|
Pilsner posted:Not sure if you're joking, but assuming you're using a very simple password, frankly I don't even know if simple vs. strong passwords matter much these days. Aren't the majority of hacks done via phishing (where you yourself enter your password in a fake login form), keylogging (where the complexity of the password doesn't matter), or data theft? I don't have any data to back my assumption up, but I don't think there are many hacks done by guessing or brute forcing, two scenarios where password complexity matters. The former is ridiculously time consuming, and the latter is very easy to protect systems/websites against. Passwords are just a flawed concept at this point. You need overly complex bespoke passwords that you need to change so often that it's impossible to remember so you use a password manager and have everything in a single point of failure anyway.
|
# ? Dec 19, 2017 15:26 |
|
|
# ? Apr 26, 2024 01:49 |
|
Do you really have to change them often, though?
|
# ? Dec 19, 2017 15:56 |
|
Just at work for me, none of my online accounts have made me change a password unless they've had a breach already (lol).
|
# ? Dec 19, 2017 16:04 |
|
Kassad posted:Do you really have to change them often, though? The theoretical point of changing passwords is that if an old database/dump/print of passwords gets leaked/stolen/hacked, you will in the meantime have changed to a new password. For example, if you change a certain password every month, a leak of two-month old passwords won't affect you. Alternatively, if someone finds an old scribbled note in a company's trash bin with a password, it might have been changed in the meantime. However - in this modern world, I don't know if that makes an ounce of difference. Why would hackers target old backups of passwords anyway? I'm dead certain that modern hackers strike, loot, and scoot quickly, so that it doesn't matter how old your password is, even a day old won't help. For example, assume you fall for a phishing scam and enter your Facebook login and pw in a fake login box. I have no doubt that there is either a fully automated process that logs in, changes the password and locks you out of the account, or a cheap labor (for example Chinese) person reacting immediately to the fresh hijack, and performs the account login manually. Shortly thereafter, automated programs immediately start abusing the account for spamming ads, or whatever they do. Same with a stolen online game account (for example World of Warcraft), after the account info is obtained, it is almost instantly logged into by hackers/automated programs, cleared of gold/valuables, and used to spam in-game, until the account is banned shortly after. If you've been abroad to a far away country and have been using public Wifi, it kinda "feels safe" to change important account passwords after getting home, such as Google, but I don't know if it truly matters. I think a much more important thing is to use different passwords for different websites/accounts. If someone gets hold of your email and a password you've used across many sites, they can easily attempt to login to all kinds of social media sites, forums, web mail, etc. using the same credentials.
|
# ? Dec 19, 2017 16:05 |
|
Pilsner posted:I think a much more important thing is to use different passwords for different websites/accounts. If someone gets hold of your email and a password you've used across many sites, they can easily attempt to login to all kinds of social media sites, forums, web mail, etc. using the same credentials. That's what I'm thinking, as well. Also using two factor authentication if possible.
|
# ? Dec 19, 2017 16:09 |
|
Pilsner posted:Not sure if you're joking, but assuming you're using a very simple password, frankly I don't even know if simple vs. strong passwords matter much these days. Aren't the majority of hacks done via phishing (where you yourself enter your password in a fake login form), keylogging (where the complexity of the password doesn't matter), or data theft? I don't have any data to back my assumption up, but I don't think there are many hacks done by guessing or brute forcing, two scenarios where password complexity matters. The former is ridiculously time consuming, and the latter is very easy to protect systems/websites against. I was joking (somewhat. there are plenty of lovely websites that i needed to make an account on that i will never visit again where 1234 is the perfect password and where i have some random username), but to your statement "I don't think there are many hacks done by guessing or brute forcing" i disagree. There are. There are databases with millions of known passwords, there are rainbow tables (for when you get the database itself) with millions of known hashes. For the large majority of websites out there security is not even remotely a thing they worry about. Hashing a password, and you're in the top 5%. Not using MD5, you're amazing. Salting it ... you're a god. Hell, firefox and chrome got a lot of flak from websites owners after they started to warn users when they entered passwords in non-https forms. And usually the lack of security is not because people dont know how to implement it (if they don't is a google search away) but because they don't care. The more complex hacks (fishing, keylogging,etc.) are done against websites that have a good grasp of security where simple trying out 1234 in password fields doesn't work.
