TTS
New Member
Joined: Apr 26, 2018 14:47:15 GMT -5
Posts: 5
|
Post by TTS on Apr 26, 2018 16:09:58 GMT -5
|
|
TTS
New Member
Joined: Apr 26, 2018 14:47:15 GMT -5
Posts: 5
|
Post by TTS on Apr 26, 2018 16:10:58 GMT -5
TTS - killjoy. rofl
PS. welcome Thanks. Killjoy?
|
|
moon/Laura
Administrator
Forum Owner
Joined: Dec 17, 2010 15:05:36 GMT -5
Posts: 10,043
Mini-Profile Text Color: f8fb10
|
Post by moon/Laura on Apr 26, 2018 16:12:58 GMT -5
Confusing things with logic, yanno.
|
|
ken a.k.a OMK
Senior Associate
They killed Kenny, the bastards.
Joined: Dec 21, 2010 14:39:20 GMT -5
Posts: 14,110
Location: Maryland
Member is Online
|
Post by ken a.k.a OMK on Apr 26, 2018 16:16:12 GMT -5
Confusing things with logic, yanno. Hey my friend, we engineers live on logic.
|
|
moon/Laura
Administrator
Forum Owner
Joined: Dec 17, 2010 15:05:36 GMT -5
Posts: 10,043
Mini-Profile Text Color: f8fb10
|
Post by moon/Laura on Apr 26, 2018 16:19:33 GMT -5
there must be a better reason than that! hahah
|
|
Tennesseer
Member Emeritus
Joined: Dec 20, 2010 21:58:42 GMT -5
Posts: 63,509
|
Post by Tennesseer on Apr 26, 2018 16:22:27 GMT -5
How long does it take to hack if your password is password? One site I went to made me answer security questions from a specific list they created, and I couldn’t answer any of the questions. I don’t remember who my first grade teacher was, that was 50 years ago! Sixty years for me: Sr. Anne Paula.
|
|
TTS
New Member
Joined: Apr 26, 2018 14:47:15 GMT -5
Posts: 5
|
Post by TTS on Apr 26, 2018 16:23:18 GMT -5
Confusing things with logic, yanno. Hey my friend, we engineers live on logic. We Vulcans do too.
|
|
Tennesseer
Member Emeritus
Joined: Dec 20, 2010 21:58:42 GMT -5
Posts: 63,509
|
Post by Tennesseer on Apr 26, 2018 16:25:52 GMT -5
How long does it take to hack if your password is password? One site I went to made me answer security questions from a specific list they created, and I couldn’t answer any of the questions. I don’t remember who my first grade teacher was, that was 50 years ago! FYI - hope you all realize that when you set up the security questions that you don't have to give the correct answer, in fact it's more secure if you don't. All you need is a word (or words) that only you know. For instance you could put "carrot" as the answer for who was your first grade teacher. Think about it, it's not like the site you're on will know one way or another.
If I'm a good friend (or relative) and know a lot about you, or you're one of those who like to fill out those questionnaires that floats around on Facebook, then most likely I already know the answers to those common security questions and I could get into your account without a password just based on those questions. The same applies to banks/credit card companies that ask for your mother's maiden name. I never give my mother's actual maiden name to keep on file, I just use a different name that only I know. This saved me once years ago when I had a friend try to tap into my account. Thought he was clever but failed because in the verification he answered the maiden name question with my mom's real maiden name not knowing that wasn't the "word" I had on file. Really all those security questions are supplemental passwords. They ask those types of questions so you'll easily remember the answer. Problem is now days that any one that knows you knows those answers too. So be creative, don't use the true answer, but just don't forget the answer you do use. I never even considered that. I tell the truth. I was brought up Catholic.
|
|
Jaguar
Administrator
Fear does not stop death. It stops life.
