Check out Black and White Photography section of our forum.
Passwords - Another Complaint
Dec 28, 2017 10:05:06 #
markngolf wrote:
Jerry,
Curious. I don't use Apple "mail" on my iPhone, my wife's iPhone, her iPad and certainly not on my Windows laptop or desktop. I have a Gmail icon that connects directly to my Gmail. I do not see any reason to use Apple Mail.
What am I missing?
Thanks,
Mark
Curious. I don't use Apple "mail" on my iPhone, my wife's iPhone, her iPad and certainly not on my Windows laptop or desktop. I have a Gmail icon that connects directly to my Gmail. I do not see any reason to use Apple Mail.
What am I missing?
Thanks,
Mark
Not that much but doing it this way sort of unifies the Apple experience. For myself, i just stopped using gmail, i forwarded my mail to my iCloud account for a while, then shut her down!
Dec 28, 2017 10:10:34 #
Thanks for the response.
Mark
Mark
rpavich wrote:
Not that much but doing it this way sort of unifies the Apple experience. For myself, i just stopped using gmail, i forwarded my mail to my iCloud account for a while, then shut her down!
Dec 28, 2017 11:51:36 #
I have constructed passwords based on events in my life, using code letters for the event that make sense to me but mysterious to others. One type for financial institutions, another for social groups, another for health institutions. My shortest is 10 characters, longest 15 characters. If you look at the password in binary, it is just a string of 0s and 1s. All you have to do is rotate 1 or more bits to the left or right. Another trick is to put an arbitrary number of bits in the header. Suppose your password has an "m" in it - what is the probability that any vowel follows it - is that not how cracking software works, basically. Take out language letter structure and their tool becomes useless.
Check out Panorama section of our forum.
Dec 28, 2017 12:55:45 #
This is from Bruce Schneier's Crypto-Gram of Oct 15 this year:
Changes in Password Best Practices
NIST recently published its four-volume SP800-63-3 Digital Identity Guidelines. Among other things, it makes three important suggestions when it comes to passwords:
* Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. And they don't help that much. It's better to allow people to use pass phrases.
* Stop it with password expiration. That was an old idea for an old way we used computers. Today, don't make people change their passwords unless there's indication of compromise.
* Let people use password managers. This is how we deal with all the passwords we need.
These password rules were failed attempts to fix the user. Better we fix the security systems.
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63-3.pdf
Why password complexity rules are bad:
https://www.wsj.com/articles/the-man-who-wrote-those-password-rules-has-a-new-tip-n3v-r-m1-d-1502124118 (link behind paywall)
Why password expiration is bad:
https://securingthehuman.sans.org/blog/2017/03/23/time-for-password-expiration-to-die
Stop trying to fix the user:
http://ieeexplore.ieee.org/document/7676198/
************************************************************
KXCD (the snarky cartoon) ran a password feature a couple of years ago - it's probably searchable.
My understanding of the math is that phrase length is far more important than complexity as far as brute-force password guessing goes.
Changes in Password Best Practices
NIST recently published its four-volume SP800-63-3 Digital Identity Guidelines. Among other things, it makes three important suggestions when it comes to passwords:
* Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. And they don't help that much. It's better to allow people to use pass phrases.
* Stop it with password expiration. That was an old idea for an old way we used computers. Today, don't make people change their passwords unless there's indication of compromise.
* Let people use password managers. This is how we deal with all the passwords we need.
These password rules were failed attempts to fix the user. Better we fix the security systems.
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63-3.pdf
Why password complexity rules are bad:
https://www.wsj.com/articles/the-man-who-wrote-those-password-rules-has-a-new-tip-n3v-r-m1-d-1502124118 (link behind paywall)
Why password expiration is bad:
https://securingthehuman.sans.org/blog/2017/03/23/time-for-password-expiration-to-die
Stop trying to fix the user:
http://ieeexplore.ieee.org/document/7676198/
************************************************************
KXCD (the snarky cartoon) ran a password feature a couple of years ago - it's probably searchable.
My understanding of the math is that phrase length is far more important than complexity as far as brute-force password guessing goes.
Dec 28, 2017 14:41:42 #
rpavich wrote:
Explain.
You set up your email on your macbook to retrieve your gmail?
It wanted your gmail password so that it could access your gmail?
I set this up on two computers and never came across this....somethings fishy...more to the story here I'm betting.
You set up your email on your macbook to retrieve your gmail?
It wanted your gmail password so that it could access your gmail?
I set this up on two computers and never came across this....somethings fishy...more to the story here I'm betting.
I don't understand it, either. I use Gmail to get both RoadRunner and Gmail. When I'm on my Mac, the Mac wants the RR password so it can get the RR mail by way of Gmail.
