Forgotten Password Wizard

[medab_1]

See Screen Shot of Forgotten Password Wizard

 

This deals with security so I posted it here.

[Andavari]

Yeah it's good info to have, however I suspect most peoples PC's aren't password protected, however if using a laptop/notebook it's essential especially if it's left laying about.

[sonsie]

I love the idea of hiding my usernames and passwords somewhere in cyberspace. I haven't mentioned this on any forum yet, but I have time now so I figure it might be a small warning and save someone some grief. Security-wise, I don't know how significant it is, but I've quit shopping for and comparing password programs, and in fact, I used to store them in my email account, but recently I printed them out and now keep them in my desk.

 

A few months ago, in the course of googling stuff and just kind of following link after link and seeing where I ended up, I happened on a cached page with nothing on it except member usernames and passwords for a well-known site - 513k worth of them. They were just typed like this: username:password username:password username:password...and on and on, line after line of nothing but that. It was from the years 2002-2003.

 

I figure that someone with a more criminal mind than I have could probably put the info on that page to use in some way. I just checked and it can still be accessed - no official has found it and done something. Another thing I did after finding it was to make new, more difficult passwords, mixing up symbols, cap and small letters, and numbers. I used to use the same one ALL the time. I now have 25-30 accts that need a password - some significant, some fluff - and that page still comes to mind when I log into my bank account or something equally important. I spose all someone would have to do is start googling some of those names to find sites they're members of, and give the logon info a try. I know several people who use the same password all the time, for all sites, even their mail and computer.

 

I'm sure there are some extremely dependable, safe password programs available, but for me, personally, I just can't see risking their use. Anyway, thought I'd pass that along.

 

sonsie

[Andavari]

Good info sonsie!

 

The whole problem with passwords is the ability to forget them, I for one know if I choose passwords that are completely random without any significant meaning to me personally that I'll eventually forget them.

 

Personally I'd much rather have a retinal scanner or finger print scanner built for my system for logging into accounts (bank, email, forums, shopping, etc.,) as that would completely eliminate any theft of a password and eliminate forgetting passwords altogether.

 

About that site hosting username=password info you really should report it to your local authorities (Police) whom can contact the proper government organizations that can have such things removed.

[lokoike]

Personally I'd much rather have a retinal scanner or finger print scanner built for my system for logging into accounts (bank, email, forums, shopping, etc.,) as that would completely eliminate any theft of a password and eliminate forgetting passwords altogether.

 

Agreed! Hardware passwords are the best, and are practically uncrackable without expensive surgeries or lenses, etc.

 

In my town, we actually have a grocery store that is accepting finger scanning as a way to pay for your purchases (I'm being totally serious)! They treat your fingerprint like a debit/credit card! Very strange, but I suppose it will become commonplace before too long.

[Andavari]

Very strange, but I suppose it will become commonplace before too long.

 

I suspect it will also become commonplace and will eventually have to because with identity theft being such a problem there isn't going to be much choice. Come to think of it a hardware scanner of some sort for home usage really shouldn't be that difficult since there's already barcode readers for purchasing products via the Internet rather it be from a website or directly sent to a store such as a grocery store.

[burtman]

I thought the whole idea of passwords if that they are easy (for you) to remember, but semi-impossible (for everyone else) to guess. So surely ONE secure password (combo of symbols, Caps, numbers, etc.) should be enough for any standard user of PC (unless u work for the FBI or someone :-)

 

sonsie, you say u have 25-30 passwords ! Jeez - either u have one hell of a memory or u've written em down - and that second one's gonna catch u out. Even if no-one else finds ur password, someday u'll forget it !

 

At work, we are forced to change or password each and every month, and ur not allowed to repeat any of the last six passwords - so it is a pain to remember them (especially when the expire at 4:55pm on a friday :-) )

(A colleague let slip that his password is identical everytime except for the last 4 digits, which he increments by 1 each month! Guess that would do the trick !)