|
# ? Dec 19, 2017 16:53 |
|
Kassad posted:Do you really have to change them often, though? If you have unique passwords (which you should, use a pw manager), you shouldn't have to ever change one unless you get phished.
|
# ? Dec 19, 2017 17:43 |
|
Truga posted:If you have unique passwords (which you should, use a pw manager), you shouldn't have to ever change one unless you get phished. Or their database gets stolen (and they may or may not let you know, and they may or may not hash and salt the passwords).
|
# ? Dec 19, 2017 18:03 |
|
Stabbey_the_Clown posted:Hmmm... starting yesterday Firefox seems to have forgotten to save my cookies for some forums sites where I stay always logged in. I had to log in to them all yesterday and today as well. No idea why. Anyone else getting this? It might be time for a fresh profile if animated GIFs aren't playing anymore.
|
# ? Dec 19, 2017 18:07 |
|
Volguus posted:Or their database gets stolen (and they may or may not let you know, and they may or may not hash and salt the passwords). If you use a password manager and therefore have 15-20 random characters as your password, yours will be uncracked when the thief has reverse hashed everyone else's and gotten tired of listening to his GPU fans whine. Even if the hashes are unsalted. Even if it's using MD5. (Of course, some places still store passwords plain text. Including ones who really should know better.)
|
# ? Dec 19, 2017 18:36 |
|
Klyith posted:(Of course, some places still store passwords plain text. Including ones who really should know better.) I once worked on a very old legacy platform that had originally been written to store user passwords in plain text in a database. This was changed at some point to store a hash of the password instead. So far so good. But for some reason (I don't recall the details) it had to be done really half-assed. So there was a catch. When you entered a password, it would naturally take a hash of that and compare it against what was in the database, but it would also try directly comparing what you entered with what it had in the database. If either matched, you were in. This means that if you had access to a hashed password, you could simply use that as the password and it would happily let you in. Which essentially means the hashing was worthless. But hey, it was good enough for the PCI auditors.
|
# ? Dec 19, 2017 22:20 |
|
Volguus posted:I was joking (somewhat. there are plenty of lovely websites that i needed to make an account on that i will never visit again where 1234 is the perfect password and where i have some random username), but to your statement "I don't think there are many hacks done by guessing or brute forcing" i disagree. There are. There are databases with millions of known passwords, there are rainbow tables (for when you get the database itself) with millions of known hashes. For the large majority of websites out there security is not even remotely a thing they worry about. Hashing a password, and you're in the top 5%. Not using MD5, you're amazing. Salting it ... you're a god. Hell, firefox and chrome got a lot of flak from websites owners after they started to warn users when they entered passwords in non-https forms. Klyith posted:If you use a password manager and therefore have 15-20 random characters as your password, yours will be uncracked when the thief has reverse hashed everyone else's and gotten tired of listening to his GPU fans whine. Even if the hashes are unsalted. Even if it's using MD5. Good points!
|
# ? Dec 19, 2017 23:24 |
|
Nalin posted:It might be time for a fresh profile if animated GIFs aren't playing anymore. Not sure if he's talking GIFs as MP4 embedded video (or whatever twitter embeds use) stopped working in the latest FF, been told to install FFmpeg to get it working again
|
# ? Dec 20, 2017 00:12 |
|
djssniper posted:Not sure if he's talking GIFs as MP4 embedded video (or whatever twitter embeds use) stopped working in the latest FF, been told to install FFmpeg to get it working again This is what happens with twitter embeds for me, this is on SA, but I've tested it elsewhere and the same thing happens.
|
# ? Dec 20, 2017 01:35 |
|
Klyith posted:If you use a password manager and therefore have 15-20 random characters as your password, yours will be uncracked when the thief has reverse hashed everyone else's and gotten tired of listening to his GPU fans whine. Even if the hashes are unsalted. Even if it's using MD5. Even if they store the password in plain text, it doesn't matter because if you use a password manager, all your passwords are unique and getting a random forum password doesn't give the attackers access to your email or bank account
|
# ? Dec 20, 2017 12:30 |
|
Can anyone recommend a good translation extension? I'm learning Spanish so I don't want an entire page translated but i'd love something that would allw me highlight and right click a word or passage I don't know and get a quick translation.
