i mix up names and places and replace the vowels with special characters, very special characters, but my smarter than me children tell me to just pick some stupid string of 5 words and forget the special stuff, who knows, signing off, this is d*&gM%ch#g@n
@G1 using non-random passphrases with alphanumeric characters makes them both difficult to guess AND easy to remember. entirely random alphanumerics are also more secure, as brute-force attempts aren't generally going to start with "A-1" combinatorics when perfectly good password dictionaries can be permuted.
now that they bring it up, i wonder why more brute forcers aren't using bayesian inference algorithms. or maybe they are and i'm just a gibbering gibbon.
@caffeine_dude Say that after you get arrested for your search history that triggered an FBI investigation 'cause someone keeps going to your place to search for super naughty shit.
Funny how often it works while wardriving. Of course, I'd never do that . . . Um . . . I HEARD it was funny how often this password works while wardriving. Yeah, that's it.
(Personally, I don't have wifi on my network. I used to enable it for my daughter, when she visited, but now I just let her use one of the networked machines instead.)
While we are on the topic of wifi passwords, if you're using one your wifi security setting should be at WPA2-PSK at least, and you should disable WPS- the push-button authentication.
@dashcloud That article is about PIN-based WPS, not push-button. Push-button essentially requires physical access; PIN-based is always at the ready if it's enabled, giving an attacker plenty of time to brute-force 11k PINs.
@brhfl funny story about the sticker underneath the router I got from Tmobile... The sticker was on the wrong router... Serial, SSID, PAssword everything on the sticker on the bottom doesn't match what the software says when I finally got in... How did I get in then you may ask... Well... the password is only set up to get in via wifi the first time, or if you don't get into the router it's a pretty decent default password... but once you are on the network, navigating to the router makes you set up the router's password ETC (without a password at first, or it may have been username admin no password.
I think it even told you the default in the authentication box...) But once I got in and got it set up the way I wanted... it worked. So I didn't complain. But it makes me wonder if there is another router out there with the sticker that should be on the router I have in my possession right now.
mehhhhhh. I know it's a mediocre password but I'm going to capitalize one of those letters now that you know it. as soon as I can find the manual with the admin password.
Years ago some of my friends got another friend's girlfriend with that, she talked like a valley girl so when they finally got her, it was the best one ever. "Like, ohmygahd, whatthefuck is UP-dog!?!?"
How many people have set their router's ID to something like "FBISurveillance"? Personally, mine is hidden. Though there was that time my neighbor lost his FIOS while mine was still up and I opened up my connection for him. He designs sites and admins a few well known forums so I felt bad that he couldn't get any work done.
@cinoclav I remember fondly a wireless network in my college dorm building, 'WE DRINK BEER IN OUR ROOM'. Which, on quite a few levels does not really make sense, so I suspect they were in fact DRINKING BEER IN THEIR ROOM when they set up their access point. I suppose hiding your SSID raises one a notch above the lowest-hanging fruit, but aside from that it doesn't really afford security. Presumably you realize that, but good to put it out there…
@cinoclav Since I live in a rather remote area close to a state park, I frequently get people stopping in my driveway trying to link to my WiFi. I would love to allow access, but it is just too risky. I hid mine for a while, but that got to be a pain every time there was a power glitch and I had to reconnect all of the devices by typing the full name and password.
Then I changed the ID to: HomlSec*AR*Post05 and was amused to see people slow by my driveway, then speed away without stopping. But I really don't want the neighbors to think I am spying on them, so I changed it back to my personal ID with a strong password.
@brhfl@rockblossom Don't get me wrong, it's also WPA2. It's hidden in part to piss off the gf's niece and nephew when they come over and try to connect. :)
@Chops Regardless of those irritating sites (SSA, IRS) that force a password to have a capital letter, a small case letter, a number and at least one symbol - the best indicator of a strong password is length. That's why "thisisareallyreallystrongpassword" is actually a few million times better than "B12a%jkA"
@rockblossom it makes me silently internet rage on the few sites that cap the length at like 8 characters. You can have all the & in the world in there, but 8 characters is just not long enough.
@metageist Between dealing with that, and coping with the sites that require me to have special characters vs the sites that won't let me have special characters.. my life has just been a mess.
