Bitcoin Forum
November 16, 2024, 04:30:54 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 »  All
  Print  
Author Topic: Microsoft tells users to stop using strong passwords everywhere  (Read 5725 times)
TheIrishman (OP)
Legendary
*
Offline Offline

Activity: 1049
Merit: 1006


View Profile
July 16, 2014, 07:56:22 PM
Last edit: July 16, 2014, 08:41:55 PM by TheIrishman
 #1



Microsoft tells users to stop using strong passwords everywhere

http://www.theguardian.com/technology/2014/jul/16/microsoft-stop-using-strong-passwords-everywhere

<< Weak passwords have their place, argues new research from Microsoft, and they help users conserve brainpower for where it is needed. >>
niothor
Hero Member
*****
Offline Offline

Activity: 826
Merit: 501


in defi we trust


View Profile
July 16, 2014, 08:02:10 PM
 #2

Users should use and reuse weak passwords for websites which don't hold valuable information, say researchers from Microsoft, overturning decades of accumulated wisdom on internet security.

By not having to worry about remembering complex unique passwords for every individual website, users can focus their efforts on recalling secure passwords for high-value sites like banking or e-commerce.

I don't see the "everywhere" from your title.

Another article for hits made by theguardian


             ▄          ▄▄▄▄    ▄
            ███      ▄██████▀  ▀█▀
            ███     ▄██▀
            ███     ███        ▄█▄   ▄█▄ ▄█████▄▄         ▄▄██████▄      ▄█▄ ▄█████▄▄         ▄▄█████▄▄        ▄▄█████▄▄
    ▄▄▄▄▄▄  ███     ███        ███   ██████▀▀▀▀███▄     ▄███▀▀▀▀▀███▄    ██████▀▀▀▀███▄     ▄███▀▀▀▀▀███▄    ▄███▀▀▀▀▀███▄
  ▄████████▄███  ▄█████████▄   ███   ████▀      ▀███   ▄██▀       ▀██▄   ████▀      ▀███   ▄██▀       ▀█▀   ▄██▀       ▀██▄
▄███▀    ▀█████   ▀▀███▀▀▀▀    ███   ███         ███   ███         ███   ███         ███   ███              ███████████████
███   ▄▄   ▀███     ███        ███   ███         ███   ███         ███   ███         ███   ███              ███▀▀▀▀▀▀▀▀▀▀▀
███   ▀▀   ▄███     ███        ███   ███         ███   ███         ███   ███         ███   ███         ▄    ███         ▄
▀███▄    ▄█████     ███        ███   ███         ███    ███▄▄   ▄▄████   ███         ███    ███▄▄    ▄███    ███▄▄   ▄▄███
  ▀████████▀███     ███        ███   ███         ███     ▀████████▀███   ███         ███     ▀█████████▀      ▀█████████▀
    ▀▀▀▀▀▀   ▀       ▀          ▀     ▀           ▀         ▀▀▀▀▀   ▀     ▀           ▀         ▀▀▀▀▀            ▀▀▀▀▀

       ▄▄▄▄▄▄▄
   ▄▄▀▀       ▀▀▄▄
  █               █ ▄
 █   █▀▄ ▀█▀ ▀█▀   █ ▀▄
 █   █▀▄  █   █    █  ▀▄
  █  ▀▀   ▀   ▀   █    █
▄▀ ▄▄           ▄▀    ▄▀
 ▀▀  ▀▀▄▄▄▄▄▄▄▀▀      ▀▄
        ▀▄▄      ▄▄▀▀▄▄▀
           ▀▀▀▀▀▀

                      ▄▄▄
  ▄█▄              ▄███████▄
  ▀████▄▄         ██████▀██████▀
    ▀▀▀████▄▄     ███████████▀
    ▀██▄███████▄▄███████████
     ▄▄▄▀██████████████████
      ▀████████████████████
▀█▄▄     ▀████████████████
  ▀████████████████▀█████
    ▀████████████▀▄▄███▀
       ▀▀██████████▀▀
           ▀▀▀▀▀

               ▄▄   ▄▄
              ▄▀ ▀▀█  █
             ▄▀     ▀▀
         ▄▄▄▄█▄
     ▄█▀▀▀▀▀▀▀▀▀▀█▄
 ▄▀▄▀              ▀▄▀▄
█  █   ▄█▄    ▄█▄   █  █
 ▀█    ▀█▀    ▀█▀    █▀
  █                  █
   █   ▀▄      ▄▀   █
    ▀▄   ▀▀▀▀▀▀   ▄▀
      ▀▀▄▄▄▄▄▄▄▄▀▀
New Age of DEFI
A Non-Code Platform for
Decentralized Trading Instruments