|
# ? Dec 22, 2017 18:55 |
|
Thauros posted:Can anyone recommend a good translation extension? I'm learning Spanish so I don't want an entire page translated but i'd love something that would allw me highlight and right click a word or passage I don't know and get a quick translation. This is ok: https://addons.mozilla.org/en-US/firefox/addon/imtranslator/ It starts out with way too many options, use it a while then you'll whittle away what you don't need.
|
# ? Dec 22, 2017 20:42 |
|
Thauros posted:Can anyone recommend a good translation extension? I'm learning Spanish so I don't want an entire page translated but i'd love something that would allw me highlight and right click a word or passage I don't know and get a quick translation. I use Google Translate for Firefox. You can highlight some text and click the button on the toolbar to translate it in place, or you can just click the button to open a new tab with the whole page translated in Google Translate. It also supports Google's language auto-detect, I've used it for multiple languages already.
|
# ? Dec 22, 2017 21:18 |
|
Something has been causing regular hangs in ESR 52 for the last few days, so it looks like I'll be making a new profile and moving on to 57. Does anyone have that link to the spreadsheet of popular older add-ons, their state of adaptation, and alternatives?
|
# ? Dec 25, 2017 07:20 |
|
https://arewewebextensionsyet.com/ ?
|
# ? Dec 25, 2017 07:47 |
|
Thank you! Not precisely what I was looking for, but just as well suited to my needs.
|
# ? Dec 25, 2017 07:53 |
|
Could I please have some help with my menu text always being white? Stuff I've tried: New ff profile, change usercrome.css, changed theme, removed themes, tried css editing addon, disabled windows 10 aero, changed windows accent colour, changed colour in options. Searching for the problem shows that nobody seems to have this exact issue, but that might be my search terms.
|
# ? Dec 25, 2017 08:24 |
|
blackcat12951 posted:Could I please have some help with my menu text always being white? Are you using an accessibility theme in Windows? those have a habit of overriding application settings in stupid and inconsistent ways.
|
# ? Dec 25, 2017 08:26 |
|
dis astranagant posted:Are you using an accessibility theme in Windows? those have a habit of overriding application settings in stupid and inconsistent ways. While I don't think I'm using a accessibility theme, changing to the default theme restored the menu text, so I'll figure out whats happening there. Thanks for that, prior searches never came up with it being windows fault. Edit: definitely fixed, also fixed other progams with the same problem, so something was absolutely wrong with the theme i was using. blackcat12951 fucked around with this message at 08:36 on Dec 25, 2017 |
# ? Dec 25, 2017 08:33 |
|
blackcat12951 posted:Edit: definitely fixed, also fixed other progams with the same problem, so something was absolutely wrong with the theme i was using. That should have been a nice big warning flag that it wasn't Firefox at fault.
|
# ? Dec 25, 2017 11:51 |
|
Bieeardo posted:Does anyone have that link to the spreadsheet of popular older add-ons, their state of adaptation, and alternatives?
|
# ? Dec 25, 2017 13:21 |
|
isndl posted:That should have been a nice big warning flag that it wasn't Firefox at fault. Usually I'd agree, but it only occurred to firefox once it updated so that hid the problem a bit.
|
# ? Dec 25, 2017 13:31 |
|
Storm One posted:https://docs.google.com/spreadsheets/d/1TFcEXMcKrwoIAECIVyBU0GPoSmRqZ7A0VBvqeKYVSww/htmlview That's the one I was looking for. Thank you, too!
|
# ? Dec 25, 2017 19:10 |
|
Storm One posted:https://docs.google.com/spreadsheets/d/1TFcEXMcKrwoIAECIVyBU0GPoSmRqZ7A0VBvqeKYVSww/htmlview Thanks for this link. I finally managed to find a halfway decent replacement for Image Zoom thanks to it.
