Bitcoin Forum
December 03, 2016, 02:44:26 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 [2]  All
  Print  
Author Topic: Why dont we have a security subforum?  (Read 3027 times)
lathomas64
Full Member
***
Offline Offline

Activity: 130


Working on a new game -- Fortunes


View Profile WWW
August 25, 2011, 01:50:13 PM
 #21

What are some solutions you all use to keep track of several passwords without using the same password multiple places?

CTO and lead developer at Cliché Studio
free bitcoin every day
_______________________________________
12FHjesgiE7uSMPKwUYiYqUw2aE1kQF2aS
1480733066
Hero Member
*
Offline Offline

Posts: 1480733066

View Profile Personal Message (Offline)

Ignore
1480733066
Reply with quote  #2

1480733066
Report to moderator
1480733066
Hero Member
*
Offline Offline

Posts: 1480733066

View Profile Personal Message (Offline)

Ignore
1480733066
Reply with quote  #2

1480733066
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Intervex Digital
Jr. Member
*
Offline Offline

Activity: 42


Unparalleled market insight for iPad, iPhone, iPod


View Profile WWW
August 25, 2011, 02:18:41 PM
 #22

What are some solutions you all use to keep track of several passwords without using the same password multiple places?

KeePass is a great utility and you can use it for organizing software keys as well... (and it's open source!)

Intervex Digital - Makers of BitCoins Mobile, the world's first Bitcoin app for iPad! Learn More at: www.BitCoinsMobile.com
Bitcoin Conference Mobile App @ bitcon.m
newminerr
Member
**
Offline Offline

Activity: 70

like no other.


View Profile
August 25, 2011, 04:10:44 PM
 #23

1Password is good too but it's commercial -$39.99-.
joulesbeef
Sr. Member
****
Offline Offline

Activity: 476


moOo


View Profile
August 25, 2011, 08:26:13 PM
 #24

What are some solutions you all use to keep track of several passwords without using the same password multiple places?

keypass is the best, if you are willing to set it up.(easy set up.. just complex if you want as much functionality as the next solution.. basically you have to store your password file online, at a site you control but having it on usb is good but you couldnt have access to it if you didnt have your usb but did have a connection to the web)

lastpass is great, it  will generate random passwords for you, keep track of multiple accounts, and automatically fill in forms and auto log you into nearly every site. You can have access to your passwords as long as you can get a web connection. This isnt as good as keypass as it is a third party holding onto your passwords, if they go down for the day, you are screwed, if they get hacked you are screwed. But so far they have been exemplary. They had some odd network traffic and without knowing if they had been actually hacked they suggested everyone changes their master passwords, which was the proper thing to do, but which most corps dont do.

there are also some interesting paper passwords cards

last you can also come up with simple algorithms, instead of passwords.
the following example is too simplistic but it is too give you an idea.

Like a pass for this site could be Bitcointalk$321 and for bitparking could be Bitparking$321

you can see with a simple algorithm, you can make up unique passes for each site and yet have a way to remember them.
This is too simple as I said but it is easy to make so complex that you cant recognize that the pass is based on an algorithm. This is how I have done it for years.

here is a slightly more complex example to show you.

Bitcointalk is the site.

1. mix in 987654321 every other letter.

B9i8t7c6o5i4n3t2a1l0k

looking complex but not enough.

2. If the number to the right of the letter is odd Go down 3 letters, if even go up 2 letters. If neither, leave it..
E9j8w7a6or5k4q3r2c1l0k


now my pass is looking good and yet if I forget it, i can recalculate it at any time and yet someone finding that pass wont know it is made by algorithms, or the site it is for. And you can keep making your algorythm more complex, or use different rules to make the password more complex.. and all you have to do is remember your algorythm.

