|
Subjunctive posted:When did you stop reusing your passwords? A couple of years ago. Edit: Sorry for contributing to the derail. If it matters, my first post on the subject did contain the thread mascot. I'll shut up now. theHUNGERian fucked around with this message at 17:15 on Mar 25, 2018 |
#
?
Mar 25, 2018 17:09
|
|
|
|
| # ? Apr 19, 2024 22:24 |
|
|
I mean lol if you don't use hunter2 for every password.
|
|
#
?
Mar 25, 2018 17:38
|
|
|
hailthefish posted:Congratulations on your future 75 cent settlement. The class attorneys estimate $235, FACTA violations have very, very stiff statutory penalties per violation.
|
|
#
?
Mar 25, 2018 17:48
|
|
|
Hot Dog Day #91 posted:I mean lol if you don't use hunter2 for every password. Doesn't look like stars to me.
|
|
#
?
Mar 25, 2018 17:52
|
|
|
Switchback posted:A few days ago during my commute I pulled up behind one of these at a stop light. On the back window, in about 6" tall letters, the owner had put the words "FINANCIAL MISTAKE". (Yes, all caps too). Instant laughter + terrible feeling for all the owners of them.
|
|
#
?
Mar 25, 2018 18:14
|
|
|
https://twitter.com/imrichardmorris/status/923980655050002432
|
|
#
?
Mar 25, 2018 18:17
|
|
|
Haifisch posted:Cornholio??? It's okay, he's better now. Now he just has an old cheap Porsche. Much better. Actually probably genuinely better since it's not a daily driver and there's enough of them in junkyards to get cheap parts
|
|
#
?
Mar 25, 2018 18:19
|
|
|
22 Eargesplitten posted:It's okay, he's better now. Now he just has an old cheap Porsche. Much better. I daily drove one for 7 years. It cost about as much to maintain as a boring asian econobox. When they're actually put back into good repair and maintained they're surprisingly cheap and reliable.
|
|
#
?
Mar 25, 2018 19:22
|
|
|
There's an occasional gem from Bogleheads. Shame Fatwallet is closed down, since this guy was definitely on there at some point. On the brightside, they probably did save him 2%.quote:So, Merrill Edge sold all of my ETFs without my consent. They provided me notice about a month ago they were closing my CMA(Taxable Brokerage) account so I transferred that to another firm, but they never provided any notice about my IRA. I found out this morning that the liquidated all of my positions yesterday. I complained this morning but they basically told me to pound sand. quote:Right now it is down, but that may change by the time it gets over to TDAM. Someone looked at his post history: quote:"Yikes, I've been using Ally as my primary "hub" for all my bonuses and MS since Fido shut me down last year. I too use this as my account for everything and keep a hefty balance. But, there is quite a lot moving in and out between different places, recently started using billpay as I'm hoping they don't frown upon that. Seriously there are better ways to ML like real estate. Its a shame that normal people that have a side hobby get caught up in this nonsense." Guessing he'll be banned from TDAM in a year.
|
|
#
?
Mar 25, 2018 20:47
|
|
|
continuing on secfuck derail half the passwords for poo poo at the company i'm at are like stupid 7 bit things i keep on requesting a real password policy that consists of "use a password manager and 2fa. like, real 2fa dumbass sms doesnt count" cto is like nah maybe i should suggest wargames or somethin
|
|
#
?
Mar 25, 2018 21:02
|
|
|
My old ISP was bad with money because one time I called them for something and they asked me for my password. Not like a customer service pin or anything like that, but my full on online user ID and password. Then when I couldn't remember which one I used the rep offered up the first few letters to help me, albeit with a stifled laugh (it was beeffarts). I was like "uhhh you have plaintext access to my account password???". They weren't my ISP for much longer after that. It was Teksavvy for anyone in  that cares.
|
|
#
?
