Nobu
[H]F Junkie
- Joined
- Jun 7, 2007
- Messages
- 10,167
Not gonna share your redtube pw, eh?
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
Not gonna share your redtube pw, eh?
Y0urm0m6969!Not gonna share your redtube pw, eh?
upper and lower-case letters and digits, and each one is different. Looks good to me!
and a special characterupper and lower-case letters and digits, and each one is different. Looks good to me!
and THIS is why you are known as the pen dragon.
funny thing is, is that random google pic actually looks very close to my own writing...and THIS is why you are known as the pen dragon.
No, pastebin doesnt... but you can get a large scale notepad++ and chop or load the file up.I wanted this for a second then remembered its 100gb. Having tried to load a couple GB text file in the past, I doubt that would work out. It would have to be hosted on a site developed to present that to multiple users without issues. Does pastebin do that?
That represents 90% of my clients.
I pay for the BitWarden upgraded service and it has an authenticator built right into it that lets you easily copy the circulating code right next to the username and password. It’s really convenient and I use it for any account that will let me. It’s ridiculous for websites that don’t have an option to use an authenticator these days.I had an adventure over the weekend. Someone probably used this dump to access my cell phone account (one password I didn't think to change). They changed my pin, ported my number out, and then started changing my e-mail passwords verifying the account with my stolen phone number. They used my paypal account to buy background checks on others, and then tried to access my Coinbase account. Fortunately, the stuff where I have money tied up with (other than PP), is behind an authenticator app. I ended up getting everything back, but it was a PITA and cost me several hours of my time.
Long story short, change your wireless carrier password also!
I so _love_ that my bank wants to send MFA via SMS. Because that's never been intercepted in the history of ever. Let me use an app, damn it!I pay for the BitWarden upgraded service and it has an authenticator built right into it that lets you easily copy the circulating code right next to the username and password. It’s really convenient and I use it for any account that will let me. It’s ridiculous for websites that don’t have an option to use an authenticator these days.
I wanted this for a second then remembered its 100gb. Having tried to load a couple GB text file in the past, I doubt that would work out. It would have to be hosted on a site developed to present that to multiple users without issues. Does pastebin do that?
I love this, if they didn´t already have your password, you just gave it to them.View attachment 365165
I used to use this one, back in the early 90's, lol
hence the post it noteGenuine question- I see several people recommended password managers, but then how do you know the password manager itself is secured? That there is no bad employee out to leak or steal the passwords? And the site won’t get hacked?
Nothing is ever 100% secure, there is always a chance of a breach, but you can assume that the password manager has better security than some random forum on the internet so you choose who to trust.Genuine question- I see several people recommended password managers, but then how do you know the password manager itself is secured? That there is no bad employee out to leak or steal the passwords? And the site won’t get hacked?
But then problem is, if the password manager is hacked or leaked, now ALL your accounts and passwords are out there, and you gotta figure out what, how, and where to change your 20+ passwords. Am I right? Hopefully, none is your financial institution password.Nothing is ever 100% secure, there is always a chance of a breach, but you can assume that the password manager has better security than some random forum on the internet so you choose who to trust.
Much appreciated. This looks like a good answer to me.I don't think it is worth losing sleep over, and I've seen that argument before usually as an excuse to do something that is less secure.
But if you are really paranoid, you can use something like KeePass, where you can store the password database locally yourself and avoid having it in the cloud.
https://keepass.info/
For starters, don't use a cloud-based manager.Genuine question- I see several people recommended password managers, but then how do you know the password manager itself is secured? That there is no bad employee out to leak or steal the passwords? And the site won’t get hacked?
Here's a second vote for KeePass.I don't think it is worth losing sleep over, and I've seen that argument before usually as an excuse to do something that is less secure.
But if you are really paranoid, you can use something like KeePass, where you can store the password database locally yourself and avoid having it in the cloud.
https://keepass.info/
And then having a separate password for 20 or so different systems/sites/etc, how easy is to remember "correct horse battery staple" and what site it goes to?
Yeah, one thing that is nice about cloud password managers, is that the password is saved for only the specific domain.And then having a separate password for 20 or so different systems/sites/etc, how easy is to remember "correct horse battery staple" and what site it goes to?
And then having a separate password for 20 or so different systems/sites/etc, how easy is to remember "correct horse battery staple" and what site it goes to?
Yep, a small 3 word pass phrase is all you need. If you want to get crazy, add your email domain at the end like [email protected] - Takes something super complex and makes it impossibly complex to crack but very easy to remember. Who ever would of thought a 27 character password was this easy to remember.Passwords don’t need to be complex, best password your have is a small phrase that you couldn’t forget if you tried. We all have one, 3-5 words long no machine is guessing that any time soon. But it’s all pointless if the sites shit security and crap IT store it plain text on a poorly configured AWS instance.
there really needs to be some sort of legal implications for these sorts of breaches. There is absolutely 0 reason to not be salting your databases at this stage.
And they could affordably sub-contract the task to us [H] posters. We can be quite salty.Passwords don’t need to be complex, best password your have is a small phrase that you couldn’t forget if you tried. We all have one, 3-5 words long no machine is guessing that any time soon. But it’s all pointless if the sites shit security and crap IT store it plain text on a poorly configured AWS instance.
there really needs to be some sort of legal implications for these sorts of breaches. There is absolutely 0 reason to not be salting your databases at this stage.
i think for offline attacks a 3 word password passphrase would make me a little nervous. thats 30-39 bits of entropy, which from what i understand, a modern desktop can crack in seconds.Yep, a small 3 word pass phrase is all you need. If you want to get crazy, add your email domain at the end like [email protected] - Takes something super complex and makes it impossibly complex to crack but very easy to remember. Who ever would of thought a 27 character password was this easy to remember.
"Dubbed RockYou2021, the list as revealed on a hacker forum contains 8.4 billion password entries, says CyberNews."
"A list of leaked passwords discovered on a hacker forum may be one of the largest such collections of all time. A 100GB text file leaked by a user on a popular hacker forum contains 8.4 billion passwords, likely gathered from past data breaches, tech news site CyberNews said on Monday."
https://techxplore.com/news/2021-06-largest-password-breach-history-leaked.html
https://www.techrepublic.com/article/billions-of-passwords-leaked-online-from-past-data-breaches/
better check...
https://haveibeenpwned.com/