it can be as simple as go up a letter down a letter and mix in 123$%&789 and every other latter capitalized.
so bitparking becomes a1J2s3Q$z%S^j7J8m9F.. looks good. for a lot of sites you will need to select only the first few letters.. cause they suck, but it will still work for you.. you can add a code to remind you like double 8s to say cut off here  a1J2s3Q$z88%S^j7J8m9F

mooo for rent
deslok
Sr. Member
****
Offline Offline

Activity: 448


It's all about the game, and how you play it


View Profile
August 25, 2011, 10:25:48 PM
 #25

If you're going to take the effort to encrypt your passords mentally you should be more than capable of remembering what they are. Those password cards look like they could have some uses but i'd never use them as a personal password, too easy to leave behind. I personally find things of signifigance but without utility make excelent passwords Ex: Your house phone from 3 changes ago. no one has any real reason to remember it or to even consider that you would use it since it's no longer of any utility.

"If we don't hang together, by Heavens we shall hang separately." - Benjamin Franklin

If you found that funny or something i said useful i always appreciate spare change
1PczDQHfEj3dJgp6wN3CXPft1bGB23TzTM
joulesbeef
Sr. Member
****
Offline Offline

Activity: 476


moOo


View Profile
August 25, 2011, 11:19:51 PM
 #26

I'll mail you my password card.

you cant tell the pass from the card.. it could reduce the combinations you have to try by a tiny bit, but the way they work you can leave the password card pinned to your monitor.


it goes with
Quote
the Chief Security Officer at Sun Microsystems said yesterday, “Write down your passwords; your wallet is a lot more secure than your computer.”
and this is a bit more secure than that.

still keypass is the best of the ones i mentioned.. I used to do the algorythm thing for years, but now I just keypass it.

I dont know any of my passes though and that is a bit disconcerting but i have backups of my database encrypted with a pass I do know.

mooo for rent
deslok
Sr. Member
****
Offline Offline

Activity: 448


It's all about the game, and how you play it


View Profile
September 17, 2011, 02:56:17 PM
 #27

I'm bumping this in hopes that we actually get this, i saw a security warning about php on off topic today and this would be a good place for threads about things like wallet stealers and securing your wallet(s) secure passwords how to pick and remember/store one and things of that nature

"If we don't hang together, by Heavens we shall hang separately." - Benjamin Franklin

If you found that funny or something i said useful i always appreciate spare change
1PczDQHfEj3dJgp6wN3CXPft1bGB23TzTM
johnj
Full Member
***
Offline Offline

Activity: 154


View Profile
September 17, 2011, 03:00:22 PM
 #28

Lastpass.

1AeW7QK59HvEJwiyMztFH1ubWPSLLKx5ym
TradeHill Referral TH-R120549
deslok
Sr. Member
****
Offline Offline

Activity: 448


It's all about the game, and how you play it


View Profile
September 17, 2011, 03:04:27 PM
 #29

Lastpass.

Go ahead and make a thread about it if we get a security subforum

"If we don't hang together, by Heavens we shall hang separately." - Benjamin Franklin

If you found that funny or something i said useful i always appreciate spare change
1PczDQHfEj3dJgp6wN3CXPft1bGB23TzTM
defxor
Hero Member
*****
Offline Offline

Activity: 530


View Profile
September 17, 2011, 08:19:50 PM
 #30

lastpass is great, it  will generate random passwords for you, keep track of multiple accounts, and automatically fill in forms and auto log you into nearly every site. You can have access to your passwords as long as you can get a web connection. This isnt as good as keypass as it is a third party holding onto your passwords, if they go down for the day, you are screwed, if they get hacked you are screwed. But so far they have been exemplary. They had some odd network traffic and without knowing if they had been actually hacked they suggested everyone changes their master passwords, which was the proper thing to do, but which most corps dont do.

The LastPass plugin caches locally meaning you have access to your passwords offline as well, and they do not store your actual unencrypted passwords which means you're not "screwed" if they get hacked.

The most obvious attack vector is to somehow modify the javascript that gets sent to your client, or to intercept both your locally entered master password as well as the lastpass-stored encrypted keyfile.

