Passwords, don't do what I did

[C(-)ris]

I'm trying to figure out why banks and credit cards have such lax requirements for passwords. Some of them don't even require a symbol. There is a major credit card company that requires nothing more than 8 digits with a letter and a number. password1 passes their test.

[Blankity Blank]

rgG wrote:
Here is what Eric Snowdon had to say about creating a good PW.
So what should people do for their passwords? While Oliver’s suggestion of “limpbiscuit4eva” was a flop, Snowden had some helpful advice: Forget about passwords and go with “passphrases,” or phrases that are long, unique, and thus easy to remember. Like “margaretthatcheris110%SEXY”.

A computer would never get it, and you’d never forget it.

https://time.com/3815620/edward-snowden-...hn-oliver/

Say what you will about him, but I think he should know a thing or two about creating a good PW.

But for that to remain ‘simple’ to use, you’d have to use the same password on every site; creating passphrases like that for each site would make memorization impossible. You could try finding a site specific suffix or prefix to add on, but that steers you back to predictability.

[Ken Sp.]

I use this method as do most of my clients.
I use the same basic password everywhere ie: fluffy1 This will be used everywhere.
If you add a 3 character prefix to it that is based on the website you are at: Xxxfluffy1 assuming Fluffy is the name of your cat.
Amazon would be Amafluffy1
Pizza Hut would be Pizfluffy1
For further security at important websites, add a special character or two
Wells Fargo would be Welfluffy1!
Apple/iCloud etc Appfluffy1!

I developed this protocol so passwords would be easy to enter on the iPhone, and you will never need to write them down, since, you know your main password, and the prefix is whatever site you are at.
Always start with an upper-case letter-then the phone shifts to lower case.....Then "flip" to the number screen and enter 1-3 numbers....then, in the same screen you can easily use $!? as one or more special characters. (you should stay consistent on everything).
Admittedly, this is not the most super secure way, but it is much more secure than writing passwords down.

When writing down passwords, always underline upper-case letters and write the current date after the password, so you know which one is the current one. Do not use the date inside the actual password.

FYI-Notes App on Mac and iOS, now has the ability to password protect individual notes-put passwords there. I recommend using the unlock code for your iPhone to unlock your note. Always use Apple Keychain.

Here is a presentation on passwords, I recently gave to our 1400 member Apple User Group.
https://www.youtube.com/watch?v=0RQyp2k9nmc

PS: Bonus tip. When you enter your credit cards in Safari autofill, name the card with the expedition date and 3-4 digit security code in the name of that card, so when it autofills in Safari, you will see the expiration and security code without having to go get your card. Again-your decision on Security vs Convenience is your call.

[mattkime]

Randomize your passwords. Better yet, randomize your username as well.

[pdq]

sekker wrote:
My older sister is very tech savvy in some ways, but she HATES moving to new iPhones due to her having to type in all of her passwords.

If someone has a better way, please share!

I’m not sure what I’m doing differently, but all of my passwords are maintained by Apple and appear on whatever new device I get.

The only time I don’t let my Apple devices set unrememberable super-passwords is when I think I may have to log in to on another computer at some point. But that’s a lot of the time. So in those cases I run a system like that described in the OP.

[freeradical]

C(-)ris wrote:
I'm trying to figure out why banks and credit cards have such lax requirements for passwords. Some of them don't even require a symbol. There is a major credit card company that requires nothing more than 8 digits with a letter and a number. password1 passes their test.

They probably lock you out after three failed attempts.

IMHO, this sort of administrative policy would make for better security than weird complicated passwords or phrases.

[Michael]

Ken Sp. wrote:
I use this method as do most of my clients.
I use the same basic password everywhere ie: fluffy1 This will be used everywhere.
If you add a 3 character prefix to it that is based on the website you are at: Xxxfluffy1 assuming Fluffy is the name of your cat.
Amazon would be Amafluffy1
Pizza Hut would be Pizfluffy1
For further security at important websites, add a special character or two
Wells Fargo would be Welfluffy1!
Apple/iCloud etc Appfluffy1!

I developed this protocol so passwords would be easy to enter on the iPhone, and you will never need to write them down, since, you know your main password, and the prefix is whatever site you are at.
Always start with an upper-case letter-then the phone shifts to lower case.....Then "flip" to the number screen and enter 1-3 numbers....then, in the same screen you can easily use $!? as one or more special characters. (you should stay consistent on everything).
Admittedly, this is not the most super secure way, but it is much more secure than writing passwords down.

When writing down passwords, always underline upper-case letters and write the current date after the password, so you know which one is the current one. Do not use the date inside the actual password.

FYI-Notes App on Mac and iOS, now has the ability to password protect individual notes-put passwords there. I recommend using the unlock code for your iPhone to unlock your note. Always use Apple Keychain.

Here is a presentation on passwords, I recently gave to our 1400 member Apple User Group.
https://www.youtube.com/watch?v=0RQyp2k9nmc

PS: Bonus tip. When you enter your credit cards in Safari autofill, name the card with the expedition date and 3-4 digit security code in the name of that card, so when it autofills in Safari, you will see the expiration and security code without having to go get your card. Again-your decision on Security vs Convenience is your call.

I started doing something very similar years ago, except I put the site letters right before an end character. I have several hundred passwords and only a few are replicated.

[Dennis S]

I have rules where I type out the name of the site and put symbols or numbers at certain points like after the first syllable or before the last letter. Then I have numbers that I can change every year like my age. Then I have a misspelled word.

Am@azo;n71quitar

E@ba;y71quitar

[pinkoos]

This is what I've been doing for many years now after having used the exact same password on multiple sites prior to that

I posted a few months ago trying to figure out the best option for my kids as they start accumulating more and more passwords on more and more sites

I guess they can use this system but there's always some site that doesn't allow this or that character or requires a longer password that throws a wrench into it

Ken Sp. wrote:
I use this method as do most of my clients.
I use the same basic password everywhere ie: fluffy1 This will be used everywhere.
If you add a 3 character prefix to it that is based on the website you are at: Xxxfluffy1 assuming Fluffy is the name of your cat.
Amazon would be Amafluffy1
Pizza Hut would be Pizfluffy1
For further security at important websites, add a special character or two
Wells Fargo would be Welfluffy1!
Apple/iCloud etc Appfluffy1!

I developed this protocol so passwords would be easy to enter on the iPhone, and you will never need to write them down, since, you know your main password, and the prefix is whatever site you are at.
Always start with an upper-case letter-then the phone shifts to lower case.....Then "flip" to the number screen and enter 1-3 numbers....then, in the same screen you can easily use $!? as one or more special characters. (you should stay consistent on everything).
Admittedly, this is not the most super secure way, but it is much more secure than writing passwords down.

When writing down passwords, always underline upper-case letters and write the current date after the password, so you know which one is the current one. Do not use the date inside the actual password.

FYI-Notes App on Mac and iOS, now has the ability to password protect individual notes-put passwords there. I recommend using the unlock code for your iPhone to unlock your note. Always use Apple Keychain.

Here is a presentation on passwords, I recently gave to our 1400 member Apple User Group.
https://www.youtube.com/watch?v=0RQyp2k9nmc

PS: Bonus tip. When you enter your credit cards in Safari autofill, name the card with the expedition date and 3-4 digit security code in the name of that card, so when it autofills in Safari, you will see the expiration and security code without having to go get your card. Again-your decision on Security vs Convenience is your call.