Mar 25, 2018 21:18
|
|
|
I’d honestly buy a 944 turbo if I could ever find one locally 
|
|
#
?
Mar 25, 2018 21:20
|
|
|
meat police posted:I’d honestly buy a 944 turbo if I could ever find one locally Those can also be inexpensive to drive, providing you have a level of self control I do not possess. The one I had ended up with a retardedly large turbo, all of the poo poo to make that work, and then I just kept breaking and upgrading parts of the driveline as the inappropriate power level and my inability to not use full throttle all the time destroyed the car around me. So yeah, don't be me. Buy a nice stock one, decide that is good enough, and maintain it well.
|
|
#
?
Mar 25, 2018 21:37
|
|
|
Amara posted:So what do you do for websites with 3 challenge questions and they don't let you use the same "answer" for all 3? legendof posted:I use a password manager, have it generate random strings that I use for the answers, and then store the question and answer in the password manager as well. meat police posted:I’d honestly buy a 944 turbo if I could ever find one locally
|
|
#
?
Mar 25, 2018 21:50
|
|
|
Harry posted:There's an occasional gem from Bogleheads. Shame Fatwallet is closed down, since this guy was definitely on there at some point. On the brightside, they probably did save him 2%. Okay, I figured out MS is manufactured spending, but what does that have to do with his retirement accounts.
|
|
#
?
Mar 25, 2018 21:57
|
|
|
Dillbag posted:My old ISP was bad with money because one time I called them for something and they asked me for my password. Not like a customer service pin or anything like that, but my full on online user ID and password. Then when I couldn't remember which one I used the rep offered up the first few letters to help me, albeit with a stifled laugh (it was beeffarts). I was like "uhhh you have plaintext access to my account password???". They weren't my ISP for much longer after that. I also have multiple bad experiences with Teksavvy not showing up to appointments to install service. BWM for preventing customers from trying to give them money.
|
|
#
?
Mar 25, 2018 22:24
|
|
|
BEHOLD: MY CAPE posted:I bought $5 of chocolate from Godiva in the mall and apparently they illegally printed credit card information on the receipt. so now I am a class member in a lawsuit and in theory will receive a settlement of many times what I spent. So GWM I guess in the end. I worked for a Chinese restaurant that did this. Occasionally customers would notice and get angry, so they started drawing a sharpie line across the CC number. They would ask me to fix the computer system and I would say “sorry, your windows ME operating system is in Chinese...” I figured out how to play solitaire on the POS systems so they thought I was an IT wiz. They went out of business. Other illegal things they would do is advertise jobs for a “Mexican dishwasher” and had the policy “no checks from black people.”
|
|
#
?
Mar 25, 2018 23:39
|
|
|
Harry posted:There's an occasional gem from Bogleheads. Shame Fatwallet is closed down, since this guy was definitely on there at some point. On the brightside, they probably did save him 2%. What is MS and ML? I don’t understand what’s going on here.
|
|
#
?
Mar 25, 2018 23:45
|
|
|
Switchback posted:What is MS and ML? I don’t understand what’s going on here. well ML is money laundering, and since MS is apparently manufactured spending, it sounds like Merill Lynch heard this guy likes to fraud banks and decided to eject his retirement savings into his lap rather than deal with him.
|
|
#
?
Mar 25, 2018 23:56
|
|
|
Switchback posted:What is MS and ML? I don’t understand what’s going on here. MS = manufactured spending (to chase credit card rewards) ML = money laundering He was using a bunch of sketchy tricks to generate phantom spending to rack up credit card rewards. What he calls "minor MS" looked a lot like money laundering to his bank, BoA, that they said "we're terminating our relationship, take your money and get the gently caress out before you bring the feds down on us." BoA owns Merrill Lynch, so they terminated that relationship, too. It sounds like this isn't the first banking relationship he's burned, but he just keeps  ing over how the banks are chasing down poor hobbyists who just want to move money around a bunch of accounts in a way that's supposed to look like real spending.
|
|
#
?
