…… I hate passwords!

[bluelady]

A necessary evil.

If I accidently forget to "hide password" when I log into Amazon do I need to change my password? I sooo hate changing, because I've figured out a way to have good passwords that I can actually remember. Until I have to change them! I should never click "show password" for this very reason, but I did anway.

 

[Cyclonemom]

Bitwarden has revolutionized my passwords. Between work and personal, I have roughly 1000. With Bitwarden I just have to remember my main password, and everything else is a breeze!

 

[Roger Thornhill]

Passwords become exponentially more secure as you increase the number of characters. An easy way to create a password, which is both easy to remember and very difficult to crack, is to use the year,make, and model of a vehicle.
For instance: 1963BuickSkylarkconvertibleV8!
According to a couple of free password-strength checkers available online, it would take a typical computer 10,000 centuries to perform a brute-force hack of this password, yet it's very easy to remember.

ETA: You could even save a picture to refresh your memory, in case you're prone to temporarily forgetting your passwords.

 

[bluelady]

Bitwarden has revolutionized my passwords. Between work and personal, I have roughly 1000. With Bitwarden I just have to remember my main password, and everything else is a breeze!

Thanks; I will have to look into that.

I went ahead and changed my password. My vague understanding is that it's something like bots sweeping for open passwords and if they happen to find mine in that split second after I click they can order stuff on my Amazon account.

I'm glad Dennis probably isn't reading this now as he'd be all over me for operating a computer while being a ditz. Well, I *am*...my brother used to call me airhead and space cadet...thanks so much, ADHD! LOL!

 

[Red Baron]

A necessary evil.

If I accidently forget to "hide password" when I log into Amazon do I need to change my password? I sooo hate changing, because I've figured out a way to have good passwords that I can actually remember. Until I have to change them! I should never click "show password" for this very reason, but I did anway.

I'm pretty sure that is just a one-time occurrence for your immediate convenience.

Don't do that on a library PC or a public network just to be safe.

 

[Profit of Doom]

I'm glad Dennis probably isn't reading this now as he'd be all over me for operating a computer while being a ditz. Well, I *am*...my brother used to call me airhead and space cadet...thanks so much, ADHD! LOL!

Ozone scout.

 

[tom-j]

We always remove our credit card information from Amazon after placing an order.
Less worries about someone using the account that way.

 

[bluelady]

We always remove our credit card information from Amazon after placing an order.
Less worries about someone using the account that way.

Wow, I use it all the time for home and business, with different cards. That would be hard. Do you really think there's a chance of someone doing that?

 

[tom-j]

I have had it happen.

 

[bluelady]

Passwords become exponentially more secure as you increase the number of characters. An easy way to create a password, which is both easy to remember and very difficult to crack, is to use the year,make, and model of a vehicle.
For instance: 1963BuickSkylarkconvertibleV8!
According to a couple of free password-strength checkers available online, it would take a typical computer 10,000 centuries to perform a brute-force hack of this password, yet it's very easy to remember.

ETA: You could even save a picture to refresh your memory, in case you're prone to temporarily forgetting your passwords.

View attachment 440027

If I saved that picture my password would be "old red convertible".

My passwords have a common middle portion, 7 numbers and marks, that I easily remember. Then lower & uppercase letters before & after that are different for each account but make sense to me so I can usually remember them, or writing part of them down would mean nothing to anyone. Once in a while there is an actual word. My son gave me the idea. Usually anout 12-16 digits; should I make them longer?

 

[bluelady]

I have had it happen.

Someone hacked your Amazon account? How good was your password?

 

[tom-j]

Not very good obviously.

 

[bluelady]

Not very good obviously.

Can you give advice about what a better one would be? My mistake here was unhiding it. But since it came up, I want to make sure mine are good.

 

[tom-j]

Like I said above, I went the route of not leaving my credit card info at amazon. I don't have any advice about strong passwords.

