Windows 8 and 8.1 Forums


What is 'best practice' for password management?

  1. #21


    Mystere, I am not saying that Gibson is to be taken by the letter, but rather that there are simple ways to get good passwords through Character repetition. There are many ways to test passwords these days and I actually think that setting up a combination of any "short" character sequence (given upper-case, lower-case, special and numbers) and repeating it, is equally safe and easier to remember than many other approaches.

    I tested a few passwords I actually use at Password Strength Checker which also accounts for repetitiveness, and they came out 100%. All those inspired by GRC's writings.

      My System SpecsSystem Spec

  2. #22


    Posts : 454
    Windows 8.1 Pro with Media Center


    Quote Originally Posted by XweAponX View Post
    (Edit) I have a harder time remembering my security questions.
    Security questions are stupid. I use unique random strings for them the same as I use for my passwords.
      My System SpecsSystem Spec

  3. #23


    Security questions may be stupid, but they are in fact widely used in Corporations in order to actually help regular users reset their password. That is not such a bad idea in itself, but then again, perhaps not as safe.
      My System SpecsSystem Spec

  4. #24


    Posts : 454
    Windows 8.1 Pro with Media Center


    The problem is, if I've lost my password, I've also lost my security answers. I would never use legit and therefore guessable answers, so security questions are basically a double-password system from my perspective. I guess there might be some value as long as passwords and security answers are stored separately and aren't easy to match, but then again my main passwords are strong and hard to brute-force, so it mainly just adds inconvenience AFAICT.
      My System SpecsSystem Spec

  5. #25


    Posts : 1,925
    Windows 8.1 Pro


    Quote Originally Posted by Coram Daes View Post
    Security questions may be stupid, but they are in fact widely used in Corporations in order to actually help regular users reset their password. That is not such a bad idea in itself, but then again, perhaps not as safe.
    Ask Sarah Palin Her email was hacked because her security question was "What high school did you go to?" and everyone knows she went to Wasilla High School.
      My System SpecsSystem Spec

  6. #26


    Posts : 959
    Windows 8.1, 10


    Quote Originally Posted by crawfish View Post
    Quote Originally Posted by XweAponX View Post
    (Edit) I have a harder time remembering my security questions.
    Security questions are stupid. I use unique random strings for them the same as I use for my passwords.
    Security questions might not be so bad, but some organisations include stupid options like "what is your favourite colour?"; a question to which I never know the answer (perhaps it's cyan this week ).
      My System SpecsSystem Spec

  7. #27


    Sloe Deth, Californicatia
    Posts : 3,908
    Windows 8 Pro with Media Center/Windows 7


    Quote Originally Posted by Mystere View Post
    Quote Originally Posted by Coram Daes View Post
    Security questions may be stupid, but they are in fact widely used in Corporations in order to actually help regular users reset their password. That is not such a bad idea in itself, but then again, perhaps not as safe.
    Ask Sarah Palin Her email was hacked because her security question was "What high school did you go to?" and everyone knows she went to Wasilla High School.

    HAHAHAHA! Well, she's stupid, what is anyone else's excuse Bfhahahaha!

    Actually one of the ones I use IS my original Elementary School, the only people that could guess this, would be people I knew only in Kindergarten. That makes it a short list of about 1 person.
      My System SpecsSystem Spec

  8. #28


    I would never use legit and therefore guessable answers, so security questions are basically a double-password system from my perspective.
    Well, I get the point, but that also defeats the purpose with security questions, as I understand them. And you can actually have that setup in a number of ways, it is up to the application developer to decide upon any numbers of security questions and what they should be, or, as I have where I work, the ability to make up your own.

    I think you forget that these actually presume you have access to the e-mail account they send out a link to, assuming they do that.

    Sara Palins example is in that context proof that the guys in charge for her e-mail server were nuts. The poor security does not really lie on her, or similar stories, but on the guys responsible for the security of the account.
      My System SpecsSystem Spec

Page 3 of 3 FirstFirst 123
What is 'best practice' for password management?
Related Threads
For example, back in the day with XP I was told it was wise to to go into your network adapters (both Ethernet & Wireless) and disable the NetBIOS and all IPv6 functions. It was also wise to go in and disable certain services you would never use like Remote Desktop. Does anyone have a link...
How to Reset Your Local User Account Password with Password Reset Disk in Windows 8 and 8.1 If you have previously created a password reset disk on a USB flash drive for your local user account in Windows 8, then this will show you how to use it to reset your password with a new password to be...
I found that once I upgraded to Windows 8.1 I had to use my Email account to Log In to my PC. The User has to have a Windows Account (Mine is originally Hotmail - Live - Outlook). I can not stand having the same Password and account info from my Email account the same as my PC. I had to...
Hi, this is somethig i do not get, and relly do not like how it seems to work: what i would like to achieve is 1) in first instance: to update *all the system* at a time, so far what it seems to me now it's like i have to manage two operating systems one on the desktop side and one on...
Must email password be same as desktop password? in User Accounts and Family Safety
I am a newbie with Windows 8, so I am trying to teach myself how to use Windows 8.1 via a virtual machine on Windows 7. I set up the user account using my Microsoft email account. I would like to use a different password on my desktop vs the email password. My email password since it is...
Read more at source: How hackable is your password? McAfee offers password tips | Security & Privacy - CNET News
Eight Forums Android App Eight Forums IOS App Follow us on Facebook