|
# ? Dec 25, 2017 22:02 |
|
Some really cool Goon once posted this neat GreaseMonkey script to add a pretty handy search box to the SA Smilies page. It doesn't seem to work with the new version of GreaseMonkey anymore. Does any of you smart and/or cool Goons know how to fix it?code:
|
# ? Dec 25, 2017 23:42 |
|
Grant unsafeWindow and, if necessary, include your own version of jQuery and replace all instances of $ with "jQuery" instead. The new greasemonkey can be really temperamental. Inspect the browser console log (Ctrl shift J) to see if it says unavailable, in which case it sees something it doesn't like. New greasemonkey is buggy and will sometimes fail because of code that has been commented out.
|
# ? Dec 25, 2017 23:56 |
|
Geemer posted:Some really cool Goon once posted this neat GreaseMonkey script to add a pretty handy search box to the SA Smilies page. It doesn't seem to work with the new version of GreaseMonkey anymore. Does any of you smart and/or cool Goons know how to fix it? The new webex version of greasemonkey made some changes that break compatibility with old scripts. I get the feeling the re-writes needed aren't that onerous, especially for small scripts like yours. But their documentation is poo poo, I looked at the stuff and decided you need to already know how to write scripts to know what to change. Switch to tampermonkey if you have scripts that you want to keep using that are old and never gonna get updated.
|
# ? Dec 25, 2017 23:58 |
|
Desuwa posted:Grant unsafeWindow and, if necessary, include your own version of jQuery and replace all instances of $ with "jQuery" instead. I changed "@grant none" to "@grant unsafeWindow" and added a copy of jQuery to the top of the script, along with replacing all instances of $ with "jQuery". Console says "Script error: TypeError: jQuery(...).autocomplete is not a function" so I figured I'd need jQuery-Autocomplete as well and now it says "Script error: TypeError: jQuery(...).autocomplete(...).data(...) is undefined". I had to use the ctrl+shift+k console because the popout the j version gives me doesn't include errors from greasemonkey scripts for some reason?? I honestly got no clue what I'm putzing about with so you've got any other ideas, I guess I'll just have to search my smilies the old-fashioned way until I decide to bother porting all my poo poo over to Tampermonkey. Thanks for trying to help, though.
|
# ? Dec 26, 2017 01:07 |
|
Will SALR be updated to work with Quantum?
|
# ? Dec 27, 2017 16:37 |
|
kri kri posted:Will SALR be updated to work with Quantum? It's being updated but the development stalled? The two people who were working on it went silent in the other thread.
|
# ? Dec 27, 2017 16:43 |
|
iospace posted:It's being updated but the development stalled? The two people who were working on it went silent in the other thread. I hope it gets going again. I miss my dropdown menu and embedded youtube videos.
|
# ? Dec 27, 2017 17:49 |
|
I thought it was enqueued to be approved by Mozilla? Can we get some clarification?
|
# ? Dec 27, 2017 17:58 |
|
No. 9 posted:I thought it was enqueued to be approved by Mozilla? Can we get some clarification? Basic approval of add-ons is automated and happens almost instantly now (although I think there is a human review step for some add-ons?). I don't think that's the issue here.
|
# ? Dec 28, 2017 03:23 |
|
Avenging Dentist posted:Basic approval of add-ons is automated and happens almost instantly now (although I think there is a human review step for some add-ons?). I don't think that's the issue here. On my end, I'm just waiting to find the most up to date version of the port's source (people seem to have local repositories with extra changes or something). After that I can get a pre-release version signed for the people already on 57+, then do some testing/set up some data migration for people with legacy SALR still on Firefox <57 for a full release.
|
# ? Dec 28, 2017 03:42 |
|
|
# ? Apr 26, 2024 01:49 |
|
blackcat12951 posted:Could I please have some help with my menu text always being white? blackcat12951 posted:While I don't think I'm using a accessibility theme, changing to the default theme restored the menu text, so I'll figure out whats happening there. Thanks for that, prior searches never came up with it being windows fault. FWIW this looks like the problem I get when using Firefox over VNC with GPU acceleration enabled (although in this case just restarting Firefox within VNC solves the issue). Could have been a driver issue in your case?
|
# ? Dec 28, 2017 12:34 |