 

[WalknTrot]

Using "show password" shouldn't be a security breach unless you are in a crowded coffee shop with a lot of creeps looking over your shoulder taking notes, or are using an unsecured Wi-Fi signal. Maybe I'm stupid, (only one cup of coffee so far, so be kind) but not seeing the problem here.

 

[phloydius]

BitWarden is good. But I strongly prefer 1Password.

BitWarden's best feature is the price (the free option). The security is really good.
1Password's best feature is the security is superior. But there is no free option.

We use the Family version of 1Password that is $4.99 a month. With 5 of us, it is $1/Month -- a price we consider money well spent. I have nothing against BitWarden, but felt the better security was worth the price so we went with 1Password.

 

[phloydius]

If I accidently forget to "hide password" when I log into Amazon do I need to change my password?

To expand on what WalknTrot said, there is little risk to "show password". The only real risk is that someone can look over your shoulder and see it. The masking of a password (showing the ******* instead of the actual password) does not protect it from malware or viruses on the device, just a human or camera seeing your screen.

 

[Creeper]

I use Dashlane for my passwords, and have it setup to generate 12 character random passwords. Also use 2 Factor Authentication for at least all your most important accounts (Facebook and Twitter for sure). I use the Authy app (Windows, mobile ) for most of my 2FA accounts. You can even set it up for TB2K.

 

[Blacknarwhal]

A lot of people hate passwords.

 

[bluelady]

I use Dashlane for my passwords, and have it setup to generate 12 character random passwords. Also use 2 Factor Authentication for at least all your most important accounts (Facebook and Twitter for sure). I use the Authy app (Windows, mobile ) for most of my 2FA accounts. You can even set it up for TB2K.

So, why are Facebook & Twitter most important? I would think it would be accounts that have my debit card stored.

 

[bluelady]

To expand on what WalknTrot said, there is little risk to "show password". The only real risk is that someone can look over your shoulder and see it. The masking of a password (showing the ******* instead of the actual password) does not protect it from malware or viruses on the device, just a human or camera seeing your screen.

Ohhhh, thanks! I thought it had something to do with having less security when being sent.

No problems, then. I'm normally home, and Dh doesn't watch what I'm doing. He never uses passwords; I have to tell him what his are...LOL!

 

[Squib]

I just use “password” or “Password1” as my password for everything….simple!

 

[phloydius]

So, why are Facebook & Twitter most important? I would think it would be accounts that have my debit card stored.

They are not the most important, but they are pretty important -- if you use them to login to other things. You've probably see things that say "log in with facebook" or something like that. If they get access to your facebook then they get access to everything that you use that for; and in addition they can sign up for ANY service that uses that using your information. Amazon would be on this list as well.

The most important is your email and your login to your cell phone's website. If they get access to either they can take over pretty much anything you have, including resetting your passwords to your banking and transferring all your money out.

 

[phloydius]

Probably the absolute most important thing is not using the same password on a bunch of sites.

If you use the same password on facebook and your bank, as an example, and facebook password gets stolen, then within a few minutes your password will be tried on every account possible that you even might have in the entire world (by a bot), and they have access to all of them pretty quickly.

 

[Creeper]

So, why are Facebook & Twitter most important? I would think it would be accounts that have my debit card stored.

Hackers heavily target Facebook. They already know your username. I know several people who had their Facebook accounts taken over - and then there is an uphill battle with Facebook to get the account back.

Banks are a bit more secure. First, the hacker needs to figure out which bank you use, then your username, and then your password. Banks usually will lock the account after a fairly small number of failed attempts. However, more banks are now offering two-factor authentication, so if you set it up, hackers will not be able to get into your account even if they know the password.

I use two-factor authentication wherever I can, even for TB2K.

 

[patriotgal]

I use lastpass and change my main password to it at least once a year. I also keep an exported printout in safe along with index cards for main accounts. If something happens to us kids won't have the extra stress. I really need to clean my account up. There are thousands of passwords in there that are never used anymore. Old business ones, etc.