   ▄▄███████████████▄▄
 ▄█████████████████████▄
▄██████████████▀▀███████▄
████████████▀▀    ███████
█████████▀▀   ▄   ███████
██████▀▀     █    ███████
████▀       █     ███████
█████▄▄   ▄█      ███████
████████ ██▄      ███████
▀████████ ▀▄███▄▄███████▀
 ▀█████████████████████▀
   ▀▀███████████████▀▀

     ▄              ▄
   ▄███▄          ▄███▄
   █████▄  ▄▄▄▄  ▄█████
  ▄████████████████████▄
 ▄██████████████████████▄
 ████████████████████████
██████▀▀          ▀▀██████
█████▀   ▄      ▄   ▀█████
 ████   ███    ███   ████
  ████   ▀      ▀   ████
   ▀████▄▄▄▄▄▄▄▄▄▄████▀
     ▀▀████████████▀▀

   ▄▄████████████████▄▄
 ▄█████▀▀▀██████▀▀▀█████▄
▄████▀  ▀▀▀    ▀▀▀  ▀████▄
████▀                ▀████
███▀                  ▀███
███       ▄    ▄       ███
██▀      ███  ███      ▀██
██       ▀█▀  ▀█▀       ██
██▄     ▄        ▄     ▄██
▀██▄     ▀▀▄▄▄▄▀▀     ███▀
 ▀███▄▄▄▄▄▄████▄▄▄▄▄▄███▀
   ▀▀████████████████▀▀
Ekaros
Hero Member
*****
Offline Offline

Activity: 728
Merit: 500



View Profile
July 16, 2014, 08:37:03 PM
 #3

I have had this stance for long. Let's take places like random forums and semi-useful services that don't carry any financial risks or allow access to other places, is strong passwords really needed in those?

12pA5nZB5AoXZaaEeoxh5bNqUGXwUUp3Uv
http://firstbits.com/1qdiz
Feel free to help poor student!
PolarPoint
Hero Member
*****
Offline Offline

Activity: 672
Merit: 500


View Profile
July 16, 2014, 08:55:50 PM
 #4

Most users believe their best password is strong while it is not. If they are allowed to use their weak passwords, it will be too weak.  Shocked
hollowframe
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250


View Profile
July 17, 2014, 12:54:20 AM
 #5

What about having one strong password for some kind of keychain (with proper backups) that would remember all of the very strong passwords for each site?
Brewins
Legendary
*
Offline Offline

Activity: 1120
Merit: 1000



View Profile
July 17, 2014, 02:14:10 AM
 #6

They should tell users to spend 1 month or 2 in some memorization course, then no more need to worry about wasting brain hash power with passwords.
zhinkk
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250


View Profile
July 17, 2014, 02:34:04 AM
 #7

Well how much "brain power" is really used in strong passwords? Personally, I have an algorithm that I use to memorize all my passwords. But if the algo is leaked somehow some of my passwords could be comprised. So that's risky, but then again, I don't waste any "brain power" lol.
robbyd86
Full Member
***
Offline Offline

Activity: 135
Merit: 100


View Profile
July 17, 2014, 03:26:23 AM
 #8

flash drive! no brain memory required.  Only password I memorize is email in case I need it on the go.  But ya, I'm not going to waste my time with a strong password for a site with no important info.  I like how my school requires "strong" passwords, I'm so afraid that someone will get into my account and do my homework for me
zhinkk
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250


View Profile
July 17, 2014, 03:27:20 AM
 #9

flash drive! no brain memory required.  Only password I memorize is email in case I need it on the go.  But ya, I'm not going to waste my time with a strong password for a site with no important info.  I like how my school requires "strong" passwords, I'm so afraid that someone will get into my account and do my homework for me

Or lastpass. I haven't tried it personally but I've heard some VERY good things about it.
counter
Hero Member
*****
Offline Offline

Activity: 798
Merit: 500


Time is on our side, yes it is!


View Profile
July 17, 2014, 03:51:22 AM
 #10

I already do this.  I have a few differnt ones on sites I'm unsure of and more complex variations for more important needs.  When I go to an unimportant site I have an idea right away what the password would be based on it's importance to me and then I usually guess right after a couple tries.  Best to write the unimportant ones down and put them someplace safe.
Amitabh S
Legendary
*
Offline Offline

Activity: 1001
Merit: 1005


View Profile
July 17, 2014, 04:21:58 AM
 #11

or use a password manager and memorize only one strong password.

Coinsecure referral ID: https://coinsecure.in/signup/refamit (use this link to signup)
umairbacklink
Member
**
Offline Offline

Activity: 105
Merit: 10


View Profile
July 17, 2014, 04:34:08 AM
 #12

Write on a piece of paper and put it on your wallet. No need to memorize those strong passwords. Smiley
shkiser
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250


View Profile
July 17, 2014, 04:39:54 AM
 #13

Users should use and reuse weak passwords for websites which don't hold valuable information, say researchers from Microsoft, overturning decades of accumulated wisdom on internet security.

