tag:blogger.com,1999:blog-3119105822589181967.post5472088809202483994..comments2024-03-28T10:16:38.716-04:00Comments on SleuthSayers: PINs and Passwords, Part 2Leigh Lundinhttp://www.blogger.com/profile/07921276795499571578noreply@blogger.comBlogger16125tag:blogger.com,1999:blog-3119105822589181967.post-21521116855541357362017-02-05T09:57:52.408-05:002017-02-05T09:57:52.408-05:00Svs, for 3 of the 4 lists, I credited a Jimmy Rusk...Svs, for 3 of the 4 lists, I credited a Jimmy Ruska and provided a link in the article. His data is still on-line. He states his sample size was 116-thousand passwords.Leigh Lundinhttps://www.blogger.com/profile/07921276795499571578noreply@blogger.comtag:blogger.com,1999:blog-3119105822589181967.post-12547876072772277202017-01-27T10:44:07.511-05:002017-01-27T10:44:07.511-05:00The data source is from?
The analysis is done for ...The data source is from?<br />The analysis is done for what sample size?ur's_svshttps://www.blogger.com/profile/17631774791845309492noreply@blogger.comtag:blogger.com,1999:blog-3119105822589181967.post-62327786037899584692017-01-27T10:42:37.370-05:002017-01-27T10:42:37.370-05:00The data is from?
The analysis is done for what si...The data is from?<br />The analysis is done for what size?<br />ur's_svshttps://www.blogger.com/profile/17631774791845309492noreply@blogger.comtag:blogger.com,1999:blog-3119105822589181967.post-229631115161765952013-08-15T13:03:18.745-04:002013-08-15T13:03:18.745-04:00You might appreciate this:
http://blogs.discoverm...You might appreciate this:<br /><br />http://blogs.discovermagazine.com/crux/2013/07/31/how-to-create-codes-that-even-the-nsa-cant-break/Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3119105822589181967.post-77585761084982897792013-08-11T21:13:58.225-04:002013-08-11T21:13:58.225-04:00Dixon, I had the same problem trying to pronounce ...Dixon, I had the same problem trying to pronounce Hindi– hell, even distinguish vowels that were too subtle for my ear.<br /><br />I'm pleased you enjoyed the article and what a bonus– Louis Armstrong!Leigh Lundinhttps://www.blogger.com/profile/07921276795499571578noreply@blogger.comtag:blogger.com,1999:blog-3119105822589181967.post-20505183194428371652013-08-11T18:50:30.029-04:002013-08-11T18:50:30.029-04:00Thanks, Leigh.
Went back and read both the Shibbo...Thanks, Leigh.<br /><br />Went back and read both the Shibboleth, and Shadrach, Meshach stuff. The first was fascinating reading, reminds me that there is no “sh” sound in Arabic, though there is one in Persian-Farsi. Studying Arabic with other American's, I found it common that we had great difficulty telling the three Arabic "h" sounds apart. This helped me understand why some Arabs simply could not pronounce the "sh" sound, nor could some differintiate between "sh" and "s" sounds when they heard them. <br /><br />And, I ALWAYS love Armstrong — great stuff, buddy!<br /><br />--Dix<br /><br />P.S. Really enjoyed The Saint icon too, but forgot to mention it.Dixon Hillhttps://www.blogger.com/profile/11220791609338404147noreply@blogger.comtag:blogger.com,1999:blog-3119105822589181967.post-87309071149643662832013-08-11T18:07:50.381-04:002013-08-11T18:07:50.381-04:00Thank you, Ray.Thank you, Ray.Leigh Lundinhttps://www.blogger.com/profile/07921276795499571578noreply@blogger.comtag:blogger.com,1999:blog-3119105822589181967.post-90620880925175174742013-08-11T16:25:58.671-04:002013-08-11T16:25:58.671-04:00Interesting and useful article. Thanks. I have to ...Interesting and useful article. Thanks. I have to go back and read the first one.Ray Oakesnoreply@blogger.comtag:blogger.com,1999:blog-3119105822589181967.post-10035201108308199452013-08-11T13:34:11.290-04:002013-08-11T13:34:11.290-04:00By the way, I highly recommend clicking on the Sha...By the way, I highly recommend clicking on the Shadrach etc link.<br /><br />Anon, I’m not sure you understood, but these are password reported at a snapshot in time from several large web sites. It’s interesting what people type when they think no one’s looking. It’s also to look at some of the passwords in their setting, like I love you being so close to ƒ me or ƒ me coming immediately before ƒ you.<br /><br />RT, the best you can do is not click on any button or link you’re not sure of. Most browsers have a small window that monitors downloads, so it’s a good idea to check it once in a while. You can also get add-ons that warn you about suspect web sites.<br /><br />Rob, we won’t tell anyone your password is first-in-class.<br /><br />Louis, the best examples are free eMail sites. They prevent others from getting into your accounts.<br /><br />Dixon, hypothetically it is possible that two people could have the same password, but a good site will make certain the chance is only one in trillions. Even then, you’d have to have someone guessing the two might be the same. The mechanism depends on one-way calculations. We threw away the quotient from our example, so it’s ultra-difficult to reconstruct the original.Leigh Lundinhttps://www.blogger.com/profile/07921276795499571578noreply@blogger.comtag:blogger.com,1999:blog-3119105822589181967.post-25798221495105980552013-08-11T12:56:47.566-04:002013-08-11T12:56:47.566-04:00Leigh,
