It's getting tougher as time goes by.
Skype dropped me cause I didn't use it for 3 months? Had no info on user name & ID so after trying various combinations I asked for my user name via my e mail address which worked fine. Then came the ID. I tried all my IDs, nothing worked. Submitted new ID, which is a fairly uncommon 5 letter word followed by 12345.
"Not secure enough"
I type in fuckyouyouasshole, it responds:
"at least one number must be used."
I typed in another user name I use with 9 characters...it worked!

Over the years I've been told:
"no more than 3 sequential numbers in a row with increasing or decreasing values"
"must be 6 characters or more"
"the numbers 6 & 9 cannot be next to each other" (I was trying to use 96)
"that user ID is already in use" NO SHIT DUMB ASS, IT'S ME!

From a security standpoint, "fuckyouasshole" would be a bad choice anyhow. I know I've typed that into many, many computer data fields after banging my head against some virtual wall for a while and you can bet that a lot of other people have done the same.

yes

Hello.

Select "I forgot my password" and it will send you a link to reset your password.
https://login.skype.com/account/password-reset-request

When I administrated a Novell server at a smalltown newspaper back in the late 90's, the previous admin used the password BA53BA11 because he liked baseball, apparently. I adopted that idea and use letter/number substitutions for passwords so I can make them fairly complex and yet remember them.

When I administrated a Novell server at a smalltown newspaper back in the late 90's, the previous admin used the password BA53BA11 because he liked baseball, apparently. I adopted that idea and use letter/number substitutions for passwords so I can make them fairly complex and yet remember them.
I knew there was a good reason I liked you! Funny thing, I just came across my Netware 4.1 and 4.11 license diskettes while doing some cleanup in the basement this weekend.

Sad to say, though, that even "trick" passwords like that -- 1 for i, 3 for 3, @ for a, and of course, 0 for 0, amongst many others... are still a little too easy for the hackers to figure out. Someone determined enough will find them, it will just take them a little longer.

Hello.

The thing that amazes me is the number of people who use the same password for everything.
The danger in this is how easy it is to extract a password.
Windows?
http://www.gtopala.com/
But the easy way to get a password is to sniff the wireless network.
Once you are in, you are in.
http://www.ethereal.com/
http://www.aircrack-ng.org/
Note that ALL of this is a FREE download!
I recommend that everyone download the software and learn.
Once you understand your shortcomings do an audit and improve.

When I administrated a Novell server at a smalltown newspaper back in the late 90's, the previous admin used the password BA53BA11 because he liked baseball, apparently. I adopted that idea and use letter/number substitutions for passwords so I can make them fairly complex and yet remember them.

The best approach is to use a random sequence of letters, numbers, punctuation . I find they are not all that hard to remember.

Hello.

The thing that amazes me is the number of people who use the same password for everything.
The danger in this is how easy it is to extract a password.
Windows?
http://www.gtopala.com/
But the easy way to get a password is to sniff the wireless network.
Once you are in, you are in.
http://www.ethereal.com/
http://www.aircrack-ng.org/
Note that ALL of this is a FREE download!
I recommend that everyone download the software and learn.
Once you understand your shortcomings do an audit and improve.

Of course, Ethereal (Wireshark now) is useless if the person is using a SSL site (Or, other encyption, ie SSH).

Of course, Ethereal (Wireshark now) is useless if the person is using a SSL site (Or, other encyption, ie SSH).

Hello.

Yes, but if the person logs onto a site that is not encrypted, and uses the same password for everything.

If someone gets into my QRZ account, I don't GIVE A SHIT!

If someone gets into my QRZ account, I Don't GIVE A SHIT!

He's our shortstop (in the non expurgated versions at least).

The best approach is to use a random sequence of letters, numbers, punctuation . I find they are not all that hard to remember.

Most users would disagree with you on that. Of course, most users could care less about passwords or security, until they get burned.

We've just rolled out an application at work called RoboForm. It's very interesting. It lets you save "prefills" on web based forms, including logins, so it's a good fit for saving user ID's and passwords. It also lets you generate random "strong" passwords and save them, which will let us start enforcing periodic password updates.

And yes, my boss is paranoid when it comes to this stuff.

roboform is popular among coupon/rebate people ... filling in those forms can be tedious!