By not having to worry about remembering complex unique passwords for every individual website, users can focus their efforts on recalling secure passwords for high-value sites like banking or e-commerce.

I don't see the "everywhere" from your title.

Another article for hits made by theguardian

My online banker doesnt allow a password over 7 characters long. Thats not secure now is it.. I thought this was such a joke I brought it up to the customer service, and they really had nothing to say.. Seriously...?

Free Litecoin Faucet ---> http://ltc4you.com/?r=6840
Vod
Legendary
*
Offline Offline

Activity: 3892
Merit: 3166


Licking my boob since 1970


View Profile WWW
July 17, 2014, 07:14:34 AM
 #14

My online banker doesnt allow a password over 7 characters long. Thats not secure now is it.. I thought this was such a joke I brought it up to the customer service, and they really had nothing to say.. Seriously...?

Having an online password of 7 characters is fairly secure.  You can't brute force a web password if they programmed it correctly.

I post for interest - not signature spam.
https://elon.report - new BPI Reports!
https://vod.fan - fast/free image sharing - coming Nov
sana8410
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250



View Profile
July 17, 2014, 11:19:39 AM
 #15

Is this Microsoft's way of saying that their involvement in PRISM et al has proven difficult, that their backdoors aren't working for them and that we should make passwords easier for them to crack? What a tit.
 Always use a complex password with uppercase, lowercase, numbers and special characters where allowed.

RENT MY SIG FOR A DAY
Spendulus
Legendary
*
Offline Offline

Activity: 2926
Merit: 1386



View Profile
July 17, 2014, 11:42:39 AM
 #16

My online banker doesnt allow a password over 7 characters long. Thats not secure now is it.. I thought this was such a joke I brought it up to the customer service, and they really had nothing to say.. Seriously...?

Having an online password of 7 characters is fairly secure.  You can't brute force a web password if they programmed it correctly.
7 characters would be something like 12,000 hours on a really crummy pc.  So better machines would reduce that a lot.  So 7 certainly is crackable.
bitbaby
Hero Member
*****
Offline Offline

Activity: 812
Merit: 1000



View Profile WWW
July 17, 2014, 11:55:20 AM
 #17

Write on a piece of paper and put it on your wallet. No need to memorize those strong passwords. Smiley

I did that once with a email account and forgot to pull that paper out of my trousers before putting them in the washing machine, remembered the secret question thankfully.

niothor
Hero Member
*****
Offline Offline

Activity: 826
Merit: 501


in defi we trust


View Profile
July 17, 2014, 12:27:27 PM
 #18

Users should use and reuse weak passwords for websites which don't hold valuable information, say researchers from Microsoft, overturning decades of accumulated wisdom on internet security.

By not having to worry about remembering complex unique passwords for every individual website, users can focus their efforts on recalling secure passwords for high-value sites like banking or e-commerce.

I don't see the "everywhere" from your title.

Another article for hits made by theguardian

My online banker doesnt allow a password over 7 characters long. Thats not secure now is it.. I thought this was such a joke I brought it up to the customer service, and they really had nothing to say.. Seriously...?

My online banking account requires a second code sent to my personal phone (2FA).
Also all the banks here rely either on a sms code or a token for extra security.

And I live in Romania......


             ▄          ▄▄▄▄    ▄
            ███      ▄██████▀  ▀█▀
            ███     ▄██▀
            ███     ███        ▄█▄   ▄█▄ ▄█████▄▄         ▄▄██████▄      ▄█▄ ▄█████▄▄         ▄▄█████▄▄        ▄▄█████▄▄
    ▄▄▄▄▄▄  ███     ███        ███   ██████▀▀▀▀███▄     ▄███▀▀▀▀▀███▄    ██████▀▀▀▀███▄     ▄███▀▀▀▀▀███▄    ▄███▀▀▀▀▀███▄
  ▄████████▄███  ▄█████████▄   ███   ████▀      ▀███   ▄██▀       ▀██▄   ████▀      ▀███   ▄██▀       ▀█▀   ▄██▀       ▀██▄
▄███▀    ▀█████   ▀▀███▀▀▀▀    ███   ███         ███   ███         ███   ███         ███   ███              ███████████████
███   ▄▄   ▀███     ███        ███   ███         ███   ███         ███   ███         ███   ███              ███▀▀▀▀▀▀▀▀▀▀▀
███   ▀▀   ▄███     ███        ███   ███         ███   ███         ███   ███         ███   ███         ▄    ███         ▄
▀███▄    ▄█████     ███        ███   ███         ███    ███▄▄   ▄▄████   ███         ███    ███▄▄    ▄███    ███▄▄   ▄▄███
  ▀████████▀███     ███        ███   ███         ███     ▀████████▀███   ███         ███     ▀█████████▀      ▀█████████▀
    ▀▀▀▀▀▀   ▀       ▀          ▀     ▀           ▀         ▀▀▀▀▀   ▀     ▀           ▀         ▀▀▀▀▀            ▀▀▀▀▀

