questionshow secure is your woot password?

vote-for42vote-against
vote-for14vote-against

You are not supposed to type out your password like that...you are supposed to type xxxxxx!

Seriously though, I do need to do a major overhaul on the passwords, all of them. I have not changed mine recently and I am due. I am not looking forward to the adventure but I do have it on my todo list.

vote-for12vote-against

I thought passwords were •••••••••. Have I been typing in the wrong thing all along?

vote-for7vote-against

@pattiq: I, for the most part, use LastPass to keep them all straight. I pay the money for the Pro version that has mobile apps. Even then, it is kind of a pain, in that I try and use the maximum password length allowed in highly important sites. So, good luck trying to enter 20 totally random alphanumeric characters without an error. So, I really need to have access to the account directly via the plug in.

vote-for11vote-against

Password123

So it's somewhat secure.

vote-for5vote-against

Well, I am completely screwed when Anonymous hacks Woot.

vote-for7vote-against

My password is secure. I will have to request a new one whenever I am logged out.

vote-for6vote-against

Mine's secure, it's password with a capital 2. Nobody will figure that out.

vote-for8vote-against

No else here uses: Woot! as their password?

But seriously, even if the password were stolen credit cards have zero liability for fraudulent purchases (Paypal does as well) so I'm not that worried.

vote-for6vote-against

@iggz: Way better then mine:
password1 = Instantly where
password123 = a year,
Woot! = 0.3375312767 seconds
per http://howsecureismypassword.net/
or everyone could post their passwords here and I can tell you how long it takes to crack them.

vote-for10vote-against

@wilfbrim:

Dude! Not cool! Not cool at all!

First, you frakking hack my password! How the heck did you figure out that it was monkey123?!!

Then, on top of that, you go and post it here for everyone to see!

What the frak is wrong with you?!!

Do you know how many sites I use monkey123 on?!! It is gonna take me hours to change it everywhere!

vote-for5vote-against

@caffeine_dude: I always thought that website was funny... "everyone come here! type your password for everything!"

vote-for3vote-against

@caffeine_dude: It would take a desktop PC about 6 thousand years to crack my password.
After that long, I won't care.

vote-for4vote-against

@caffeine_dude: I tested some of my passwords. Less than a day, 39 days, 6 years...one was 633 decillion years. Oddly enough, that's the easiest one to remember.

vote-for3vote-against

I winder what the hackers will buy for me?

vote-for4vote-against

Ugh, thanks to this stupid post I went and updated my password. Now I'll have to remember a new word after all these years. Grumble, grumble...

vote-for5vote-against

Same password as I use for my luggage - 123456

vote-for3vote-against

You mean 'BOC123' might not be a good password for Woot! ?

vote-for2vote-against

my password is a sentence that makes no sense.

vote-for8vote-against

I will just leave this here:

j5 j5
vote-for2vote-against

@miquinn: I agree.
@xdavex: I wonder if in accounts for moore's law.
I hope you have seen this, if not: http://xkcd.com/936/ edit @j5: posted it already.
@morriea: I am sure you are getting a boc
@panthiest: a sentence that makes no sense = 312 nonillion years
@thumperchick: BOC123 = 0.544195584 seconds
@mml666: 123456 = Instantly
@theghostofsnapsterpast: monkey123 = 7 hours

vote-for2vote-against

@j5:
Yes, but...

Those calculations assume that the individual attempting to crack your password is just going to use brute force guessing. In this case really the length is all that matters. RTFA. They aren't doing that anymore.

Large collections of passwords have been leaked, and the bad guys today are, sadly, smarter than before. They studied them. So, what they have discovered is that people are doing cute things like: since I'm a leet dude, I'll just change to leetspeak, and be l337d00d. So, among the dictionary attacks they add words with common substitutions. Another very common password is a proper name followed by a recent year. So, if one uses the first name of their first sexual experience followed by the year (i.e. Gertrude1983, or maybe Gertrude1983!! cause it was good) that is likewise easly broken. I used to think I was being cute using keyboard patterns. Nope, all those are amonst the first guessed.

vote-for3vote-against

@wilfbrim: The XKCD article is still accurate. A collection of randomly chosen words is significantly more secure than l337 sp34k encoding. Especially now with educated guessing algorithms.

j5 j5
vote-for2vote-against

Passwords don't work anymore. Security companies still put out articles about "better passwords" so that companies can due there "due diligence" if sued and to make people "feel" safe.

http://www.wired.com/gadgetlab/2012/11/ff-mat-honan-password-hacker/all/

vote-for1vote-against

I'm not concerned. My CC has my back.