Joined: Dec 20, 2011 6:07:45 GMT -5
Posts: 50,108
Mini-Profile Background: {"image":"https://cdn.nickpic.host/images/IZlZ65.jpg","color":""}
Mini-Profile Text Color: 290066
|
Post by Jaguar on Apr 26, 2018 16:35:41 GMT -5
I'm laughing so much and hard, I think I'm going to pass out. lmao
|
|
Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Apr 26, 2018 19:13:46 GMT -5
"A malefactor either guessed or was given the superadmin's password, got into his/her account, and went to town on the forum. Deleting, vandalizing, and otherwise wreaking havoc. In the gaming world, this is called "griefing". It is regrettably popular." --------------- I thought it was only you who did that, Virgil. Changing words into other words when typed by posters, attributing peoples' posts to look like it was made by others, etc. In other words, wreaking havoc. It wasn't funny. - It wasn't permanent.
- It was restricted to a single thread, a 12-hour period, or both.
- Many posters indeed found the pranks entertaining. Positive feedback always overwhelmed the negative.
- Posters who complain about pranks will automatically be added to the "No Pranks" opt-in group that excepts them from future pranks. Oddly enough, the names on the list are a virtual who's who of members who despise my political views. Must be a huge coincidence.
|
|
Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Apr 26, 2018 19:19:52 GMT -5
How long does it take to hack if your password is password? One site I went to made me answer security questions from a specific list they created, and I couldn’t answer any of the questions. I don’t remember who my first grade teacher was, that was 50 years ago! FYI - hope you all realize that when you set up the security questions that you don't have to give the correct answer, in fact it's more secure if you don't. All you need is a word (or words) that only you know. For instance you could put "carrot" as the answer for who was your first grade teacher. Think about it, it's not like the site you're on will know one way or another. If I'm a good friend (or relative) and know a lot about you, or you're one of those who like to fill out those questionnaires that floats around on Facebook, then most likely I already know the answers to those common security questions and I could get into your account without a password just based on those questions. The same applies to banks/credit card companies that ask for your mother's maiden name. I never give my mother's actual maiden name to keep on file, I just use a different name that only I know. This saved me once years ago when I had a friend try to tap into my account. Thought he was clever but failed because in the verification he answered the maiden name question with my mom's real maiden name not knowing that wasn't the "word" I had on file. Really all those security questions are supplemental passwords. They ask those types of questions so you'll easily remember the answer. Problem is now days that any one that knows you knows those answers too. So be creative, don't use the true answer, but just don't forget the answer you do use. I always use "What is your favourite song?" I'd bet you only in ten thousand North Americans have even heard of it, let alone know it's my favourite song. "What city were you born in?" is another good one, since my official city of birth differs from my actual city of birth for technical reasons, and again, fewer than 1 in 10,000 people would have heard of either one. Putting in fake stand-ins is a good policy if you can remember the stand-ins.
|
|
Knee Deep in Water Chloe
Senior Associate
Joined: Dec 27, 2010 21:04:44 GMT -5
Posts: 13,812
Mini-Profile Name Color: 1980e6
|
Post by Knee Deep in Water Chloe on Apr 26, 2018 22:01:07 GMT -5
FYI - hope you all realize that when you set up the security questions that you don't have to give the correct answer, in fact it's more secure if you don't. All you need is a word (or words) that only you know. For instance you could put "carrot" as the answer for who was your first grade teacher. Think about it, it's not like the site you're on will know one way or another.
If I'm a good friend (or relative) and know a lot about you, or you're one of those who like to fill out those questionnaires that floats around on Facebook, then most likely I already know the answers to those common security questions and I could get into your account without a password just based on those questions. The same applies to banks/credit card companies that ask for your mother's maiden name. I never give my mother's actual maiden name to keep on file, I just use a different name that only I know. This saved me once years ago when I had a friend try to tap into my account. Thought he was clever but failed because in the verification he answered the maiden name question with my mom's real maiden name not knowing that wasn't the "word" I had on file. Really all those security questions are supplemental passwords. They ask those types of questions so you'll easily remember the answer. Problem is now days that any one that knows you knows those answers too. So be creative, don't use the true answer, but just don't forget the answer you do use. I never even considered that. I tell the truth. I was brought up Catholic. This was hard for me to "lie" on also. However, I had to because I realized that as the manager of allthethings considered house paperwork that I always answered the questions for me--even on accounts that were DH's. Then I started asking him what he wanted the answers to be. It just became way too complicated. Now I have a keyword that I use for every and any question that I've selected. And DH has been trained to respond with the keyword to "What's always the answer to the security question?".