       ▄▄▄▄▄▄▄
   ▄▄▀▀       ▀▀▄▄
  █               █ ▄
 █   █▀▄ ▀█▀ ▀█▀   █ ▀▄
 █   █▀▄  █   █    █  ▀▄
  █  ▀▀   ▀   ▀   █    █
▄▀ ▄▄           ▄▀    ▄▀
 ▀▀  ▀▀▄▄▄▄▄▄▄▀▀      ▀▄
        ▀▄▄      ▄▄▀▀▄▄▀
           ▀▀▀▀▀▀

                      ▄▄▄
  ▄█▄              ▄███████▄
  ▀████▄▄         ██████▀██████▀
    ▀▀▀████▄▄     ███████████▀
    ▀██▄███████▄▄███████████
     ▄▄▄▀██████████████████
      ▀████████████████████
▀█▄▄     ▀████████████████
  ▀████████████████▀█████
    ▀████████████▀▄▄███▀
       ▀▀██████████▀▀
           ▀▀▀▀▀

               ▄▄   ▄▄
              ▄▀ ▀▀█  █
             ▄▀     ▀▀
         ▄▄▄▄█▄
     ▄█▀▀▀▀▀▀▀▀▀▀█▄
 ▄▀▄▀              ▀▄▀▄
█  █   ▄█▄    ▄█▄   █  █
 ▀█    ▀█▀    ▀█▀    █▀
  █                  █
   █   ▀▄      ▄▀   █
    ▀▄   ▀▀▀▀▀▀   ▄▀
      ▀▀▄▄▄▄▄▄▄▄▀▀
New Age of DEFI
A Non-Code Platform for
Decentralized Trading Instruments

   ▄▄███████████████▄▄
 ▄█████████████████████▄
▄██████████████▀▀███████▄
████████████▀▀    ███████
█████████▀▀   ▄   ███████
██████▀▀     █    ███████
████▀       █     ███████
█████▄▄   ▄█      ███████
████████ ██▄      ███████
▀████████ ▀▄███▄▄███████▀
 ▀█████████████████████▀
   ▀▀███████████████▀▀

     ▄              ▄
   ▄███▄          ▄███▄
   █████▄  ▄▄▄▄  ▄█████
  ▄████████████████████▄
 ▄██████████████████████▄
 ████████████████████████
██████▀▀          ▀▀██████
█████▀   ▄      ▄   ▀█████
 ████   ███    ███   ████
  ████   ▀      ▀   ████
   ▀████▄▄▄▄▄▄▄▄▄▄████▀
     ▀▀████████████▀▀

   ▄▄████████████████▄▄
 ▄█████▀▀▀██████▀▀▀█████▄
▄████▀  ▀▀▀    ▀▀▀  ▀████▄
████▀                ▀████
███▀                  ▀███
███       ▄    ▄       ███
██▀      ███  ███      ▀██
██       ▀█▀  ▀█▀       ██
██▄     ▄        ▄     ▄██
▀██▄     ▀▀▄▄▄▄▀▀     ███▀
 ▀███▄▄▄▄▄▄████▄▄▄▄▄▄███▀
   ▀▀████████████████▀▀
shkiser
Sr. Member
****
Offline Offline

Activity: 350
Merit: 250


View Profile
July 17, 2014, 12:31:24 PM
 #19

Write on a piece of paper and put it on your wallet. No need to memorize those strong passwords. Smiley

I did that once with a email account and forgot to pull that paper out of my trousers before putting them in the washing machine, remembered the secret question thankfully.

My usual password is 13-17 characters long, with a mix of upper/lower case, and numbers.. Its easy to remember bc I use it often. 7 letter password doesnt seem safe to me for online banking. I thought it was odd they only allowed 7 characters aswell..

Free Litecoin Faucet ---> http://ltc4you.com/?r=6840
zolace
Sr. Member
****
Offline Offline

Activity: 364
Merit: 250


View Profile
July 17, 2014, 12:54:05 PM
 #20

The importance a lot of people attach to such a topic never ceases to amaze me.
If someone wants your data and you do have something significant online - they will get it.
If you really do think its too important to be shared why the hell is it online (or on a PC to be more precise) in the first place?Huh
Of course things are never quite that black and white, but I can't help feeling a lot of the time that a lot of people make a decent wedge out of talking crap about passwords and data security.

⚂⚄ Pocket Dice — Real dice experienceProvably Fair
Free BTC Faucet
⚅⚁
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!