[cryptome] off-topic password tips - a system explained

  • From: "Al Mac Wow" <macwheel99@xxxxxxxxxx>
  • To: <cryptome@xxxxxxxxxxxxx>
  • Date: Sat, 31 Aug 2013 18:26:18 -0500

In partial answer to BZ.

 

I have experimented with different systems for coping with our interesting
computer lives.

Many of my systems have failed.

Ideally I need a system I can setup, not have to change passwords every
month, when there are scores of places involved.

 

You can store stuff on a piece of paper, but who all has access to wherever
you store it?

Other people with whom you share your home, and who visit it.  If you are in
an apartment, anyone who works for the landlord.

 

Well I have a system with a built in puzzle.  I will explain how this could
work for anyone, except you should adjust the puzzle so you not using
exactly what is described here.  I already adjusted the puzzle before
sharing.

 

Here's a starting system for you to try out:

*        Have a note pad, or you could use index cards

*        When you open an account with some place, 

o       jot down how to get to the place (if your PC crashes, you may lose
your book marks), 

o       Initials of the place

o       what your account name is (many places my account name is AL99MAC or
something like that), 

o       a number for actual

o       and a code for THE WORD

 

Elsewhere in the note pad you'd have THE WORD & a code associated with each
WORD.

 

Some places need extra long passwords, and other rules, in which you need to
adjust the system to work for them.

 

Here's a password for Google, using my proposed system:  G79Idiot

 

In THE WORD section of the note pad, one of the words is Idiot. (notice what
is upper & lower letters)

Its' code might be D5

 

In the section of the note pad, where you have your Google account:

*        the place is G

*        the actual # is 79

*        the code is D5

 

If and when you need to change the password, you can alter the actual #,
and/or assign a replacement WORD.  This way you have it all written down,
but there is a little puzzle.  Only someone who knows what your puzzle
system is, can figure out your passwords from what is written down.

 

Do you see how that works?

 

This system is not fool-proof, but it makes it possible to have hundreds of
different sites, each with a different password, and if any one of them is
breached, none of the others are.

 

I just had maid service into my apartment, and that note pad got misplaced.

Fortunately I found it again after only 10 minutes of searching.

 

Note that there are certain digits and letters easily confused with each
other if you don't have a good way to distinguish them.

Digits 0 1 2 8

Letters O I l Z B

 

You can store your passwords in some file on your computer, until you have a
computer crash.

I had two hard drives on my home PC.  One for normal stuff, other for
backups.  I figured, what are the odds both hard drives go down at same
time?  Whichever one dies, the other is now my stuff on the next box.  Well
just over a year ago, I lost the odds.  Both hard drives went down at same
time, and the contents could not be recovered.

 

You can store stuff in the cloud, but it gets between wherever and you, over
communication systems where basically you are trusting all the service
providers in between you and your data, all their employees, all their
contractors, and if they get hacked, what are the odds they find out
rapidly?.

 

Some people store their work backups at home, and their home backups at
work.

I heard about a person who had their home and work burglarized on the same
weekend.

What are the odds of that?

 

After major disasters, like California earthquake, Katrina, Sandy, some of
us ask the businesses which were located there, how they recovered, and what
if anything they learned about disaster recovery planning that they can
teach the rest of us.

 

Like if you have your backups in a bank safety deposit box, but the bank is
on the same flood plain as what you are backing up.

 

Al Mac = Alister William Macintyre

-----Original Message-----
From: cryptome-bounce@xxxxxxxxxxxxx [mailto:cryptome-bounce@xxxxxxxxxxxxx]
On Behalf Of bz
Sent: Saturday, August 31, 2013 1:35 PM
To: cryptome@xxxxxxxxxxxxx
Subject: [cryptome] Re: Exemplary Greenwald-Poitras Opsec Op-Ed

 

If you read this:

https://pressfreedomfoundation.org/encryption-works

carefully, it may explain what was Miranda doing in London. It wasn't

about sharing docs, but rather setting up Tail, I would think. Any docs

he had on him were rather there only to misguide.

 

I am rubish with IT myself and only recenly, due to the necessity, have

started learning all this & have been trying to change the ways I

communicate and although every day I feel I begin to understand it, I

still confuse things with keys, certificates and, if I be am honest am

not sure whether people are recieveing my mail when I manage to encrypt it.

 

Also, i dunno why, but I assumed that it will be safer if record all

passwords on a paper... There is too many passwords to be able to

remember all of them. How can you handle it?

 

Personally, I think I need proper help with all this as it starts to

really frustrate me or simly stop using internet as I am not sure

whether I protect myself the right way or whether it works like it

should and wird things began to happen both with my laptop and in my life.

 

Other related posts:

  • » [cryptome] off-topic password tips - a system explained - Al Mac Wow