|
|
Knee Deep in Water Chloe
Senior Associate
Joined: Dec 27, 2010 21:04:44 GMT -5
Posts: 13,812
Mini-Profile Name Color: 1980e6
|
Post by Knee Deep in Water Chloe on Apr 26, 2018 22:01:54 GMT -5
Sigh. Three minutes for my standard house/personal accounts password. Four years for my standard work password.
And thanks, Virgil, for calling me a 60+ year-old.
|
|
mmhmm
Administrator
It's a great pity the right of free speech isn't based on the obligation to say something sensible.
Joined: Dec 25, 2010 18:13:34 GMT -5
Posts: 31,770
Today's Mood: Saddened by Events
Location: Memory Lane
Favorite Drink: Water
|
Post by mmhmm on Apr 26, 2018 22:25:57 GMT -5
Hey my friend, we engineers live on logic. We Vulcans do too. Around here, logic appears to cause some folks attacks of apoplexy. We have to shade it with a bit of whimsy to prevent untoward consequences.
|
|
Opti
Community Leader
Joined: Dec 18, 2010 10:45:38 GMT -5
Posts: 39,716
Location: New Jersey
Mini-Profile Name Color: c28523
Mini-Profile Text Color: 990033
Member is Online
|
Post by Opti on Apr 26, 2018 22:49:51 GMT -5
Welcome TTS. Good advice there. Agreed. Some of the security questions are getting to the point its like, heck do people remember all this trivia? Probably a good idea for me to start using nonsense answers to some of the questions. For example, I don't think I remember any of my grade school teacher's names.
|
|
msventoux
Senior Member
Joined: Feb 12, 2011 22:32:37 GMT -5
Posts: 3,014
|
Post by msventoux on Apr 26, 2018 22:52:02 GMT -5
How long does it take to hack if your password is password? One site I went to made me answer security questions from a specific list they created, and I couldn’t answer any of the questions. I don’t remember who my first grade teacher was, that was 50 years ago! I have an entirely fictional backstory created for these purposes. I don’t feel the real answers are anyone’s business. I don’t want my accounts to be accessible to anyone that may know me well enough to guess at the answers. I especially resent having such questions asked for accounts related to work, where someone else may be able to access my email, etc. I also find it a bit scary. The small business accounting software a lot of our clients use has the ability to access client data files if you’ve forgotten the password if you answer the challenge question correctly. There’s been a number of times I’ve received a backup of a client file before they’ve gone somewhere with no cell service and they’ve failed to give me an updated password. At least 95% of the time I can answer the challenge questions. Either I know them well enough to guess, or I can Google their name to find the town they grew up in, their grandmother or nephews name, the name of their high school mascot, etc.
|
|
chapeau
Well-Known Member
Joined: Jan 17, 2013 10:50:04 GMT -5
Posts: 1,649
|
Post by chapeau on Apr 27, 2018 4:26:01 GMT -5
My security question answers look like nonsense to someone who is viewing them, but mean something, usually tangentially related, to me. It helps me remember them. For example, the answer to the my mother’s maiden name question might be the spelling of my great great grandmother’s maiden name, before it was changed for her at Ellis Island. (Actually, I’ve never used that one, but it would have been an excellent choice, all consonants and accent marks. And the only place that I know it appears in the US is on a rapidly fading tombstone in a tiny cemetery several states away from me. And it’s her brother’s grave.)
|
|
alabamagal
Junior Associate
Joined: Dec 23, 2010 11:30:29 GMT -5
Posts: 8,118
|
Post by alabamagal on Apr 27, 2018 4:42:09 GMT -5
I like the idea of just having a single answer to all security questions, but I have so many out there already.
