How would the wand help? Firefox asks you if it should save it or not. If you don't want it saved, just choose "Never for this site" or whatever it says. The wand is just annoying.
The theory is that the wand forces you, the user, to decide when you want your password plugged in for you each time you access a page. If you let firefox automatically do it, there was a hack that tricked it into inputting the password right into the hacker's hands.
Harq wrote:
Not to push Opera, but it is kinda nice that you have to actually push the little wand so it won't give it to sites you don't want it to 
(and when you do it logs you in to =P)
(and when you do it logs you in to =P)you dont even have to click, just ctrl-enter.
plus you dont actually have to click the login button on the site, so its actually more convenient, and more secure than FF.
...or you could just *not* use a password manager which is always vulnerable to falling prey to some form of evil 
Seriously, encrypted USB drive w/ all my passwords, on my person, at all times - most secure method possible
Seriously, encrypted USB drive w/ all my passwords, on my person, at all times - most secure method possible
Couldn't you just memorize your passwords so that there is no copy of them anywhere, except in your mind. Although, I guess if you were tortured an encrypted USB drive might hold up better than yourself.
Chipmaster wrote:
Couldn't you just memorize your passwords so that there is no copy of them anywhere, except in your mind. Although, I guess if you were tortured an encrypted USB drive might hold up better than yourself.
That's what I do, normally, but for sites that I rarely visit, its harder to have their passwords memorized, so I also have them written down (which is recommended in the event you can't remember your password)
you should create safely levels of passwords that's something sites that you never visit or rarely you use the same password for other sites that you use too mutch i advise you to have different and something like this 'asfd13', this will prevent the attacker to bruteforce you r password.... regards rayden
He's got a good point. I have a password I use for random fora and unimportant sites, a bunch of passwords I use for semi-important stuff, and a couple of long, nonsensical mixed-case passwords I use for the most important logins.
being bruteforced online is extremely unlikely. Look how long it takes on a computer to brute-force a local file. Toss in network time, page transfers, and the server speed, and you are looking at many years to brute force an online password of any decent length (>6) - which will certainly draw attention of any admin
Still, passwords based on obvious info about you (names, pets, relatives, address, etc) can be cracked much, much more quickly by someone who knows you.
I probably should get around to changing my email password (but my gw password is completely nonsensical and it came from a bunch of random words I typed a long time ago when making a character in Runescape to test something 
)
)
Any fool can use a computer. Many do.
I haven't been on gw for a while. I heard there is a portable version out, though. That may be worth buying a 2gb flash drive for.
I'll play GW when they make a linux build, or wine get's around to supporting it. As neither of those will be coming true for quite some time, I won't be playing GW.
when i refer bruteforce i do not refer only normal bruteforce by trying all key letters combination but also dictionary attack whitch is more faster and don't try all key combinations that's why random passwords are more safe.... because an hacker will think that your password may be in first place on his passw dictionary.... a dictionary is a file with GB of passwords...
rayden wrote:
when i refer bruteforce i do not refer only normal bruteforce by trying all key letters combination but also dictionary attack whitch is more faster and don't try all key combinations that's why random passwords are more safe.... because an hacker will think that your password may be in first place on his passw dictionary.... a dictionary is a file with GB of passwords...
most of us know what a dictionary attack is
rayden wrote:
when i refer bruteforce i do not refer only normal bruteforce by trying all key letters combination but also dictionary attack whitch is more faster and don't try all key combinations that's why random passwords are more safe.... because an hacker will think that your password may be in first place on his passw dictionary.... a dictionary is a file with GB of passwords...
...and everything I said before about bruteforce applies equally as much to dictionary attacks. It will *still* take forever online, and it *still* isn't a plausible attack for getting someone's online passwords
first off, while kllrnohj is right about network transfer speeds being prohibitive, a dictionary attack dramatically reduces the time needed as compared to a normal bruteforce attack, however what neither of you have considered is that most people dont run bruteforce OR dictionary attacks over a network, they steal a hash of the password, and bruteforce off of that.
Register to Join the Conversation
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Advertisement