Re: How strong are your passwords?

On 2013-05-10 07:53, dd wrote:
>>> ToQuinHa*!23B%$YH1(0n&
> that is far stronger than my root pass, but not as strong as the pass
> for my bank, paypal, online broker account…

Many banks and sites do not accept such long passwords. I found a bank
where I entered a password with symbols, and I could not get in later. I
had to go on foot to the branch, the phoned support internally, and it
turned out that “symbols” were not allowed in passwords, but they had
forgotten to verify that in the web form. So strong passwords for them
are just letters and numbers.

Some sites allow only 4 numbers.

One insurance company where I logged recently has forced me to change my
password to just 4 letter/numbers - I had 8.

Another utility company I know forces us to enter login, pass (stronger
than usual) and a capcha or human question (to deter dictionary attacks).

A bank I know sends mail (receipts, invoices, etc) in acrobat encrypted
files via email (ISIS Information Systems, actually). The password is
relatively strong, but I don’t think they enforce it that much (and I’m
not going to try).

> but, for a root pass to be useful to anyone they would first have to get
> into my machine, electronically…not an easy task…it is a lot
> easier to knock on the door of my bank account, than my root account.

They would have to get into my local network first. And if they are
inside my house, they have physical access, so they can change the
password, anyway. Which is why I use an encrypted partition with a long

No, there are things that worry me a bit more. Like the multimedia
device having a password that I can not change, or the router resetting
to factory default on its own, or the printer having no security…

> my root pass looks like this:
> XyZA1.b2_3
> while paypal more like this:
> _A1.BcdE$2fG3H-

Mmm… Maybe I have to change mine to a stronger one :wink:

It can be worse… I know people that use the same pin for absolutely
everything… !

Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)