Sometimes you just have to laugh… but this isn’t one of them.

I actually think it´s rather funny Doc

When I was using WiFi, some of the passwords were their last name... or the name of they're business.  Go figure. Small, trusting town.  

When it comes to passwords, the old saying "the best place to hide is in plain site" should be totally ignored.

The part about loging in to Public WiFi networks and putting in passwords and stuff, some people may want to consider checking out this video from Hak5 http://revision3.com/hak5/mark3engage about the pineapple device so they can see the devices out there designed to steal info from people using public WiFis. They made it look like a 5 year old could do it.

Fuck these people. How dare they not embrace new technology as fast as I do?!

Oh man, you wouldn't BELIEVE the discussion I had yesterday with a potential client. They were interested in having some sort of intranet produced. I asked them what they were using today, and in terms of security what they had. One of the highest ranking lawyer firms where I live, told me flat to my face that 1) they didn't really have any security, and 2) they weren't that interested in it. They said "we haven't really had any problems with security", and I told them there was no way for them to know that, for all they knew their "enemies" could be reading it right now and they'd have no way of knowing.

They told me they'd be interested in spending maybe 20-25k dollars on a new intranet, and I told them I wasn't interested in doing business with them (way too much liability when they get hacked). Then I told them, for their kind of turnover and the required security of the information, they'd be looking at at least 500k+ one-time investment and a permanent employee to at least get a fairly good sense of security.

These people handle millions of dollars on a daily basis, and if I had stolen their laptop (or anyone on the street, for that matter), I would have had instant access to _all_ their files. And this is what really blows my mind. They don't even use passwords in the traditional sense - it's all "saved" passwords, ie you type it in once and then the browser or software saves it so you don't have to fill it in again.

If there ever is a skynet with robots taking over the world, I don't imagine there will be a lot of laughing. But I reckon the robots will get a good laugh out of seeing their security.

They can't steal it if it isn't out there. Online storage ... nope. Bank accounts on line ... nope. So screw 'em. 

I believe that. It's not understanding or underestimating the need for security.  

These are hard working, salt of the earth, what makes our Country great, people. I find that harsh and unnecessarily foul. 

I know your kidding but, I had to speak up for these nice folks.

Uhm, yes, that's exactly what it is. Even if they really haven't had any problems, that's a horrible attitude to have when you deal with extremely sensitive information stored digitally.

Fact. Wonder how many more there are?

A few of my favorites:

iforgot

secret

unknown

Now stop it!  You folks have just listed all my choices for passwords. 

You know he was talking about lawyers right?

OT; amazing that there still are so many people using passwords like these. Although I have to admit one of them looks very familiar, I used a variation on it when I first started using sites that required logins.

You mean using different passwords for different sites? Because I have a few sites that share passwords, mostly news sites and the like. Even if they were hacked, the biggest hassle would be having to make a new account and reporting the old one.

Yes. Using the same password on a number of sites.

My password is ******

I found that the best password is a whole sentence. Five words or more. Let them try and crack that one. HA!

 I've used that password before.

That's because you're a.... star.

Definition of a strong password:

A password that is hard to detect both by humans and by the computer. Two
things make a password stronger: (1) a larger number of characters, and (2)
mixing numeric digits, upper and lower case letters and special characters ($, #, %, etc.).

To make it stronger, the site should salt and hash it, as well as any info stored on it.

I am paranoid about passwords, but unfortunately so many are not.  When on public Wifi, I always use VPN and then work that way.  I was a bit surprised by the list (I read the article before yours Doc) as while most are kind of DUH, a couple are not.  Ashley????

And then the inevitable teenager password-joke:

"I was requested to change my password, so I used 'penis' 

but it was too short '

some site don't even let you use that meany or the Special Characters and/or Numbers

but then again their not sensitive sites ie news, forum

Was not.   Where does it say lawyers and not normal folks with simple passwords?  

Heavenfall was, right here:

 He was speaking in general terms at the beginning. And only afterwards, did he decide to share the story. 

Probably cuz  of the way it looked. Rude.

Me, I use different passwords for my sins accounts and my non-sins accounts.  I don't use WiFi, so I'm safe there, and have never let anyone have my password, so I'm also safe there.  I was thinking about making a password document and ciphering my passwords...

Personally, just like I believe telemarketing should be illegal, I think you should be able to sue anyone who hacks your online info for at least lots of money.

'Course, I also believe that the public should be able to get programs that can detect proxy servers and that stuff that fry the hackers' computer.  I mean wipe it, make it unusable.