, they are likely to use the same, or similar usernames and passwords for other secure things (maybe internet banking, for example).
B.
Message 31 of 36
(291 Views)
0 Thanks
jelv
Seasoned Hero
Posts: 26,785
Thanks: 971
Fixes: 10
Registered: ‎10-04-2007

Re: Passwords and learning from others mistakes

‎17-12-2007 12:57 PM

So they give Plusnet their internet banking password and then worry about who has access to it. Now who's at fault here?
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Message 32 of 36
(291 Views)
0 Thanks
Not applicable

Re: Passwords and learning from others mistakes

‎17-12-2007 2:31 PM

Doesn't it seem odd to criticise PNs business methods because of other peoples mistakes though?
Only a musing.
PN use one word/combination of letters so we can identify ourselves to them - is it their fault if we took the decision to use the same word to identify ourselves to other organisations?
Those savvy enough to be concerned about PN staff seeing the means we use to identify ourselves to PN, ought to be savvy enough to ensure they use seperate secure ways to identify themselves to other people.
Is it a worry that a shopping site may ask us for our name/address/mothers maiden name when registering, and these are the same details banks use to protect our funds?
Fair enough, to get access to the info at the bank you have to undergo fairly stringent security and police record checks, but to work for an internet retailer you would be far less likely to go through the same scurity checks.
What about if the retailer asked a lot of different questions? Might make your transaction with the retailer more secure, but makes your bank account less secure, the more you tell to another company.
In the balance of things, I think this situation (the PN password one) is a issue pretty low on the security scale.
The propensity to reveal true details about ourselves and our lives to organisations is more of a concern.
For example, I've been born in many different towns, I don't often use the same one, and never the actual one.
Mother has had many maiden names too, and I've lost count of the number of 'first pets' I've had.
Message 33 of 36
(291 Views)
0 Thanks
Alex
Community Veteran
Posts: 5,500
Thanks: 921
Fixes: 13
Registered: ‎05-04-2007

Re: Passwords and learning from others mistakes

‎17-12-2007 3:16 PM

Quote from: James_H
Mother has had many maiden names too, and I've lost count of the number of 'first pets' I've had.

Yep, and my favourite colour has changed over the years since I've grown up Grin
I think one of the problems is that the use of usernames and passwords has exploded since use of the internet. Then within the last couple of years, you've got chip and pin meaning I have to remember another 4-5 PINs to use my credit cards (they're all different and I never used to get cash out on them).
The more you require people to memorise some kind of code, then I guess it's more likely they're going to use the same one. Aside from internet banking/on-line billing for credit cards, you now have the rest. I don't mind registering on a site if I wanted to buy something, but often you have to register so the people running the sites can get free marketing information, or so they have a means to chase you up if you're evaluating something they might make cash out of.
I remember having to register on a UK PC Mag site (years ago and can't remember which one now), just to read an article. I think I was so annoyed, my address had changed to: 1 Any Street, Anytown, AA1 1AA.
(Actually knowing me it was probably stronger termed than that, but I can't really post it here) Cheesy
I tend to use about 3-4 strong passwords for anything I would care about being broken (so of course banking is one), and anything else I don't would be something a brute force dictionary attack would probably crack. Even so I have trouble keeping up with what password I may have used for less frequently visited sites, but usually within 3 goes I usually hit the password I used.
I guess broadband details are slightly different in the sense that knowing them doesn't necessarily mean you can steal the service (yes it does if you're in the area and know the wireless encryption password, but that's different). Though having access to e-mail and account details is bad enough.
Message 34 of 36
(291 Views)
0 Thanks
Not applicable

Re: Passwords and learning from others mistakes

‎17-12-2007 3:26 PM

Most peoples are last two digits are either "in" or "rd" anyway in my experience for examples of 7 and 8 char passwords.
Message 35 of 36
(291 Views)
0 Thanks
jelv
Seasoned Hero
Posts: 26,785
Thanks: 971
Fixes: 10
Registered: ‎10-04-2007

Re: Passwords and learning from others mistakes

‎17-12-2007 3:27 PM

Can I strongly recommend KeePass Password Safe - that way you can create a strong password for every site (it will generate random passwords for you) and you only have to remember one password (the one that opens the safe). When you go back to a site you can drag/drop the password from the safe on to the web page.
jelv (a.k.a Spoon Whittler)
   Why I have left Plusnet (warning: long post!)   
Broadband: Andrews & Arnold Home::1 (FTTC 80/20)
Line rental: Pulse 8 Home Line Rental (£14.40/month)
Mobile: iD mobile (£4/month)
Message 36 of 36
(291 Views)
0 Thanks