|
It's not that weird for people of a certain demographic to never log on anything important on their phones. Lots of millennials who grew up as dork rear end nerds posting on forums probably do all their important stuff on a desktop and only use their phone as a media device with texting capability.
|
# ? Jan 8, 2023 17:09 |
|
|
# ? May 16, 2024 00:59 |
|
Ras Het posted:This is a pretty weird question to ask. A lot of people don't really use computers for anything that doesn't specifically require using a big keyboard. Everything is done on phones, and pretty much every workplace, school etc will have at least one mobile platform you need to log on to. And because of two-step verification I need to log into things on my phone to log into things on my computers Sorry it's weird? I graduated university ~5 years ago and have worked at a couple different corporations and none of them required being logged into anything on my phone PiratePrentice posted:It's not that weird for people of a certain demographic to never log on anything important on their phones. Lots of millennials who grew up as dork rear end nerds posting on forums probably do all their important stuff on a desktop and only use their phone as a media device with texting capability. Yeah I guess this describes me lol
|
# ? Jan 8, 2023 17:11 |
|
Killingyouguy! posted:How often do other people need to type passwords into their phones anyway? The Twitter and SA apps boot me out about once a year and I think those are the only apps I have that require a login I don't like to do personal stuff on my work computer. Lately I've have to input passwords on my phone during work hours for stuff like:
|
# ? Jan 8, 2023 17:37 |
|
For anyone who isn't quite sure what we're all even talking about, here's Password Managers 101. A password manager, in its most basic form, is a program that runs on your local computer and stores login/password information for you in a secure way so that you don't have to remember it. I say it's stored in a secure way because the database file with all your passwords in it is encrypted with the one (hopefully good and long) password that you DO have to remember. When you want a password, you use that password to open the password manager database, then copy-paste the password you want from the password manager to the web browser or whatever. (You can get fancier than copy-paste, with autotyping or browser plugins, but I'm keeping it simple here.) Password managers might seem a little complicated if you haven't used them, but they're really pretty simple. Here, try one out for yourself. KeePassXC is a good one: it's cross-platform, free and open-source, not dependent on cloud anything, and trusted by infosec nerds. If people want I could type up a whole tutorial, but just play around with it, you'll figure it out. Make yourself a demo database, create some entries for fictitious websites and generate world-class passwords for all of them that are unique in the history of the world and simply can't be brute-forced in less time than the present age of the universe, and are therefore much better passwords than your dog's name with a couple of numbers after it. Once you start using a password manager in real life, that little database file becomes rather important, so you'll want to keep it backed up somewhere in case of a hard drive failure or accidental deletion. Fortunately, it's heavily encrypted, so you don't need to be too picky about where you put it -- tossing a copy onto your Google drive, and doing so every time you add or change something, works fine. So does giving a copy to your mom for safekeeping. (Just don't catch-22 yourself and have your only backup copy of the database stored somewhere that you can only get into with a password in that database.) You can get fancier with this; there are various forms of automatic cloud sync available, and some password managers natively live in the cloud, but again, I'm just keeping it simple for now. Questions? Slimy Hog posted:How do you log into things on mobile? There are mobile apps for KeePass, 1Password, and all the rest, which work exactly like the desktop apps. abelwingnut posted:this is no small question, but certainly related—how close are we technologically to moving on from passwords? Passkeys are supposedly going to be the next big thing -- you can think of this as a system that automates all the manual steps you currently have to do yourself when using a password manager. But do note that there are still major issues with cross platform compatibility, and very few sites even support it yet. The infosec community is far from unanimous on whether it's even a good idea in the first place. For now, your best bet is a good old fashioned password manager storing passwords that look something like xG'A6QpE)r/LzbIy-k=B.
|
# ? Jan 8, 2023 17:58 |
|
Powered Descent posted:There are mobile apps for KeePass, 1Password, and all the rest, which work exactly like the desktop apps. Better than the desktop apps, imo. Phones have better integration for password managers. The process just becomes: tap on login field, tap on popup for password manager, type in master password, and then the field autopopulates and you click login. Not as much copy/paste, though sometimes it does get confused by forms and you do need to do that, but less often than desktop.
|
# ? Jan 8, 2023 18:10 |
|
tuyop posted:No you can’t lol If you need to print your likeness onto a mannequin, or even make a parameterized sculpture, that's still entirely doable. There's only so many ways your phone can collect data about your face, and all an attacker needs to do is deceive those sensors. The point isn't that it's trivial to fake a biometric check, just that it's foolish to assume that it's impossible. And if it does get cracked, there's nothing you can do about it because you can't change your biometrics.
|
# ? Jan 8, 2023 19:45 |
|
Why are recliners so drat expensive? In my country, there's one store that sells them and they go for upwards of $600. God drat. IKEA has a recliner but I reckon it'll be poo poo. I'm still going to try it out this weekend but I don't have high hopes. I just really don't wanna drop so much money on a chair. I had a recliner in the UK but it was cheap cause I nabbed it from a charity shop.
