]]>
The123king wrote:
Market Man6 wrote:
*Shudderss*
That would be freaky if some untrustworthy jerk knew my address
That would be freaky if some untrustworthy jerk knew my address
What's he gonna do with your address? Send you pizza?
if you had my address, would you order me some pizza?
Sure, I'd pay for it with your credit card, too.
Statistics: Posted by Riptide — November 23rd, 2013, 5:36 pm
]]>
Market Man6 wrote:
*Shudderss*
That would be freaky if some untrustworthy jerk knew my address
That would be freaky if some untrustworthy jerk knew my address
What's he gonna do with your address? Send you pizza?
if you had my address, would you order me some pizza?
Statistics: Posted by Market Man6 — November 23rd, 2013, 5:20 pm
]]>
EDIT: also, the hacker contacted me and it *appears* he wanted to test our security and wasn't interested in data. He was able to find my address by looking through the hacked records from tip.it, which apparently includes all passwords in plain text. So if you have an account there, the password it used is completely insecure now!
Kind regards,
Glodenox
Good guy hackers pointing out security flaws for us to fix?
Statistics: Posted by Riptide — November 22nd, 2013, 9:50 pm
]]>
*Shudderss*
That would be freaky if some untrustworthy jerk knew my address
What's he gonna do with your address? Send you pizza?
Statistics: Posted by The123king — November 22nd, 2013, 7:24 pm
]]>
Statistics: Posted by Market Man6 — February 24th, 2012, 6:46 am
]]>
So everybody: check your account security at your e-mail accounts and make sure that your recovery questions aren't so simple to figure out! We're still running over all settings to make sure that everything is secure again and actions will be taken to prevent this from happening in the future.
EDIT: also, the hacker contacted me and it *appears* he wanted to test our security and wasn't interested in data. He was able to find my address by looking through the hacked records from tip.it, which apparently includes all passwords in plain text. So if you have an account there, the password it used is completely insecure now!
Kind regards,
Glodenox
Statistics: Posted by Glodenox — February 24th, 2012, 4:12 am
]]>
Or to cut the middleman and just use a password like correct horse battery staple.
Because most brute force methods don't usually check for word combinations or anything...
Statistics: Posted by Eadwulf — February 15th, 2012, 6:18 am
]]>
A good way to remember passwords is take a sentence that you can remember, such as: "The orange pony bit my face 2 times." take the first letter of each word or the next number in sequence to make the password. Using capitalization is good too. So that phrase would give you the password: Topbmf2t , a very secure passwor and easy to remember because its a funny phrase and not random characters.
thats what i do anyway, and i dont ever have to write passwords down.
alternatively, a way to write down passwords securely is to create a good "master" passphrase first. for example, qr56hg . you memorize that and create a symbol to represent it on paper, like a star (*) or smiley face. then i come up with 3 or 4 additonal letters and numbers that will be unique to each site and append it to my master phrase. so if i chose "35cd" for my runevillage password, i would write it down like this on paper: *35cd but the whole password is actually: qr56hg35cd (a good password). you only need to remember one master phrase (you can use the sentence trick from above) and the unique number can be written down. as long as you never let your master phrase get compromised, its a pretty secure way to write down passwords.
Or to cut the middleman and just use a password like correct horse battery staple.
Statistics: Posted by Magicana Drofulcus — February 14th, 2012, 6:19 am
]]>
thats what i do anyway, and i dont ever have to write passwords down.
alternatively, a way to write down passwords securely is to create a good "master" passphrase first. for example, qr56hg . you memorize that and create a symbol to represent it on paper, like a star (*) or smiley face. then i come up with 3 or 4 additonal letters and numbers that will be unique to each site and append it to my master phrase. so if i chose "35cd" for my runevillage password, i would write it down like this on paper: *35cd but the whole password is actually: qr56hg35cd (a good password). you only need to remember one master phrase (you can use the sentence trick from above) and the unique number can be written down. as long as you never let your master phrase get compromised, its a pretty secure way to write down passwords.
Statistics: Posted by piggah — February 14th, 2012, 5:02 am
]]>
Alternatively, just write your passwords down.
That's such a huge risk! Hackers from all over the world are perfectly willing to pinpoint my computer's location, fly or drive to this household, pick out my computer in specific, and tear through my room for the written documentation of what my user names and passwords are! How dare you, of all intelligent people on this website, suggest such an asinine approach to how I manage the accounts of recreational websites online?
Statistics: Posted by Kikori — February 10th, 2012, 3:21 am
]]>
EADWULF: thats [youtube]Z3sLhnDJJn0[/youtube]
Statistics: Posted by Market Man6 — February 9th, 2012, 10:10 pm
]]>
(But thanks for the heads-up!)
Statistics: Posted by Saten Ruiko — February 9th, 2012, 8:44 pm
]]>
Now I'll just sit back and wait for the onslaught of ill-conceived claims that doing so is a huge security risk...
Statistics: Posted by Eadwulf — February 9th, 2012, 7:11 pm
]]>
It's hard to remember all those passwords you've used on other sites, but in fact there's no need to learn them all by heart! There are several tools available which allow you to store passwords in an encrypted database that can only be opened by you with a master password or through other means (like a certain decrypting file that needs to be present on your computer). Macs have keychains that can be used, but I'm not too familiar with Macs, so I can't provide much information there. What I can talk about is the program that I've been using for quite a while now: KeePass.
Basically, all passwords you enter in KeePass are stored in one file. Though it's not advisable, it is almost harmless should a hacker be able to retrieve such a file, unless he can bypass the protections enabled on the file. There are 3 ways to protect the file (you can choose yourself which ones you want to activate): a master password, a decryption file and an authentication with your computer's Windows User Account. I chose the first two ones only because I want to use that database on several computers (at home, on laptop, at work, ...). I need to supply both the master password and that file to open the database and retrieve the passwords I've stored in there. This makes it possible for me to have different passwords on ALL sites, yet I only have to remember one password.
There are plenty of these applications around, such as LastPass, 1Password, ... I just happened to have been presented that program by a colleague at work and I was satisfied with the functionality it provided. So if you were ever wondering what the best way would be to put strong unique passwords on all sites, you should be aware that there are tools out there that can accomplish this easily. Of course, we're still trying to protect our site as much as possible, but you should never depend on others for your online security...
Greetings,
Glodenox
Statistics: Posted by Glodenox — February 9th, 2012, 12:45 pm
]]>