I keep getting email about using multi-factor identification. I have trouble using a single password. It wants me to have two things to remember, in addition to my ID?
Indi
Loc: L. I., NY, Palm Beach Cty when it's cold.
Yes, it’s a pain in the A, but I feel a little more secure. You don’t have to remember the code, you can copy and paste it from the message they sent you.
Jerry - save your User ID, write your password down until it's committed to memory, and then input the two factor authentication code they text you.
There's just so much hacking today especially from merchant databases. In the last 10 years or so at least 5 of the places I shop at have had data breaches.
I cannot understand why people aren't using a password manager.
Remember just one 1 single master password (a long pass phrase is easier and better) and then the manager should generate unique usernames (when permitted) and unique passwords for every single account.
Over the years I have accumulated around 300 "accounts" - sometimes you have to log in once to see or order something and never go back again - more than half have unique usernames and all have unique passwords.
The passwords can be something impossible to memorize - or even type manually half the time! - such as ,,#!;fgGY6,Bb&g_™892APjkN.
Not all permit special characters, and the password manager will generate passwords in accordance with your choices for complexity.
A pass phrase as simple as oldfatclockchickensticks7 takes around 70 quintillion years for a normal PC to crack using brute force. Even "Old&Fat&Clock7" takes an impressive amount of time to crack.
That takes care of user names and passwords very easily - two factor authentication is a simple yet very effective add-on for much improved security.
This has been a much visited conversation on here, and everyone has preferences for a manager - mine is Roboform as I can set it up for local storage only, nothing in the wonderful Cloud.
alexol wrote:
I cannot understand why people aren't using a password manager.
I've been using one for years - currently LastPass. The problem is that they don't always work. Apple is especially bad. I have Apple passwords printed on labels stuck on the front of the iMac. There are so many instances where LastPass does not enter the password because the site doesn't give it the prompt it needs. I've developed a system so I can figure out the P/W for a site, but that's recent, so I have hundreds of old passwords that don't use that system.
yssirk123 wrote:
Jerry - save your User ID, write your password down until it's committed to memory, and then input the two factor authentication code they text you.
There's just so much hacking today especially from merchant databases. In the last 10 years or so at least 5 of the places I shop at have had data breaches.
I must have over 300 passwords. It seems that every site requires one. My memory isn't that good.
jerryc41 wrote:
I've been using one for years - currently LastPass. The problem is that they don't always work. Apple is especially bad. I have Apple passwords printed on labels stuck on the front of the iMac. There are so many instances where LastPass does not enter the password because the site doesn't give it the prompt it needs. I've developed a system so I can figure out the P/W for a site, but that's recent, so I have hundreds of old passwords that don't use that system.
True, but with a password mgr there are usually “reveal” and “copy” which fill the gap for those sites with incompatible (or incorrectly structured) log in sequences. 2 factor means having my phone or email available - a bit more work, but worth the security.
What I dislike are the robot-blocking distorted text of CAPTCHA and the blurry photos of whatever it’s called. I rarely get them right in the first (or second) try.
bamfordr wrote:
What I dislike are the robot-blocking distorted text of CAPTCHA and the blurry photos of whatever it’s called. I rarely get them right in the first (or second) try.
Yes, they are awful. "Click on all the boxes that have cars in them."
Especially the traffic light ones.
Just did a search and my Roboform has - including sites with accounts, Identities (for credit card info etc), 'safe notes' & bookmarks - 2245 individual entries.
I'd hate to try and manage without it!
jerryc41 wrote:
I keep getting email about using multi-factor identification. I have trouble using a single password. It wants me to have two things to remember, in addition to my ID?
Multi-factor authentication = something you know (password) + something you have (example, your cell phone that receives a one-time unique code). A pain in the a$$, but immensely more secure than just a password by itself.
It's a PITA! The paranoia is getting thick.
I don't know if a password manager would help me. I have several passwords and they are all written down but several sites I visit will not except the password offered (the one written down). So, I have to change passwords and then the sites will not except the new password.
kivasdad wrote:
I don't know if a password manager would help me. I have several passwords and they are all written down but several sites I visit will not except the password offered (the one written down). So, I have to change passwords and then the sites will not except the new password.
I have used the free version LastPass for several years now and it works well. You can use it on all of your devices.
You can set it to automatically log you on to sites and it will make up passwords for you if you want. The made up passwords are really random and not something you would want to try to memorize.
It cannot, however, help with "multi-factor authentication."
Ed
If you want to reply, then
register here. Registration is free and your account is created instantly, so you can post right away.