 

What I think I'm trying to say that on a standalone PC, multiple passwords and paranoia are generally not needed I don't think.

 

I think some IBM laptops have fingerprint scanners built in.

 

In my town, we actually have a grocery store that is accepting finger scanning as a way to pay for your purchases...

 

Yep, happening here too ! I'm not for it - germ transfer, eeh

[sonsie]

burtman wrote:

 

I thought the whole idea of passwords if that they are easy (for you) to remember, but semi-impossible (for everyone else) to guess. So surely ONE secure password (combo of symbols, Caps, numbers, etc.) should be enough for any standard user of PC

 

Absolutely agreed. And if the human brain guessing was the only thing we had to worry about, there'd be no problem. But anyone who's serious about obtaining passwords, as hackers are, don't guess. They have computers that go through the alphabet and try every permutation in existence until they get a match. That's why security experts advise throwing as many wrenches at them as possible such as symbols, caps, and numbers. Takes them much longer. So, once they get a correct password, they can then try it on as many accounts that belong to that person as possible - another thing they specialize in. Pick a name at random and do a search for it on a few search engines - you'll more than likely find it and then you have a name and a site that go together. Even if you narrow it down by entering an age and state into the search, you'll probably come up with a result.

 

I have 25-30 sites that require a password. I do repeat them. I actually only have about 8 passwords, but have to keep up with which ones go where, as well as usernames. And experts say even that isn't enough - they recommend a different password for every site you need one for. And as I also said in the post: "I used to store them in my email account, but recently I printed them out and now keep them in my desk." I live alone and will take the chance of a burglar finding them before I'll take the risk of having them in cyberspace.

 

Germ transfer on a fingerprinting machine is no more risky than touching everything we touch in our everyday lives - money is one of the dirtiest things we touch everyday and not many people wash their hands afterwards - and then we eat a burger, lick our fingers, rub our eyes, etc. Give me a fingerprint scanner over a retinal scanner anyday. I worked in a medical lab for a lot of years and every time we left a microscope or started to use one we had to clean the eyepieces. Nothing like that would be necessary for a fingerprint scanner - probably at the end of a shift would suffice.

 

I've heard of employers requiring the monthly password changes - good idea I'd guess. Security experts recommend that we all change our passwords every few months. Too much hassle for me, but I do change my email and bank passwords every year or so.

 

What I think I'm trying to say that on a standalone PC, multiple passwords and paranoia are generally not needed I don't think.

 

For the most part I agree. I don't think someone's going to spend time searching for my passwords to my boring email. But identity theft does happen to average people. I figure why take a chance when it's so easy to at least try to prevent?

 

from fraudlines.com 2003---

 

"Identity theft complaints to the Federal Trade Commission have increased five-fold in the last three years, from 31,117 in 2000 to 161,819 in 2002."

 

- US Department of Justice website

 

The Federal Trade Commission today released a survey showing that 27.3 million Americans have been victims of identity theft in the last five years, including 9.9 million people in the last year alone. According to the survey, last year?s identity theft losses to businesses and financial institutions totaled nearly $48 billion and consumer victims reported $5 billion in just (sic) out-of-pocket expenses, not the actual amounts they lost.

 

 

sonsie

[krit86lr]

I have to agree that internet/password security is an important thing these days. It is now the #2 cause of identity theft. My practices aren't as secure I would like them to be, but I'm getting better at it. I have 40 sites that require passwords & usernames. I use 16 passwords which I change every 4 months. I would like to change them every month. I have too many usernames to count. I also strongly agree not to keep that information on your computer. Mine are written down and locked in a filing cabinet. As added security I have identity theft protection.

 

I'm really diggin' the whole finger print idea. I would like to see that happen. It sure would save me some time. And the percentage for error would be slim to none. Can't say that I've seen it anywhere yet.

[sonsie]

wow krit! I'm impressed with your security measures. Like you, I feel like I could use improvement, but mine has improved a lot just since the first of the year. So my goal is to do better, but I'm pleased for now.