Mar 25, 2018 23:56
|
|
|
22 Eargesplitten posted:It's okay, he's better now. Now he just has an old cheap Porsche. Much better.  I wish it would break down more. I bought it as a project and it's in way too good condition to be called a project. I do wish the local pick-n-pull would get one, they haven't had one in awhile and I need trim pieces. (lmao at that dude with the MINI though... ours was pretty reliable but it had low mileage and was under the factory warranty most of the time we had it. The nearest dealership was 90 miles away though, and it wasn't fun driving 90 miles to get the broken power steering pump replaced under warranty...)
|
|
#
?
Mar 25, 2018 23:59
|
|
|
ohgodwhat posted:there are a lot of people who read this and set their password to correct horse battery staple lol I'm going to use that as my bitcoin wallet wait, where'd all my bitcons go??!?!? https://blockchain.info/address/1JwSSubhmg6iPtRjtyqhUYYH7bZg3Lfy1T
|
|
#
?
Mar 26, 2018 02:36
|
|
|
bob dobbs is dead posted:continuing on secfuck derail I help people with passwords for their personal accounts every day. People are terrible, beyond terrible with passwords. And instead of figuring out a fix, or researching to see if there is a better way, they just keep going to their local cell phone store or Apple store to have it reset.
|
|
#
?
Mar 26, 2018 12:13
|
|
|
22 Eargesplitten posted:Randomized passwords from password managers regularly have over 100 entropy bits even for the 16 character ones. That doesn't matter as much as you'd think it would. Because IT idiots store the hashes unsalted, so when an attacker gets hold of /etc/password everything they find there has been pre-cracked via rainbow tables already. The only defense against that is password length (or non-idiot IT people who just bother to salt the things sufficiently). If it's only 16 characters long, it's already cracked. The new NIST guidelines for password policies make a gently caress ton of sense: 1. Stop with the regular forced password changes, they make things less secure. 2. Stop with the password complexity requirements, they make things less secure. 3. Screen the passwords against a list of the most commonly-used passwords. Phanatic fucked around with this message at 17:02 on Mar 26, 2018 |
|
#
?
Mar 26, 2018 16:59
|
|
|
Phanatic posted:1. Stop with the regular forced password changes, they make things less secure. My work makes you change your password every 3 months, and it leads to people going "Oh, I just make it my old password with a 1/2/3/4/etc on the end so I don't have to keep remembering new passwords". Super secure! 
|
|
#
?
Mar 26, 2018 17:04
|
|
|
Speaking of bad with money, we started a crowd fund for charity to permban BFC superstar zaurg. It's been met with some resistance, as people find him entertaining, but it's for a good cause. All of the money goes to disadvantaged Miami-Dade area children, as Z man himself said something about not wanting to send his kids to school in a district that had too many minorities or something. I should probably go back and clarify that. Anyway, if anyone wants to toss some money towards it, the details are over in the zaurg thread.
|
|
#
?
Mar 26, 2018 17:34
|
|
|
Phanatic posted:That doesn't matter as much as you'd think it would. Because IT idiots store the hashes unsalted, so when an attacker gets hold of /etc/password everything they find there has been pre-cracked via rainbow tables already. The only defense against that is password length (or non-idiot IT people who just bother to salt the things sufficiently). If it's only 16 characters long, it's already cracked. Yeah, I prefer longer passwords too. It’s just not unusual for them to be maxed out at 16 characters or 20 or something. I think SA is 20. So probably easily cracked since Radium. That’s also why you shouldn’t save card numbers or SSN to a website unless it’s absolutely necessary, like your student loan servicing site. Although the cat is probably out of the bag on the SSN (thanks Equifax). My Google password is 60 characters, and my memorized password to the password manager is 25 with no words. Can’t remember if I said that in this thread already.
|
|
#
?
