Privacy generally

  • Thread starter Neddo
  • 38 comments
  • 1,957 views
N

Neddo

4,478
I really think that privacy is a huge problem today in this multiconnected world. For example, when I think about my passwords I want to hit myself in head just how weak they are
 
Last edited:
I'll just drop this in here on the subject of passwords:
password_strength.png
 
294 billion years here. But I put in one of my old passwords.
Isn't a site where you input your password for a computer to read a little dodgy? I mean, I don't know much about this sort of thing, but couldn't someone hack the website and see which ip addresses are putting in which passwords?
 
magic_town
294 billion years here. But I put in one of my old passwords.
Isn't a site where you input your password for a computer to read a little dodgy? I mean, I don't know much about this sort of thing, but couldn't someone hack the website and see which ip addresses are putting in which passwords?
Click to expand...
As far as I can tell, no requests are sent from the website so it's literally just like you typing on Notepad and the calculation runs based on input.

Well, I can't see any signs of data being sent/received. :lol:
 
In a thread about privacy and passwords, we have people entering their passwords into a random website they know nothing about to check the security of their passwords. Am I missing something here? I'd half expect to click on that link and have a graphic pop up saying, "I got your password now dumbass!"
 
Johnnypenso
In a thread about privacy and passwords, we have people entering their passwords into a random website they know nothing about to check the security of their passwords. Am I missing something here? I'd half expect to click on that link and have a graphic pop up saying, "I got your password now dumbass!"
Click to expand...

That's why I checked with similar length and different symbols.

13.7 billion years. I am the universe. I am the number 42.


(it's actually 14 billion years but heho)
 
Cowboy
Uh.....

View attachment 576772

Guess I'd better get on that.
Click to expand...

Did someone really create a website where you type in your password and then they tell you something about it? Holy crap, what a great fishing concept. Harvest tons of passwords, guess the username based on what you find out about the person from their IP address and any other information you can gather, try it on facebook, google, common banks...

Tell me none of you were typing your passwords into that site.
 
stolencreditcard.jpg


Danoff
Did someone really create a website where you type in your password and then they tell you something about it? Holy crap, what a great fishing concept. Harvest tons of passwords, guess the username based on what you find out about the person from their IP address and any other information you can gather, try it on facebook, google, common banks...

Tell me none of you were typing your passwords into that site.
Click to expand...
Frankly, that's one of the first things that went through my mind as well.
 
Hitleriscool apparently takes 3 hundred years.

So type something outrageous and offensive to trick everyone. :P
 
Danoff
Did someone really create a website where you type in your password and then they tell you something about it? Holy crap, what a great fishing concept. Harvest tons of passwords, guess the username based on what you find out about the person from their IP address and any other information you can gather, try it on facebook, google, common banks...

Tell me none of you were typing your passwords into that site.
Click to expand...

I had wondered that, but it seems that once your browser has the javascript loaded nothing goes backwards or forwards.

My favourite is still;

"OMG, I can't believe it, Facebook hides your password if you type it in your status accidentally..! ******** See!"
 
Johnnypenso
we have people entering their passwords into a random website
Click to expand...

Danoff
Did someone really create a website where you type in your password and then they tell you something about it?
Click to expand...

Not exactly - as far as I can see the script to calculate the cracking time is client-side, and what you type in isn't sent to the server. You can load the site, kill your internet connection and you'll still get a result if you type something in.

Edit: Ooops, tree'd.
 
TRGTspecialist
Not exactly - as far as I can see the script to calculate the cracking time is client-side, and what you type in isn't sent to the server. You can load the site, kill your internet connection and you'll still get a result if you type something in.

Edit: Ooops, tree'd.
Click to expand...

Yeah, I'm no expert either so I could be wrong, but if you look at the network log in google once the page has loaded, it doesn't seem to send any data anywhere (apart from something to tell social media ad-bots that you're interested in internet security, though again, this is a guess).
 
MatskiMonk
Yeah, I'm no expert either so I could be wrong, but if you look at the network log in google once the page has loaded, it doesn't seem to send any data anywhere (apart from something to tell social media ad-bots that you're interested in internet security, though again, this is a guess).
Click to expand...

Yeah I used Firebug to look at the traffic and it shows exactly what you say. Not that I blame anyone for being skeptical of a site they've never heard of asking for passwords, though.
 