Thanks for explaining a mystery I’ve long...Leigh, <br /><br />Thanks for explaining a mystery I’ve long pondered. <i>How can a site know that I’ve entered the right password, yet claim not to <b>know</b> or <b>store</b> that password?</i> Until this morning, I didn’t have a clue. Thanks for the explanation.<br /><br />Since password-verification is sometimes (often?) accomplished by checking the remainder when divided by a certain number, I wonder if this can result (and, if so, how often) in what I might term “numerical harmonics,” where two different passwords generate numbers that produce the same remainder when divided. (i.e.: Could “Blood_and_honor” for instance fork over a remainder that’s the same as the remainder produced by “Perdomo_Maduro_Gordo” say?) As you can undoubtedly tell by my example passwords (which I grabbed from a paperback and a cigar box sitting on my desk) I’m not familiar enough with binary, hex, etc. to arrive at an answer, myself. Thus, I wondered if you might enlighten me.<br /><br />And I, for one, got a kick out of that common password list. <br /><br />Thanks,<br />DixDixon Hillhttps://www.blogger.com/profile/11220791609338404147noreply@blogger.comtag:blogger.com,1999:blog-3119105822589181967.post-44644009520763854062013-08-11T12:10:43.720-04:002013-08-11T12:10:43.720-04:00I've tried to remember to change my passwords ...I've tried to remember to change my passwords each year, but, man, there're just too many. Even with a password manager, I'm too lazy to go through all the passwords.<br /><br />Something I don't understand: why do sites that don't ask for money or private information require you to use a password? Unfortunately, at the moment no specific site comes to mind.Louis A. Willishttps://www.blogger.com/profile/16563842429688123421noreply@blogger.comtag:blogger.com,1999:blog-3119105822589181967.post-80325746450327259712013-08-11T11:15:53.800-04:002013-08-11T11:15:53.800-04:00I actually keep a piece of paper in my wallet with...I actually keep a piece of paper in my wallet with all my passwords for different library-related databases (many insist on characters that are forbidden on others...sigh). Of course, I don't actually have the passwords on the page, just clues that tell me which one I use. For example, one says FIC. That tells me which password to type in, but it won't tell a hacker anything.Robert Loprestihttps://www.blogger.com/profile/08844889305615182897noreply@blogger.comtag:blogger.com,1999:blog-3119105822589181967.post-5784213199153689432013-08-11T10:54:59.213-04:002013-08-11T10:54:59.213-04:00Leigh, a fascinating two blog articles. Even thoug...Leigh, a fascinating two blog articles. Even though none of my passwords make anybody's list, I see it's time to change them again.<br />How do you avoid downloading that keystroke program. The way e-mails are being hacked these days, even an e-mail from a friend can be a carrier. And other than not going to new web sites, how do you fefend there?R.T. Lawtonhttps://www.blogger.com/profile/15523486296396710227noreply@blogger.comtag:blogger.com,1999:blog-3119105822589181967.post-70207326611024745342013-08-11T09:46:19.772-04:002013-08-11T09:46:19.772-04:00you should clean this up, we don't need to rea...you should clean this up, we don't need to read obscenities. Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3119105822589181967.post-44606526828710282952013-08-11T07:59:46.739-04:002013-08-11T07:59:46.739-04:00Janice, I recommend password managers (of varying ...Janice, I recommend password managers (of varying usefulness) for Macs and Windows. There's also a free product just for the web called LastPass.<br /><br />Before these 'keychain' managers, I stored passwords in an encrypted spreadsheet. Although my laptop was stolen during a robbery, the passwords had some protection.Leigh Lundinhttps://www.blogger.com/profile/07921276795499571578noreply@blogger.comtag:blogger.com,1999:blog-3119105822589181967.post-70359972108799923702013-08-11T07:48:19.530-04:002013-08-11T07:48:19.530-04:00All useful and good. my problem is that I use a di...All useful and good. my problem is that I use a different password for every site and have to keep a list to keep them straight!janice Lawnoreply@blogger.com