I have trouble with one site that the question is my brothers name. It’s not that I don’t remember my brothers name, it’s just trying to remember if I put in his childhood nickname that I still call him even though he is in his 50s ( same as that famous mouse) or the name he wants to be called as an adult ( still a nickname but not as childish)
|
|
chapeau
Well-Known Member
Joined: Jan 17, 2013 10:50:04 GMT -5
Posts: 1,649
|
Post by chapeau on Apr 27, 2018 8:48:57 GMT -5
And there are some sites I want someone to be able to get into, if necessary. My bank, for example, makes me answer a security question if I log in from work or my parents house. Those questions and answers are in the file that is not called passwords but something ridiculous that my sister, who is my executor, would recognize and roll her eyes at. I didn’t include the info for some sites in that file because they’re not vital, but she could probably guess my answers. Not because the “correct” answers are written down somewhere, or are technically the right answer to the question, but because she knows how my brain works and the way my sense of humor is.
|
|
Tiny
Senior Associate
Joined: Dec 29, 2010 21:22:34 GMT -5
Posts: 13,369
|
Post by Tiny on Apr 27, 2018 10:43:37 GMT -5
How long does it take to hack if your password is password? One site I went to made me answer security questions from a specific list they created, and I couldn’t answer any of the questions. I don’t remember who my first grade teacher was, that was 50 years ago! FYI - hope you all realize that when you set up the security questions that you don't have to give the correct answer, in fact it's more secure if you don't. All you need is a word (or words) that only you know. For instance you could put "carrot" as the answer for who was your first grade teacher. Think about it, it's not like the site you're on will know one way or another.
If I'm a good friend (or relative) and know a lot about you, or you're one of those who like to fill out those questionnaires that floats around on Facebook, then most likely I already know the answers to those common security questions and I could get into your account without a password just based on those questions. The same applies to banks/credit card companies that ask for your mother's maiden name. I never give my mother's actual maiden name to keep on file, I just use a different name that only I know. This saved me once years ago when I had a friend try to tap into my account. Thought he was clever but failed because in the verification he answered the maiden name question with my mom's real maiden name not knowing that wasn't the "word" I had on file. Really all those security questions are supplemental passwords. They ask those types of questions so you'll easily remember the answer. Problem is now days that any one that knows you knows those answers too. So be creative, don't use the true answer, but just don't forget the answer you do use. LOL! A dear friend was horrified when she found out I told "lies" to the security questions. The trick is remember your schema (be it a book, movie, manga, comic, favorite historical person's life, or your own person internal fanfic that you've created/written yourself into) that you use for answering those questions. Oh, and then not telling anyone what you use.
I'm sure it's very common for people to truthfully answer the security questions... because you aren't suppose to "lie".
|
|
toomuchreality
Senior Associate
Joined: Sept 3, 2011 10:28:25 GMT -5
Posts: 15,714
Favorite Drink: Sometimes I drink water... just to surprise my liver!
Member is Online
|
Post by toomuchreality on Apr 28, 2018 6:36:34 GMT -5
|
|
dannylion
Junior Associate
Gravity is a harsh mistress
Joined: Dec 18, 2010 12:17:52 GMT -5
Posts: 5,196
Location: Miles over the madness horizon and accelerating
|
Post by dannylion on Apr 29, 2018 21:08:41 GMT -5
Fourteen Bits of Entropy would be a good band name.
|
|
Iggy aka IG
Senior Associate
Joined: Oct 25, 2012 12:23:23 GMT -5
Posts: 12,442
Location: Good ol' USA
|
Post by Iggy aka IG on Apr 30, 2018 14:31:26 GMT -5
How long to crack using a hip hop or rock computer?