MatskiMonk
I had wondered that, but it seems that once your browser has the javascript loaded nothing goes backwards or forwards.

My favourite is still;

"OMG, I can't believe it, Facebook hides your password if you type it in your status accidentally..! ******** See!"
Click to expand...

TRGTspecialist
Not exactly - as far as I can see the script to calculate the cracking time is client-side, and what you type in isn't sent to the server. You can load the site, kill your internet connection and you'll still get a result if you type something in.

Edit: Ooops, tree'd.
Click to expand...

MatskiMonk
Yeah, I'm no expert either so I could be wrong, but if you look at the network log in google once the page has loaded, it doesn't seem to send any data anywhere (apart from something to tell social media ad-bots that you're interested in internet security, though again, this is a guess).
Click to expand...

TRGTspecialist
Yeah I used Firebug to look at the traffic and it shows exactly what you say. Not that I blame anyone for being skeptical of a site they've never heard of asking for passwords, though.
Click to expand...

I didn't go there to look at the code. Maybe it's fine, but programmers are tricky people. I'm paranoid enough not to trust whether I have read the code well enough to know that nothing is overloaded with a replacement function that stores something locally until a later date and sends it out at that time. Then again, I have TFA on my google account because I expect it to get compromised at some point. I wish my bank supported that, I'd go for that in a heartbeat (I even send them a request to support it).

Edit:

Speaking of expecting things to get compromised. I have pioneered a system that I recommend to everyone. For automatic bill payments that you pay with a credit card (because you'd like to be able to dispute it and you want the cash back), set it up to draw from a card you use for NOTHING ELSE.

Have a dedicated credit card for "dirty" purchases supplied by a major card carrier. I use my VISA for this. Sketchy international website is the only one carrying what I want? VISA. Random ebay/paypal purchase? VISA. Basically anything non-trusted online? VISA.

When my VISA number gets stolen (which is about once per year), they overnight me a new card, refund any fraudulent charges, and life goes on. None of my billpay arrangements are interrupted. There is no hassle. I have a secondary card which is not my bill-payment card which can be relied upon in the meantime.

Here's the breakdown of my 3 major credit cards:
- Primary "dirty" card: 1.5% cash back on everything. Gets stolen regularly
- Costco VISA for travel, gas, restaurants.
- Bill-pay "clean" card: 1% on everything

This setup enables me to use my primary card with impunity online. BTW, don't ever use a debit card for anything ever.
 
Last edited:
If your password isn't a common or guessable one, its level of security is basically an exponent between the number of eligible characters and the number of characters in your password. For example, if a password is case-sensitive and allows numerals but not any punctuation or symbols, there are 56,800,235,584 possible six-character passwords, or 3,521,614,606,208 possible seven-character passwords.
 
- Starts thread called Privacy generally.

- Sends PM to everyone except me, explaining that the thread is actually about security specifically.
 
Wolfe
If your password isn't a common or guessable one, its level of security is basically an exponent between the number of eligible characters and the number of characters in your password. For example, if a password is case-sensitive and allows numerals but not any punctuation or symbols, there are 56,800,235,584 possible six-character passwords, or 3,521,614,606,208 possible seven-character passwords.
Click to expand...

I'm surprised no one else does what I do: type out the entire alphabet as a password.

Oh. Whoops.

That xkcd comic basically decided my password for me a few years ago. It's a phrase in multiple languages that's basically gibberish to anyone else.
 
So, err, the time needed for an average computer to crack a password, according to that website - that's just the raw time to run through enough random combinations to "guess" right password, I suppose? I mean, most websites block further log-in attempts after entering a wrong password a couple of times...
 

Similar threads

half_sourly
How do I check if a member has changed name or is no longer active?
Replies
0
Views
393
half_sourly
half_sourly
Exorcet
Best Time Period in History
2
Replies
54
Views
2K
DriveSpark
D
P
Brake assist?
Replies
14
Views
2K
JamCar0ne
JamCar0ne
mef
  • Poll
Digital IDs and how they will be used to control us
2
Replies
40
Views
3K
MatskiMonk
MatskiMonk
samsaoule
Spare parts....record of the world
Replies
5
Views
785
TurboBoy64
T

Latest Posts

Back