Mar 26, 2018 17:46
|
|
|
Haifisch posted:I always wondered about that one. I had a high-level manager in our office who was out of town. His secretary needed to do something from his computer, but he was on a flight and unreachable. I asked if she knew his password, she said no. I lifted his keyboard and found the sticky note with it right there. It was so commonplace at that office that we might as well not have used any passwords.
|
|
#
?
Mar 26, 2018 17:46
|
|
|
I just helped a woman get into her account last week. She needed to change her password. She tried to use her name and her birth year, and put it on a sticky note  .Before that she left her desk right after asking for help and left instructions for me to log on with her password left on a sticky note. I did not. Granted, she’s like 70 years old, but she should still know better.
|
|
#
?
Mar 26, 2018 17:54
|
|
|
Moneyball posted:Speaking of bad with money, we started a crowd fund for charity to permban BFC superstar zaurg. It's been met with some resistance, as people find him entertaining, but it's for a good cause. All of the money goes to disadvantaged Miami-Dade area children, as Z man himself said something about not wanting to send his kids to school in a district that had too many minorities or something. I should probably go back and clarify that. I don't think I can contribute to that in good faith.
|
|
#
?
Mar 26, 2018 18:24
|
|
|
theHUNGERian posted:A couple of years ago. Was this a reference to the, when did you stop beating your wife?? Trap question?
|
|
#
?
Mar 26, 2018 18:33
|
|
|
GoGoGadgetChris posted:Was this a reference to the, when did you stop beating your wife?? Trap question? yes.
|
|
#
?
Mar 26, 2018 18:34
|
|
|
Subjunctive posted:yes. Lol I like
|
|
#
?
Mar 26, 2018 18:45
|
|
|
legendof posted:You can also use aliases in Gmail: For sites that don't allow + you can also enter periods into your email address to help identify spammers or for other personal reasons. Firstlast@gmail, first.last@gmail, f.i.r.s.t.l.a.s.t@gmail will all end up in the same inbox.
|
|
#
?
Mar 26, 2018 19:24
|
|
|
Since most password hacks seem to originate from places like Yahoo losing 1 million passwords, Grandma with the sticky note and simple password is probably just as secure as all you clever-clogs with passwords like $@^$^U@$(^999uu935nlknglke11horse.
|
|
#
?
Mar 27, 2018 02:31
|
|
|
saw the word Horse today
|
|
#
?
Mar 27, 2018 02:31
|
|
|
BarbarianElephant posted:Since most password hacks seem to originate from places like Yahoo losing 1 million passwords, Grandma with the sticky note and simple password is probably just as secure as all you clever-clogs with passwords like $@^$^U@$(^999uu935nlknglke11horse. Definitely use two factor auth on any platform you remotely care about protecting your identity on. The password just needs to be good enough, but don't use 123456 or some nonsense.
|
|
#
?
Mar 27, 2018 02:59
|
|
|
Use 50 characters minimum and see what platforms complain about the password being too long. Alternatively the last portion of your password should include a buffer overflow attack.
|
|
#
?
Mar 27, 2018 03:04
|
|
|
BarbarianElephant posted:Since most password hacks seem to originate from places like Yahoo losing 1 million passwords, Grandma with the sticky note and simple password is probably just as secure as all you clever-clogs with passwords like $@^$^U@$(^999uu935nlknglke11horse.  but there are 208.8 billion permutations for 8 letter long strings, not including upper case, not allowing numbers, or symbols. The odds of any given one having been harvested, especially when you end up with upper case, numbers, and allowed symbols, is fairly low.
|
|
#
?
Mar 27, 2018 03:09
|
|
|
|
| # ? Apr 19, 2024 22:24 |
|
|
If you had a Yahoo account in 2013, the chance of that account's password being compromised is literally 100% https://www.nytimes.com/2017/10/03/technology/yahoo-hack-3-billion-users.html
|
|
#
?
Mar 27, 2018 03:19
|
|