 

I'm not sure how I feel about fingerprinting. Like so many issues that turn out to be hotbeds of discussion, I can see good points and bad. The main thing I would fear is a fingerprinting invasion. I was surprised to hear that it's already in grocery stores (plural because I'm assuming that it's more than the one mentioned). It provides security, yes, and if instituted all over the U.S. (or world) in every venue, we could sure catch some bad guys. But man - talk about Big Brother! It brings to mind my parents - they were conservative Republicans, well-known and respected in their town, Dad had a high position in the University and Mom did the social event support thing - and I was flat out shocked when I heard their reaction to the news some years ago that the new state law was requiring them to wear seat belts. I would have thought they'd be behind it 100%. But they were angry - said the government had no right to dictate whether or not they wore seat belts, that it was an invasion of privacy and an example of the government delving into our personal lives too far.

 

It reminds me of the pizza commercial:

 

http://www.aclu.org/pizza/images/screen.swf

 

hmmm...things to ponder in the wee hours of the morning.

 

sonsie

[krit86lr]

lMAO - That's hilarious.

[Andavari]

the new state law was requiring them to wear seat belts.

 

It's better to wear a seat belt versus being scrapped from the confines of the automobile with a spatula after an accident.

 

Imagine how upset people would be if they had to wear a fire retardant racing suit, a helmet, and have a HANS device just to drive. No wait that's Formula 1.

[sonsie]

lMAO - That's hilarious

 

Cracked me up too, krit! and get this - the first time I opened the file I quickly closed it because of that beginning scene that said "Incoming call. Detecting pone number." Then I remembered I wasn't on dialup. Talk about a blond moment!

 

It's better to wear a seat belt versus being scrapped from the confines of the automobile with a spatula after an accident.

 

Oh I agree and I wear my seatbelt 100% of the time! Point is, that should be my decision, not a babysitting government forcing me to do what's good for me.

 

"WHAT?! You talkin' to me?? You talkin' to ME?? Whachooo talkin' 'bout I can't have a steak?! And I won't brush my teeth and you can't make me!" LOL

 

sonsie

[burtman]

going back to the fingerprint thing ...what happens if you damage your fingerprint ...?

Say I register my perfectly good fingerpint, and then have an accident - which I have done, as I'm sure some of us have done (I partially choped the top off my finger - yes, off !)

So now, I'm wiped. My fingerprint is screwed, but I gotta live my life, so ....

My so-called fingerprint ATM machine, grocery store, etc. no longer registers my 'half' fingerprint.

My bank gives me nothing, my identity does not exist anymore ...

Jeez, every machine doesn't register my fingerprint ... what if I was abroad?

 

(and the same goes for retina scans - cept it increases to a 50% chance of going wrong)

 

And, yes, I know we all have 10 fingers (most of us) so we could record 10 fingerprints, but surely that would be x10 the effort ?

 

See, I don't think like the government

[burtman]

and have a HANS device just to drive.

 

 

HANS - Head And Neck .... what ? (wrong room, but who cares)

SAFETY ? Oh, I hate acronyms.

[krit86lr]

HANS - Head And Neck .... what ? (wrong room, but who cares)

SAFETY ? Oh, I hate acronyms.

 

I'm with you burt. Once the acronyms start flyin'. I don't have any idea what people are talking about. Lokoike said to use this for translating. But it didn't translate HANS.

[sonsie]

Maybe it's Head and Neck Support? <shrug>

 

I'd bet the government has thought of a few of the wrenches that can get thrown in - they've been using fingerprinting and retinal scans for a while, like probably in Fort Knox, the Pentagon, possibly nuclear power plants. I'm guessing they'd automatically take all ten prints and keep them on file in case you lost whatever main finger they used, and even if you lost part of it, there are something like over 100 points they can use for identification on one print.

 

Jeez, every machine doesn't register my fingerprint ... what if I was abroad?