This is probably a better estimator: https://dl.dropboxusercontent.com/u/209/zxcvbn/test/index.html "cats............" is correctly identified as [dictionary word] + [repeated letter]. A passphrase like "Fly higher, run much faster!" scores better.
Back in high school, I "discovered" the WiFi password that was only intended for faculty computers. After giving it to friends, I had entered it enough times to memorize it, so I ended up using it as a WiFi password of my own. It was (modified, but similar structure to) "18CD945A8F."
I've always used Mortal Kombat cheat codes or variations thereof. In college, for example, I set ours to 123ABACABB. I just added the numbers because it was too short otherwise.
something somthing numbers
HunnyBunny05
Ha -- like I'd tell you bunch of nerds :)
Your mom's phone number
@jaremelz stole my joke.
@Thumperchick Blame @christinewas!
@jaremelz For the fact that you are funny and quick? Umm... I'll take it! Do you have any more blame in that flavor laying around?
@jaremelz I don't even know my mom's phone number. I guess this means I need to ask for your password.
@TheCO2 Sorry man, she actually just said she'd rather talk to me ;)
@jaremelz That's alright. She's off her rocker, anyway. You can have her.
@TheCO2 If the rocker's a rockin'....
@jaremelz ...it means she fell out.
i mix up names and places and replace the vowels with special characters, very special characters, but my smarter than me children tell me to just pick some stupid string of 5 words and forget the special stuff, who knows, signing off, this is d*&gM%ch#g@n
@DMlivezey the source of your kids smarterness:
@G1 ok, i am no longer doug michigan, i am forever a correct horse stable charger, or was that staple and plug? dang, forgot it already...
@DMlivezey You can use diceware to improve your word choices: http://world.std.com/~reinhold/diceware.html
@G1
using non-random passphrases with alphanumeric characters makes them both difficult to guess AND easy to remember. entirely random alphanumerics are also more secure, as brute-force attempts aren't generally going to start with "A-1" combinatorics when perfectly good password dictionaries can be permuted.
now that they bring it up, i wonder why more brute forcers aren't using bayesian inference algorithms. or maybe they are and i'm just a gibbering gibbon.
@G1 I wonder how many people saw that comic (I'm a 3 times a week xkcd reader), and set their passwords to correct horse battery staple... haha
I've always run a open WiFi network, both on principle and for plausible deniability.
@trisk used to do that, but when they take your electronics for analysis your caught. So I stopped.
@trisk yep, the best way to hide is in plain sight. although, just running a tor exit node would do the same thing. on a related note, one of my favorite stories: http://www.sacred-texts.com/neu/celt/cft/cft06.htm
A number, then a symbol, then a word, then more numbers. Or not.
Is anybody using purple?
@gertiestn B4rNeY((((((((((L0ve5###########PURpl3!!!!!!!!!***********5
@thismyusername Aww, how'd you guess my password?
Sharing your wifi password is not that bad, it's not like someone will travel to your house and use your internet.
@caffeine_dude I know people that used to drive around and screw with people over their wifi...
@Thumperchick or have you ever heard of bluejacking?
@caffeine_dude Say that after you get arrested for your search history that triggered an FBI investigation 'cause someone keeps going to your place to search for super naughty shit.
@Foxborn Or uses it for drug transactions, or human trafficking meet-ups, or downloading kiddie porn, or ... that all track back to your IP address.
@rockblossom Yep Yep Yep, I'm just too paranoid to even type that out. I do not want to be on ANY kinda list
@PocketBrain yes, though I wasn't aware of the term. (I'm so jaded, I looked it up in incognito mode.)
@caffeine_dude I would personally go to the @Thumperchick residence, just to use her WiFi.
@TheCO2 ಠ_ಠ
@Thumperchick OK, I would knock on the door and say, "Hi!" as well.
@TheCO2 Okay, that's allowed.
Password!
I don't have home wifi
%4Pf
&$>yrh
$CPC@;e"(#&[M(z%:z'x@awk Mine is a 28 character random from 1Password. SSIDs are more interesting if people bother to change them from default
@duodec i use lastpass, here's a sample similar to the above PiSCradvElSiVisTaGErAvENusTErGABSeXPEnti, they think that is pronounceable???
Which home wifi? There are at least 4.
@hamjudo - Any one will do ;-)
irAbyr4ohai
I don't have a password... That way nobody ever has to ask for it. :)
IfIToldYouIWouldHaveToKillYou.
