Thread: Amazon and DRM changes
View Single Post
Old 03-31-2023, 10:13 AM   #1947
Sirtel
Grand Sorcerer
Sirtel ought to be getting tired of karma fortunes by now.Sirtel ought to be getting tired of karma fortunes by now.Sirtel ought to be getting tired of karma fortunes by now.Sirtel ought to be getting tired of karma fortunes by now.Sirtel ought to be getting tired of karma fortunes by now.Sirtel ought to be getting tired of karma fortunes by now.Sirtel ought to be getting tired of karma fortunes by now.Sirtel ought to be getting tired of karma fortunes by now.Sirtel ought to be getting tired of karma fortunes by now.Sirtel ought to be getting tired of karma fortunes by now.Sirtel ought to be getting tired of karma fortunes by now.
 
Sirtel's Avatar
 
Posts: 13,580
Karma: 240526511
Join Date: Jan 2014
Location: Estonia
Device: Kobo Sage & Libra 2
Quote:
Originally Posted by A Lurker View Post
Spoiler:
The idea that you need to change your passwords regularly isn't really pushed by security experts anymore, so long as the passwords you're using are sufficiently long (a minimum of 14 characters) and unique (used only once).

Basically, the two most common ways a hacker can hack into your accounts are:

1.) They already have your password from an earlier breach. That's why it's important to use unique passwords. Even if hackers get your password for one site, they won't be able to crack other sites.

2.) They use brute force to crack your password, meaning they use a program that runs through every possible combination of digits. This is why length is far and away the most important factor. Each digit added to your password exponentially increases the number possible combinations.

All other password advice and tips might help on the margins, but aren't going to make as big a difference. And seeing how many of those other tips make creating and remembering passwords damn near impossible, they may do more harm than good. For example, people end up writing their passwords on sticky notes and attaching them to their screens!

Even the idea of having a complex password consisting of number, symbols and capital letters is no longer as strongly advocated. Again, that might help slightly improve the security of your password, but it's not going to make anywhere near as much difference as the length of your password.

For example, "G00gle!", despite having a capital, two numbers and one symbol, is a terrible password because it's too short.

"thecatatethemouse", despite having no numbers, symbols or capitals, is literally millions of times more secure because of its length. And, being a phrase, is easy to remember. Could you make it slightly more secure by adding a capital, number or symbol? Sure. But because of its length (17 characters), it's already practically impossible to crack with brute force. You really wouldn't be adding much.
Interesting. That's basically what I've always done. I have long, unique passwords for all the important sites (where I keep important personal data and/or credit card info). I don't save them in browsers or use a password manager; I write them down on a paper which I keep hidden in my home. I remember most of them, so I don't always need that paper. I haven't bothered to change most of those passwords in years.
Sirtel is offline   Reply With Quote