|
|
TTS
New Member
Joined: Apr 26, 2018 14:47:15 GMT -5
Posts: 5
|
Post by TTS on Apr 30, 2018 16:27:55 GMT -5
At one time all my log in credentials used to be committed to memory. Now days the only thing that's close to being committed is me. While I still recall a fair amount, I keep everything written down in a small little notebook. This book stays under lock and key. My sister does something similar. She's the only one that knows how to access my book and vice versa. I know a lot of people will write this stuff down. (Please don't be the one that has it written on a post-it and stuck to the side of your monitor.) At one of my jobs I did the same, had a small notepad that I kept on my person for all my work log in information. One day bossman needed something and I pulled out my book to log into that particular program. Bossman then made a comment why I had a password for xyz. Now bossman is the most must -do-everything-legal, above board, righteous type of person. A person I knew outside of work and completely trusted - well that is up until that moment. Needless to say I was taken aback by his comment. Even when I'm with someone that types in the password and it's all little bullets, I still turn my head away out of courtesy and respect. Never would I have guessed that bossman would have sat there looking over my shoulder reading my credentials. Lessen learned here is be careful with your private information. The people you think you can trust may turn out to be the ones you can't. Not that I think bossman would try to access any of my accounts, but the fact he read information he knew to be private was extremely eye-opening as well as disappointing. As it is now I only trust my sister, and nope not even my brother. So if you opt to write down your credentials, here's an article with helpful tips on doing it safely. How To Write Down Passwords the Right Way
|
|
Tennesseer
Member Emeritus
Joined: Dec 20, 2010 21:58:42 GMT -5
Posts: 63,509
|
Post by Tennesseer on Apr 30, 2018 17:01:32 GMT -5
I have been using LastPass (mentioned in your link) for several years now. Makes it easy to sign into various websites. I just need to remember my LastPass password.
|
|
retread
Established Member
Tribbial Pursuit
Joined: Feb 12, 2018 17:54:45 GMT -5
Posts: 481
|
Post by retread on Apr 30, 2018 17:38:28 GMT -5
I happened across this report on Proboards Support this morning: support.proboards.com/thread/649786/sos-forum-hijacked"SOS! Forum Hijacked!" A malefactor either guessed or was given the superadmin's password, got into his/her account, and went to town on the forum. Deleting, vandalizing, and otherwise wreaking havoc. I was online at the Support Forum at the time and watched as events unfolded. It was so incredibly sad. At first he just killed the accounts of the other staff members and gloated. A few hours later he deleted threads, boards, categories, etc. Kept two threads, iirc. Two that he made. And the chatbox. He made some statements giving clues as to who he might have been, regarding his forum history. And said he the Admin's password was obvious. The good news is, in this special case, ProBoards is going to restore the forum. Special circumstances, though. This won't set a precedent for future vandalization of other PB forums. Not to take away from the rest of your OP. Just thought I'd share a few details. Obviously, security of forum passwords is of paramount importance for staff members. That affects everyone. But in the larger scheme of things, forums really aren't the issue are they? It's all about the Benjamins. A person could face financial ruin due to a weak password or poor security on the net.
|
|
retread
Established Member
Tribbial Pursuit
Joined: Feb 12, 2018 17:54:45 GMT -5
Posts: 481
|
Post by retread on Apr 30, 2018 17:41:07 GMT -5
Confusing things with logic, yanno. Hey my friend, we engineers live on logic. I tried that once, Ken. I lost a lot of weight. lol
|
|
Knee Deep in Water Chloe
Senior Associate
Joined: Dec 27, 2010 21:04:44 GMT -5
Posts: 13,812
Mini-Profile Name Color: 1980e6
|
Post by Knee Deep in Water Chloe on Apr 30, 2018 18:44:20 GMT -5
(Please don't be the one that has it written on a post-it and stuck to the side of your monitor.)
|
|