Thread: More reasons to store NOTHING on the Internet: Facebook exposes hundreds of millions of user login/passwords IN CLEARTEXT since 2012!
View Single Post
  #5  
Old March 24th 19, 02:43 PM posted to alt.comp.os.windows-10
Chris
external usenet poster
  
Posts: 832
Default More reasons to store NOTHING on the Internet: Facebookexposes hundreds of millions of user login/passwords IN CLEARTEXTsince 2012!
Davidm wrote:
On Sun, 24 Mar 2019 05:43:12 -0000 (UTC), arlen holder
wrote:

On Sun, 24 Mar 2019 06:13:24 +0100 (GMT+01:00), Libor Striz wrote:

One thing is the personal password policy.

Hi Poutnik,

FACTS + LOGIC.

Do not reuse passwords and change them at least after any revealed pw break.

LOGIC:
A good personal password policy is to _generate_ unique passwds securely
o And then to save those generated passwords _locally_ in encrypted form:
https://groups.google.com/d/msg/misc.phone.mobile.iphone/5Z15v7xP8so/fG_nz45HGwAJ

The best general purpose freeware for this type of security seems to be
*Linux*:
o https://sourceforge.net/projects/kee...test/download?
*Windows*:
o https://keepass.info/download.html
*Mac*:
o https://sourceforge.net/projects/kee...atest/download
*Android*:
o https://play.google.com/store/apps/details?id=keepass2android.keepass2android
o https://play.google.com/store/apps/details?id=com.android.keepass
*iOS*:
o https://itunes.apple.com/us/app/keepass-touch/id966759076
o https://itunes.apple.com/us/app/minikeepass/id451661808

SNIP
So how do you autogenerate passwords (eg with keepass) when many
institutions (particularly banks) won't tell you their password policy
(length, what characters are accepted/not accepted etc etc)?

How do you generate *any* password if the institution won't tell you the
rules? I can't think of any that don't.

Ads