|
# ? Jan 8, 2023 19:47 |
|
Furniture in general is expensive. IKEA is a miracle of economy, producing decent furniture at rock-bottom prices. As a side-effect, it's completely distorted peoples' perceptions of how much things cost. If you want non-lovely furniture that IKEA doesn't make, be prepared to spend a lot of money. Recliners in specific are probably expensive first because of the mechanisms, and second because, due to the reclining action, they have to be able to stand up to forces coming at them from a variety of angles. Most cheap furniture is designed to be strong in exactly and only the way in which they're expected to be used, and will fall apart if forces hit them from an unexpected angle. That's harder to accomplish with a recliner.
|
# ? Jan 8, 2023 20:02 |
|
Yeah, good furniture is expensive and recliners are furniture with moving parts that can wear out and break. I'm actually typing this while sitting in a recliner that randomly drops an inch and scares the poo poo out of me because the ratchet mechanism has worn out.
|
# ? Jan 8, 2023 20:27 |
|
TooMuchAbstraction posted:And if it does get cracked, there's nothing you can do about it because you can't change your biometrics. Some people claim that this mean biometric data is a username, not a password. I think that's pretty convincing.
|
# ? Jan 8, 2023 20:37 |
|
Dr. Stab posted:Better than the desktop apps, imo. Phones have better integration for password managers. The process just becomes: tap on login field, tap on popup for password manager, type in master password, and then the field autopopulates and you click login. Not as much copy/paste, though sometimes it does get confused by forms and you do need to do that, but less often than desktop. Not sure which password manager you use but for keepass hitting ctrl+v over your password entry will alt-tab to the most recent window and type in your username / password, or whatever you program in instead. For the aforementioned constantly-logged out Google account I removed the entering the username part, so it just auto-tabs back and re-signs me in by just typing password.
|
# ? Jan 8, 2023 20:39 |
TooMuchAbstraction posted:If you need to print your likeness onto a mannequin, or even make a parameterized sculpture, that's still entirely doable. There's only so many ways your phone can collect data about your face, and all an attacker needs to do is deceive those sensors. The point isn't that it's trivial to fake a biometric check, just that it's foolish to assume that it's impossible. And if it does get cracked, there's nothing you can do about it because you can't change your biometrics. It would also have to have moving eyes that can be tracked looking at the screen. I guess that’s also doable, but things are getting silly here since the device defaults to a password when powered down or if the Face ID check fails a certain number of times.
|
|
# ? Jan 8, 2023 20:50 |
|
Tesseraction posted:Not sure which password manager you use but for keepass hitting ctrl+v over your password entry will alt-tab to the most recent window and type in your username / password, or whatever you program in instead. For the aforementioned constantly-logged out Google account I removed the entering the username part, so it just auto-tabs back and re-signs me in by just typing password. That's already more work than on the phone, where it already knows which site or app is requesting the password, and that it is requesting a password right now. You can't do the google account macro on the phone, I don't think.
|
# ? Jan 8, 2023 23:27 |
|
I have a fuckton of passwords for work, like 30-40 and like half of them change constantly. I keep all of them in a locked iCloud note on my iPhone. When I need a password I open my phone with my face or my passcode and then I open the document which again requires either my face or a different password from the code used to unlock the phone. When a password changes, I immediately open the document and update the line with that password. This works great for my purposes and seems pretty secure to me, but please tell me why this is wrong and stupid.
|
# ? Jan 8, 2023 23:35 |
|
Password managers typically have autofill features so you don't have to manually copy-paste from your note / database, which also means you don't have to display all the passwords on screen when you open up the note. I think the iphone even has a builtin one called "iCloud keychain", probably a pain to sync with non-apple devices tho They also have built in secure password generators which is nice if you just want a random secure password for a new account. But overall yeah, assuming icloud's encryption for locked notes is decent quality, your method is basically fine, it's just a low-tech version of a password manager.
|
# ? Jan 8, 2023 23:50 |
|
Tiggum posted:I try the current password, and if it doesn't work then I reset it. Protip: if you have to reset a forgotten password, reset it to what you thought it was. That's already in your memory.
|
# ? Jan 9, 2023 00:08 |
|
The problem with that is that you’re likely remembering a previous iteration and most accounts prevent you from recycling old passwords.
|
# ? Jan 9, 2023 00:12 |
|
mllaneza posted:Protip: if you have to reset a forgotten password, reset it to what you thought it was. That's already in your memory. "You can't reuse the same password" has happened to me on a number of occasions doing that.
