case: (Default)
Case ([personal profile] case) wrote in [community profile] fandomsecrets2014-10-13 07:03 pm
  • Add Memory
  • Share This Entry

[ SECRET POST #2841 ]


⌈ Secret Post #2841 ⌋

Warning: Some secrets are NOT worksafe and may contain SPOILERS.

01.


__________________________________________________



02.


__________________________________________________



03.


__________________________________________________



04.


__________________________________________________



05.


__________________________________________________



06.


__________________________________________________



07.


__________________________________________________



08.


__________________________________________________



09.

















Notes:

Secrets Left to Post: 02 pages, 039 secrets from Secret Submission Post #406.
Secrets Not Posted: [ 1 - broken links ], [ 0 - not!secrets ], [ 0 - not!fandom ], [ 0 - too big ], [ 0 - repeat ].
Current Secret Submissions Post: here.
Suggestions, comments, and concerns should go here.
Flat | Top-Level Comments Only
kippi: My FFXIV character looking at a distant sunset (Default)

[personal profile] kippi 2014-10-14 06:31 am (UTC)(link)
At that point, does it really matter? You've already lost. Protecting against that was never your job, either. It rested on the shoulders of the site you were signed up at.

The fact that I give a shit about my email is why is has a decently complex and unique password, and the fact that I don't give a shit about my tumblr is why the password isn't that complex and is shared across a couple sites I also care equally as much about. That's what I meant, unless you use a password manager don't sweat having difficult passwords for shit that doesn't personally matter to you. Of course with a password manager you can just use unique random 30 character passwords for everything from your random virusy pornsites to your bank account, but password managers make me jumpy.

[personal profile] cbrachyrhynchos 2014-10-14 11:45 am (UTC)(link)
At that point, does it really matter? You've already lost. Protecting against that was never your job, either. It rested on the shoulders of the site you were signed up at.

Yes, because password databases (assuming that the administrator is not completely incompetent) are obfuscated using a one-way cryptographic function. "pikachu" will fall in seconds to a dictionary attack or a bit longer to alphabetic brute force (7 characters). A randomly generated password like "VxfrFAH0pPqU4t" cannot be discovered via dictionary attacks and is unlikely to be brute-forced.

Now of course if you don't care, you don't care. But the use of a password safe is much less of a security risk than trusting a site with a weak password. All of the software I'm familiar with uses stronger functions that make them more difficult to crack than those used by most web sites. And since LastPass takes seconds to install and demands less time to login than trying to remember exactly which password I used for a service, there are few usability issues.

Flat | Top-Level Comments Only