Crap; now I have to kill you.
Funny how often it works while wardriving. Of course, I'd never do that . . . Um . . . I HEARD it was funny how often this password works while wardriving. Yeah, that's it.
16309 works a lot too (I heard) . . .
And . . .
@Pavlov lol@ wictor wictor wictor...
@PocketBrain Not as good as "nooclear wessel"
Oh, where is my link to the 10,000 most used passwords?
@PocketBrain Rainbow tables anyone?
I'll just leave this here:
http://project-rainbowcrack.com/table.htm
(Personally, I don't have wifi on my network. I used to enable it for my daughter, when she visited, but now I just let her use one of the networked machines instead.)
My home wifi password is super complex. It's "P@55wurd" so nobody will guess it in a million years.
111111111
While we are on the topic of wifi passwords, if you're using one your wifi security setting should be at WPA2-PSK at least, and you should disable WPS- the push-button authentication.
@dashcloud Sprechen Sie Englisch ?
@dashcloud That article is about PIN-based WPS, not push-button. Push-button essentially requires physical access; PIN-based is always at the ready if it's enabled, giving an attacker plenty of time to brute-force 11k PINs.
@brhfl funny story about the sticker underneath the router I got from Tmobile... The sticker was on the wrong router... Serial, SSID, PAssword everything on the sticker on the bottom doesn't match what the software says when I finally got in... How did I get in then you may ask... Well... the password is only set up to get in via wifi the first time, or if you don't get into the router it's a pretty decent default password... but once you are on the network, navigating to the router makes you set up the router's password ETC (without a password at first, or it may have been username admin no password.
I think it even told you the default in the authentication box...) But once I got in and got it set up the way I wanted... it worked. So I didn't complain. But it makes me wonder if there is another router out there with the sticker that should be on the router I have in my possession right now.
@sohmageek There is a truckload of those mislabeled routers backing up to the Meh loading dock now.
@hallmike pretty sure this is the non T-Mobile branded version of the router. -pla--Wireless+Routers-_-N82E16833320174&gclid=CL30kdWb9cgCFVcSHwodtW8M3A&gclsrc=aw.ds">http://m.newegg.com/Product/index?itemnumber=N82E16833320174&nm_mc=KNC-GoogleAdwords-Mobile&cm_mmc=KNC-GoogleAdwords-Mobile--pla--Wireless+Routers-_-N82E16833320174&gclid=CL30kdWb9cgCFVcSHwodtW8M3A&gclsrc=aw.ds
It's an awesome router for $0.00 :) it's awesome at the $100.00 price they sell them to postpaid and I think prepaid customers.
mehhhhhh. I know it's a mediocre password but I'm going to capitalize one of those letters now that you know it. as soon as I can find the manual with the admin password.
The combination is:
We used P@$$w0rd for our test system computers at work, but they were removed for a cloud system a few years ago .
a0939b283e - was a default hashed one from an old D-Link router, and I managed to memorize it, so it stuck.
Not sure about the password, but my Wifi SSID is: Hide yo kids hide yo wifi
@Bogie FBI Surveillance Van #6
fuckyou1
@carl669 Well, fuckyou2.
@jaremelz well played. i tip my hat to you.
my home wifi is named updog
(this is a true story)
@Lotsofgoats Mine is 'Your Creepy Neighbor.'
@Lotsofgoats Lots of funny ones out there. I kinda like "You Kids Get Off My LAN."
@Lotsofgoats wtf is updog?
@djslack Whats updog? lol
@djslack idk wtf is up with you
@Lotsofgoats @unoriginal26 nuttin, just chillin'. You?
Years ago some of my friends got another friend's girlfriend with that, she talked like a valley girl so when they finally got her, it was the best one ever. "Like, ohmygahd, whatthefuck is UP-dog!?!?"
@Lotsofgoats Mine is named something like Surveil Van 1 or similar
You left off the option of no password.
@melliott that's the 'public' option.
6
How many people have set their router's ID to something like "FBISurveillance"? Personally, mine is hidden. Though there was that time my neighbor lost his FIOS while mine was still up and I opened up my connection for him. He designs sites and admins a few well known forums so I felt bad that he couldn't get any work done.