I fully recommend LastPass, even with those two caveats in mind.

(Paying users can also use the mobile client)
Transisto
Donator
Legendary
*
Offline Offline

Activity: 1624



View Profile WWW
September 18, 2011, 05:04:05 AM
 #31

What if we turn this thread into the conversations we would have in a security sub-forum to show there is enough volume of discussion to justify a new thread.
Security deserve it's own sub forum (not thread) because the general public want to be and feel safe about owning BTCs.

Making it on the first page will simply make it easier to find,

As for the content, enough has already been said, we should start tagging all notable security thread to be moved there.

like - so...

https://bitcointalk.org/index.php?topic=323.0
https://bitcointalk.org/index.php?topic=18238.0
https://bitcointalk.org/index.php?topic=5194.0
https://bitcointalk.org/index.php?topic=3089.0
https://bitcointalk.org/index.php?topic=33835.0
https://bitcointalk.org/index.php?topic=17240.0
..................................
theymos
Administrator
Legendary
*
Offline Offline

Activity: 2492


View Profile
September 18, 2011, 06:17:25 AM
 #32

I just don't think there would be enough topics for a security section. If I saw like 30 active security topics, I would consider it.


Two of those wouldn't belong in a security section.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
Transisto
Donator
Legendary
*
Offline Offline

Activity: 1624



View Profile WWW
September 19, 2011, 05:19:28 AM
 #33

I just don't think there would be enough topics for a security section. If I saw like 30 active security topics, I would consider it.

Two of those wouldn't belong in a security section.
So if that mean only informative or "current" break-in post should be moved, I totally agree.

So ? other than the empty feel of a sub with 10 post what's holding this back ?

I would see it fit as a sub of "Bitcoin Discussion" or sub of "Technical Support"
joulesbeef
Sr. Member
****
Offline Offline

Activity: 476


moOo


View Profile
September 19, 2011, 05:54:05 AM
 #34

I think there would be more posts if there was actually a sub-forum. Heck I would write posts if I thought there would be a place for people to easily find them. But I understand it will probably not be the most active part of these forums. But I bet it would get plenty of readers.


mooo for rent
wumpus
Hero Member
*****
Offline Offline

Activity: 798

No Maps for These Territories


View Profile
September 19, 2011, 10:53:26 AM
 #35

I just don't think there would be enough topics for a security section. If I saw like 30 active security topics, I would consider it.
I don't think you should add a security section because it would be extremely popular for posting in, but because it is necessary. One of the first things people practically need when they use bitcoins is up-to-date computer security. So discussion about it should be encouraged.


Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through FileBackup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts.
lathomas64
Full Member
***
Offline Offline

Activity: 130


Working on a new game -- Fortunes


View Profile WWW
September 19, 2011, 03:58:48 PM
 #36

What if we turn this thread into the conversations we would have in a security sub-forum to show there is enough volume of discussion to justify a new thread.
Security deserve it's own sub forum (not thread) because the general public want to be and feel safe about owning BTCs.

Making it on the first page will simply make it easier to find,

As for the content, enough has already been said, we should start tagging all notable security thread to be moved there.

like - so...

https://bitcointalk.org/index.php?topic=323.0
https://bitcointalk.org/index.php?topic=18238.0
https://bitcointalk.org/index.php?topic=5194.0
https://bitcointalk.org/index.php?topic=3089.0
https://bitcointalk.org/index.php?topic=33835.0
https://bitcointalk.org/index.php?topic=17240.0
..................................

I misspoke i meant sub-forum not new thread

CTO and lead developer at Cliché Studio
free bitcoin every day
_______________________________________
12FHjesgiE7uSMPKwUYiYqUw2aE1kQF2aS
joulesbeef
Sr. Member
****
Offline Offline

Activity: 476


moOo


View Profile
September 20, 2011, 12:46:41 AM
 #37

and really it should be a sub forum inside the newbie section.

mooo for rent
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!