Password security advice

[Richard M]

http://www.digit4l.net/2010/05/when-in-doubt-md5-it/

Post quoted here:

Quote:

I feel I have to say this again: any passwords you use on the internet – MD5 them!

http://www.miraclesalad.com/webtools/md5.php

How it works is simple, just type any password you want to secure into that website then click “md5″.
This will create a very long string of random numbers and letters.
You then copy/paste that into whatever website wants you to create a password.
I suggest doing this for any existing passwords too, so change your passwords now!

It’s VERY secure, so start doing it.

[idi banashapan]

not so good for sites that only allow ~12 characters max on passwords though, which in my experience is a vast number of them. MD5 hashes are 32 character hex expressions. this also means that it will not include symbols, only alpha-numeric.

[Paul K]

Online security is always an issue, there are a lot of people out there that use family names or birthdays to secure things like online banking etc. Common sense does not seem to rule, I even know someone that secured their facebook account with details published on their profile and then they wondered how it had been compromised!

[Hom3r]

Two jobs back we had to change our passwords every month and we couldn't use a previous one (MOD security).

So I used this method "Password01", then every month uped the number by 1.

My last job was the password killer of all killers, I had 32 website that I used, thank god that only a few had a time limit on the password.

For that job I got KeePass password manager.

[speedfreak]

what happens if you forget the password?

[idi banashapan]

use something like keypass to store them

[Richard M]

Of course, this will not protect against the more sophisticated network capture trojans, but should protect against basic keylogging trojans which only watch the memory for keypresses.

It's another line of defense, so if you have anything worth protecting (i.e. your personal email account) then do it.