@cinoclav I remember fondly a wireless network in my college dorm building, 'WE DRINK BEER IN OUR ROOM'. Which, on quite a few levels does not really make sense, so I suspect they were in fact DRINKING BEER IN THEIR ROOM when they set up their access point. I suppose hiding your SSID raises one a notch above the lowest-hanging fruit, but aside from that it doesn't really afford security. Presumably you realize that, but good to put it out there…
@cinoclav Since I live in a rather remote area close to a state park, I frequently get people stopping in my driveway trying to link to my WiFi. I would love to allow access, but it is just too risky. I hid mine for a while, but that got to be a pain every time there was a power glitch and I had to reconnect all of the devices by typing the full name and password.
Then I changed the ID to: HomlSec*AR*Post05 and was amused to see people slow by my driveway, then speed away without stopping. But I really don't want the neighbors to think I am spying on them, so I changed it back to my personal ID with a strong password.
@brhfl @rockblossom Don't get me wrong, it's also WPA2. It's hidden in part to piss off the gf's niece and nephew when they come over and try to connect. :)
@cinoclav terror network!
@cinoclav Ars technica guy (who lives in texas) had a guest login page and SSID JADE_HELM_OPS: http://arstechnica.com/gadgets/2015/10/review-ubiquiti-unifi-made-me-realize-how-terrible-consumer-wi-fi-gear-is/
Z9P3WeSmQt. It was the default PW and I was too lazy to change it. I remember the capital letters by saying them loudly in my head.
Also for entertainment purposes, password strength evaluators:
https://howsecureismypassword.net/
http://www.passwordmeter.com/
Is typing your password for an unknown account into a strange website worth the entertainment? Probably.
"cats" is instant
"cats............" is 2 billion years.
@Chops Regardless of those irritating sites (SSA, IRS) that force a password to have a capital letter, a small case letter, a number and at least one symbol - the best indicator of a strong password is length. That's why "thisisareallyreallystrongpassword" is actually a few million times better than "B12a%jkA"
@Chops According to the first site, my password would take a desktop PC about 20 billion years to crack.
I suppose that's secure enough.
@narfcake I have 2 desktops so I can crack it in half that time.
@rockblossom it makes me silently internet rage on the few sites that cap the length at like 8 characters. You can have all the & in the world in there, but 8 characters is just not long enough.
@metageist Between dealing with that, and coping with the sites that require me to have special characters vs the sites that won't let me have special characters.. my life has just been a mess.
@Chops according to the "how secure" site, the barney password would take 15 trigintillion years
B4rNeY((((((((((L0ve5###########PURpl3!!!!!!!!!*****5
The power of purple.
@thismyusername And no one knows it except for the 75,000 or so people who are on this site.
This is probably a better estimator: https://dl.dropboxusercontent.com/u/209/zxcvbn/test/index.html
"cats............" is correctly identified as [dictionary word] + [repeated letter]. A passphrase like "Fly higher, run much faster!" scores better.
@thismyusername And the best part about it is how easy it is to remember.. who could forget 3 words?
monkeybuttfire
@sthiede1 i sense a trend
Why Fukubukuro ofcourse! Who would ever guess that?
KuoH
Story time!
Back in high school, I "discovered" the WiFi password that was only intended for faculty computers. After giving it to friends, I had entered it enough times to memorize it, so I ended up using it as a WiFi password of my own. It was (modified, but similar structure to) "18CD945A8F."
HorseFacedMonsterCat
Mine's Nunya
Anyone here ever used
"Now is the time for all good men"?
It's not DEADBEEF, but it's something along those lines. Leftover from WEP days.
@walarney That reminds me, an old wep key I used once was BEEFBEF00D
hunter2
@clonetek are you AzureDiamond??!
Vietnam0
@galmaegi Is your Wifi named GOOOOOOD MORNING?
@Thumperchick Clever!
I've always used Mortal Kombat cheat codes or variations thereof. In college, for example, I set ours to 123ABACABB. I just added the numbers because it was too short otherwise.
my ssid is 'sneakers' and my password is 'nomoresecrets'
my ssid used to be 'fbivan2'
@marklog shouldn't the password have been setecastronomy?
@carl669 myvoiceismypassportverifyme
@carl669 Then he would have too many secrets.
KuoH
No, "what" isn't my home WiFi password.