 

Hey! What does your sex have to do with it and since when is the term 'broad' acceptable?! <snicker snicker>

 

 

LOL Acronyms can get pretty obscure. I think they're kind of fun, but I get frustrated if enough time passes and I can't come up with it - they're perfect for those 3:30am 'aHA' moments.

 

hmmm...wonder what the longest acronym is...

 

sonsie

[cww]

Report here which reckons supermarket trolley handles have more bacteria per 10 sq cm than public toilet doorknobs ? so maybe burtman?s right to be concerned on that score!

 

In Oxford, UK, the Co-op store is launching a system whereby customers can pay with their fingerprints rather than a cash card ? Guardian

 

Anyone read that book by Dan Brown where the bad guy hacks someone?s eye out in order to pass thru a scanner?

 

Of course, presenting a severed hand at the local supermarket checkout could be a bit of a giveaway.

[sonsie]

Of course, presenting a severed hand at the local supermarket checkout could be a bit of a giveaway

 

LMAO! yep! "My mom said I could use her account."

 

I didn't read that book, but I've seen a movie where a guy stole an eye to get through a scanner. Pocket lint on the eyeball ewwww yuk!

 

I still say the bacteria is nothing to worry about - why should a fingerprint scanner be any different than anything else that we all touch after one another all day, every day. It would gross you out if you had any idea how many bacteria are on your face right now - your hands, every single part of you. There's nothing bacteria-free on your body, and plenty of infested places in your body. And most of the bacteria inside is for our protection. It's when it gets out of balance that we run into problems. Did you know that urine is actually sterile until it hits your skin upon exit?

 

That UK Co-op system is what lokoike posted about - it's happened in a grocery store in the town where he lives in Illinois already, too. Says it's like a debit/credit card.

 

I dunno - something I just don't like about it.

 

sonsie

[cww]

I dunno - something I just don't like about it.

Me too. It's like in the movies, when the FBI are tracking someone and they can tell almost instantly when their credit card has been used. Still, if it does help to combat terrorism... (as well as being more secure than other methods of securing one's ID)

 

BTW, I like your sigs, sonsie!

[sonsie]

Still, if it does help to combat terrorism...

 

...aaaand if the people monitoring their country's entryways, especially airports, are not only trained well but also do their job. Doesn't do much good to lock all the doors and leave the windows open.

 

 

BTW, I like your sigs, sonsie!

 

Thanks! It's fun browsing around for them. I have one that's a favorite, but women sometimes don't see the humor in it so I don't use it often. I like it purely for the humor and mental picture: "So you're a feminist...ain't that cute."

 

<sigh> I swear cww - since I realized you're in Greece, every time I see your name I get beautiful images of blue, blue water and hillsides lush with villages of white stucco leaning out over one another to catch a salty whiff of sea. I have lots of pictures of Greece from the webshots site that I use as my desktop. Love the food, too.

 

sonsie

[Andavari]

HANS Device = Head and Neck Restraint System. Created in the U.S.A. although it sounds German.

 

It's the one device that could have saved the life of Dale Ernhardt (not sure if I spelled his name correctly). Basically it protects racing car drivers from getting a basler or baisler (don't know the exact spelling) skull fracture which is 100% fatal.

[cww]

Sonsie: here it's not the airports we have to bother about so much (need your passport or some form of ID for internal flights) - it's the seas. Seems that everyday there's reports of illegal immigants being intercepted - often because the smuggler's rickety old boat is in distress. Sooo much coastline.

 

"So you're a feminist...ain't that cute" - guess some folk can't see the irony(?) in it?

 

And just so you aren't toooo envious: today is Independence Day here - and it's just like a typical British bank-holiday weekend... cold and wet! Ah well, summer's coming

 

 

Andavari: couple of years ago we met an Australian-Greek racing driving out here, can't recall his name. Not sure if he was ex-F1 or not but he was well in to it. He'd been pretty badly smashed up in a racing crash. Still able to get around but he's never going to race again, for sure. I didn't like to ask about the gory details.