 

[meezy]

I think passwords will eventually be a thing of the past, replace by authenticator apps like Okta, Google Authenticator, etc. The site sends a push notification to your phone, you tell them that yes, it was you, and you're in. A lot of sites use both though.

 

[bluelady]

Thanks, everybody. Lots to think about. I might sign into things with Facebook; I've seen it. And Google; seems like lots of things are connected.

I think my passwords are pretty good, but I'm definitely going to change the way I do some things.

 

[bev]

I’ve got pretty unique passwords, and we have Lifelock, which works great.

That said, I received a notice in the mail last week - my information was possibly hacked from an anesthesiology group (recent surgery), or my pain management group (also anesthesiologists).

As mzKitty says, “I give up!”

 

[Kris Gandillon]

To expand on what WalknTrot said, there is little risk to "show password". The only real risk is that someone can look over your shoulder and see it. The masking of a password (showing the ******* instead of the actual password) does not protect it from malware or viruses on the device, just a human or camera seeing your screen.

Not true.

Just like with keystroke loggers, a virus with hooks behind the “Show Password” button could easily intercept the clear text password as it is displayed and store it or send it wherever.

While chances are slim that anyone of us has encountered such a virus, it is no more impossible than a keystroke logger.

 

[BH]

I use KeePassX as my password manager. It runs locally on my laptop, data is encrypted, it does not reach out in any way and is free. It does not sync with any other device (which requires reaching out). My password manager is not allowed to automatically update itself. I use the password manager to generate secure user id's and passwords, typically as the max length supported by the individual site.

If a site truly knows me (banks and utilities) it is managed exclusively within the password manager, has 2 factor authentication enabled (if supported) and only accessed via laptop from my home network. I do not use any authentication apps with any 2 factor authentication, I only receive a one time pin via text or email. Sites that do not hold any personal info are logged in the password manager for archival (backup) purposes, but are also maintained for normal use in my browser's remember password capability and sync'd across my devices for ease of use (like my credentials here). I log in and out of sites as I visit and shutdown my laptop when not in use.

I routinely backup my laptop (including the encrypted password file) to an encrypted thumb drive I carry on my key chain (no automatic or cloud backup). I periodically backup everything to an encrypted USB hard drive and kept in a safe deposit box.

I have to remember my hard disk encryption pass phrase, the login id (not my name) and password for the laptop itself and the pass phrase for my password manager. That's only 4 things I must commit to memory, everything else can simply be clicked.

 

[Profit of Doom]

 

[Chance]

A necessary evil.

If I accidently forget to "hide password" when I log into Amazon do I need to change my password? I sooo hate changing, because I've figured out a way to have good passwords that I can actually remember. Until I have to change them! I should never click "show password" for this very reason, but I did anway.

Hi bluelady

I always delete my cc number right after I place an order on Amazon.

Kind of a pain to always reenter the number...but I don't worry about someone getting in to my acct then.

Just a thought.

Chance

 

[Griz3752]

Ozone scout.

Good one!
Public domain?

 

[Profit of Doom]

Good one!
Public domain?

Gofer it.

 

[Profit of Doom]

It’s not a trademark, as there is no product or company, too short for copyright.

 

[Mother Of Two]

Thanks; I will have to look into that.

I went ahead and changed my password. My vague understanding is that it's something like bots sweeping for open passwords and if they happen to find mine in that split second after I click they can order stuff on my Amazon account.

I'm glad Dennis probably isn't reading this now as he'd be all over me for operating a computer while being a ditz. Well, I *am*...my brother used to call me airhead and space cadet...thanks so much, ADHD! LOL!

Mars Marauder
Saturn Scout
Jupiter Jumper

So many planets, so little time.

Please note that I am autistic, so I am right there with you (walks away whistling)…

 

[Southside]

Ozone scout.

Nice!