To get my email, I click on the big red M - the Gmail icon. That retrieves both RR and Gmail through the Gmail application. For some reason, Apple wants my RR password. It does the same thing on my iPad and the MacBook Pro. When I change the RR password, I have to change it on the iMacs and the iPad.
I've got another funny one. I wanted to change the p/w for my bank. I followed their rules, and the word was accepted. When I tried to log on, I got "Invalid Password." I tried two more times, and then tried the old password. No good. I was going into town anyway, so I stopped at the bank, and the teller reset my p/w and gave me a temp - 123456. I typed it in, and it was rejected. It wouldn't let me log on. I tried this from two different computers. Not wanting to drive into town again, I phoned the bank. "Due to a network error, your call cannot be completed." It's been a couple of hours, and they still have the network error. Maybe that's why my p/w doesn't work. You gotta have a sense of humor.
Dec 28, 2017 14:51:49 #
stonecherub wrote:
This is from Bruce Schneier's Crypto-Gram of Oct 1... (show quote)
Thanks. Interesting.
Dec 28, 2017 15:09:15 #
Dec 28, 2017 15:30:34 #
Jerry,
I think the cyber net ghosts have it in for you. They create these scenarios to keep you busy. They also provide great stories for your daily UHH posts. Your daily dilemmas are unique. So much so, that nobody understands them or even has an inkling of a solution.
Stay warm my friend.
Mark
I think the cyber net ghosts have it in for you. They create these scenarios to keep you busy. They also provide great stories for your daily UHH posts. Your daily dilemmas are unique. So much so, that nobody understands them or even has an inkling of a solution.
Stay warm my friend.
Mark
jerryc41 wrote:
I don't understand it, either. I use Gmail to get... (show quote)
Dec 28, 2017 15:41:40 #
stepha11
Loc: Trail British Coluimbia
I said before; I hate passwords because the only place they're needed is finance or personal privacy which should be my choice. Windows ten refused my password; cost me of over a hundred to fix that. Now an upgrade, no access because password not recognized. I guess I don't know which is worse;password or Microsoft.
Dec 28, 2017 16:23:45 #
[quote=markngolf]Jerry,
I think the cyber net ghosts have it in for you. They create these scenarios to keep you busy. They also provide great stories for your daily UHH posts. Your daily dilemmas are unique. So much so, that nobody understands them or even has an inkling of a solution.
Stay warm my friend.
Mark
It's because you live where it's so damn cold Jerry. It makes computer karma (which prefers warm climes) unhappy.
I think the cyber net ghosts have it in for you. They create these scenarios to keep you busy. They also provide great stories for your daily UHH posts. Your daily dilemmas are unique. So much so, that nobody understands them or even has an inkling of a solution.
Stay warm my friend.
Mark
It's because you live where it's so damn cold Jerry. It makes computer karma (which prefers warm climes) unhappy.
Dec 28, 2017 16:26:27 #
markngolf wrote:
Jerry,
I think the cyber net ghosts have it in for you. They create these scenarios to keep you busy. They also provide great stories for your daily UHH posts. Your daily dilemmas are unique. So much so, that nobody understands them or even has an inkling of a solution.
Stay warm my friend.
Mark
I think the cyber net ghosts have it in for you. They create these scenarios to keep you busy. They also provide great stories for your daily UHH posts. Your daily dilemmas are unique. So much so, that nobody understands them or even has an inkling of a solution.
Stay warm my friend.
Mark
Yes, I do have odd problems.
I'll go the bank again tomorrow and see if they can get me online. I could understand if their system rejected the password, but it said it was okay. Once I get this mess straightened out, I'll never voluntarily change another password. I'd like to have one word for everything, something like "Password6&." It has at least eight characters, upper and lower case, a number, and a symbol. One word for everything!
Check out Underwater Photography Forum section of our forum.
Dec 28, 2017 16:31:22 #
I just myself an Amazon Echo. I am trying to get it set up. I am using every password I have ever used. And It still won't accept it. I am about ready to throw it out of the window.
Dec 29, 2017 17:45:07 #
So far, so good. The bank reset my password again, and I'm back in business. My iMac is finally retrieving my RoadRunner email.
Dec 29, 2017 17:46:54 #
pipesgt wrote:
I just myself an Amazon Echo. I am trying to get it set up. I am using every password I have ever used. And It still won't accept it. I am about ready to throw it out of the window.
You have my sympathy and understanding. Every device should have a way to reset everything to factory settings. Sure, a thief could come into your house and reset it, but maybe that would also wipe everything, so there would be no info to steal.
Jan 1, 2018 13:37:04 #
I get tired of passwords too, especially when I click "Save Password"??
If you want to reply, then register here. Registration is free and your account is created instantly, so you can post right away.
Check out Underwater Photography Forum section of our forum.