|
# ? Jan 9, 2023 01:02 |
|
At my old job it was surprisingly easy to not reuse the same password when we had to change it every year because it didn't apparently detect that I'd changed mypassword2014 to mypassword2015
|
# ? Jan 9, 2023 01:09 |
|
Tesseraction posted:At my old job it was surprisingly easy to not reuse the same password when we had to change it every year because it didn't apparently detect that I'd changed mypassword2014 to mypassword2015 And then I wrote it down anyway.
|
# ? Jan 9, 2023 03:02 |
|
if your uni can even keep track of that it means they have really bad password security. they should never actually be storing your password anywhere, only a non-reversible cryptographic hash of it
|
# ? Jan 9, 2023 03:06 |
|
RPATDO_LAMD posted:if your uni can even keep track of that it means they have really bad password security. They can still do some basic checks, e.g. if minor permutations of your new password produce the same hash as the old password. But yeah, it's more likely they were storing the password in plaintext somewhere. :\
|
# ? Jan 9, 2023 03:20 |
|
The “trick” is that in a mandated password change, you usually just typed in the old password. So they can check the new one against it for similarity.
|
# ? Jan 9, 2023 03:20 |
TooMuchAbstraction posted:They can still do some basic checks, e.g. if minor permutations of your new password produce the same hash as the old password. But yeah, it's more likely they were storing the password in plaintext somewhere. :\ I thought the whole point of a hash was that small differences made totally different hashes?
|
|
# ? Jan 9, 2023 03:49 |
|
Carillon posted:I thought the whole point of a hash was that small differences made totally different hashes? Yes, but if you make some small change to the new password and it hashes to the existing hash...
|
# ? Jan 9, 2023 03:56 |
|
hooah posted:Yes, but if you make some small change to the new password and it hashes to the existing hash... Then someone's using a broken hashing algorithm
|
# ? Jan 9, 2023 03:57 |
|
dupersaurus posted:Then someone's using a broken hashing algorithm No? If a person's current password is password2022 and they're trying to change it to password2023, the input program can go "well, I'll change the last digit by one and see if it matches the hash I have stored".
|
# ? Jan 9, 2023 04:27 |
|
Yeah you could do stuff like store the hash of certain substrings and compare those - like the first and last x characters as well as the whole hash. Wouldn't be that bad security wise to do that. But yeah I'd bet in most cases when you see that kind of message they're just storing the plaintext.
|
# ? Jan 9, 2023 04:39 |
|
nvm, reading comprehension
|
# ? Jan 9, 2023 15:07 |
|
smackfu posted:The “trick” is that in a mandated password change, you usually just typed in the old password. So they can check the new one against it for similarity. You know I hadn't thought about that, that's a pretty clever way of getting your plaintext password for comparison without having ever stored it.
|
# ? Jan 9, 2023 15:24 |
|
Reading data that the user typed in isn't clever.
|
# ? Jan 9, 2023 16:03 |
|
ultrafilter posted:Reading data that the user typed in isn't clever. Well, I presume that it takes the plaintext passwords, runs the usual hash to check it's the correct password, and then stores it in transient memory until the user puts in the new password in order to check it's not the same or similar.
|
# ? Jan 9, 2023 16:12 |
|
Would it be weird if I changed my last name to something random I've picked out? I'm divorced, and I could have gone back to my maiden name during the process but I never liked that name (both because of rear end in a top hat family members and it just has a clunky sound.) I know my ex husband would like it if I no longer had his name (tho there's no pressure from him or anything like that.) I'm trying to get my dumb, drama-filled life back on track and a new last name feels refreshing. I know it will cost money and I'll have to change my name everywhere and that sucks. I don't see myself getting married again. I dunno, do people do this?
|
# ? Jan 9, 2023 19:23 |
|
I know of at least one couple who took a portmanteau of their last names when they got married. That's not exactly your situation but it's close.
|
# ? Jan 9, 2023 19:28 |
|
I had a friend who got married and they both took a made up name to distance themselves from lovely family. It was five and good even after they divorced. So if you're okay with the practicalities and explaining a bit, it's cool. Just don't pick Skywalker or Snow or some dumb nerd poo poo please. Or at least make it more obscure.
|
# ? Jan 9, 2023 19:35 |
|
BonHair posted:Just don't pick Skywalker or Snow or some dumb nerd poo poo please. Or at least make it more obscure. credburn posted:Hey gang
|
# ? Jan 9, 2023 19:48 |
|
Changing your name when you get divorced isn't unusual, one of my teachers in kindergarten did it and while we were confused that a name changes like that we get over it within a week.
|
# ? Jan 9, 2023 19:52 |
|
My neighbor's son changed his name to some made up bullshit when he was in his 20s I think, so sure, why not if that's something you'd like?
|
# ? Jan 9, 2023 21:16 |
|
poo poo it's your name, do what you want (no slurs please).
|
# ? Jan 9, 2023 21:36 |
|
|
# ? May 16, 2024 00:59 |
|
is there a way to find out if a property has been sold if it wasn't MLS listed?
|
# ? Jan 10, 2023 03:00 |