An important PSA from nECrO

Have questions or comments about the site?
User avatar
nECr0MaNCeD
Member
Member
Posts: 1233
Joined: Thu Mar 13, 2014 11:46 pm
Cardist: Yes
Collector: Yes
Player: Yes
Magician: Yes
Decks Owned: 677
Location: Silver Spring, MD
Has thanked: 215 times
Been thanked: 131 times

An important PSA from nECrO

Unread post by nECr0MaNCeD »

For those who didn't catch it in the news, or those who did and didn't understand the scope and magnitude, Russian hackers stole log in credentials for 1.2 BILLION accounts from over 420 thousand web sites. From fortune 500 companies to small fan forums sites and everything in between. That's roughly 1 out of every four internet users kiddies. I strongly advise everyone to change ALL of their passwords. Now. I have listed some tips for passwords below. I hope they help.


Dont's
1. NEVER use the same password for more than one site.
2. Never use your machines password for websites.
3. Do not use words found in a dictionary.
4. Do not use names. This includes pets.
5. Never use a close variation of your old password when you change it. Changing from password123 to password321 is useless.
6. Don't use phone numbers, Social Security numbers or birth dates.

Do's
1. Use a mixture of upper and lower case, numbers and symbols.
2. Change passwords frequently. (I change mine once a month.)
3. Use at least 10 characters (I usually use 12 or more)
4. Substitute numbers and letters. @ for a, 3 for e, $ for s, zero for O and so on. Example Il0v3pl@yingcard$714

Tips
1. Use a sentence that easy to remember but just use the first letters. like.... TiMuCfPw!101... This is My united Cardists forum Pass word ! 101 Starting with the first letter, every other letter is Upper Case.
2. Services like Gmail that offer "2 factor" passwords should be used. When you sign on with a new or unrecognized computer it sends a text message to your phone with a 6 digit code you will need to input. It's a pain but works well.


PS If possible could a Mod make this sticky, Preferably in every section?
If it's too loud.... you're too old!
User avatar
volantangel
Moderator
Moderator
Posts: 3607
Joined: Tue Nov 13, 2012 2:06 am
Collector: Yes
Player: Yes
Decks Owned: 350
Location: Singapore
Has thanked: 219 times
Been thanked: 297 times

Re: An important PSA from nECrO

Unread post by volantangel »

Thanks Necro for the headsup !
User avatar
chach
Member
Member
Posts: 1999
Joined: Fri May 31, 2013 2:22 pm
Collector: Yes
Player: Yes
White Whale: Vietnam Era Secret Weapon
Decks Owned: 0
Location: Armpit of California
Has thanked: 237 times
Been thanked: 280 times
Contact:

Re: An important PSA from nECrO

Unread post by chach »

I was reading an article on that the other day and first thing I thought of was Mike's lecture on password security when he took over the site. Maybe as a precaution mgmt should think about requiring a password reset here.

Actually, come to think of it, that may send the wrong message and have people think that this site was one of the ones compromised, which considering Mike's background I highly doubt it was.

Regardless though, as Necro said, resetting your passwords net wide is a damn good idea. Now I just need to think of some new passwords, used to have some good ones that were easy to remember. Now they're possibly all crap. Back to the drawing board I guess.
WTB/WTT: Vietnam Era Bicycle Secret Weapon Deck
User avatar
nECr0MaNCeD
Member
Member
Posts: 1233
Joined: Thu Mar 13, 2014 11:46 pm
Cardist: Yes
Collector: Yes
Player: Yes
Magician: Yes
Decks Owned: 677
Location: Silver Spring, MD
Has thanked: 215 times
Been thanked: 131 times

Re: An important PSA from nECrO

Unread post by nECr0MaNCeD »

chach wrote:I was reading an article on that the other day and first thing I thought of was Mike's lecture on password security when he took over the site. Maybe as a precaution mgmt should think about requiring a password reset here.

Actually, come to think of it, that may send the wrong message and have people think that this site was one of the ones compromised, which considering Mike's background I highly doubt it was.

Regardless though, as Necro said, resetting your passwords net wide is a damn good idea. Now I just need to think of some new passwords, used to have some good ones that were easy to remember. Now they're possibly all crap. Back to the drawing board I guess.
Anagrams of sentences are really good and easy to remember. I will sometimes put numbers and symbols in the middle. Example. This is Necros 6^6 new Pass word So piss Off = TiN6^6nPwSpO.

Considering what Mike does for a living I feel safer but the hosting company is always a weak link. Unless of course Mike has the servers in his basement. :ugdance:
If it's too loud.... you're too old!
User avatar
MagikFingerz
Site Admin
Site Admin
Posts: 7778
Joined: Mon Sep 24, 2012 7:32 pm
Cardist: Yes
Collector: Yes
Player: Yes
Magician: Yes
White Whale: Sawdust and Delicious + uncuts
Location: Norway
Has thanked: 1763 times
Been thanked: 1508 times
Contact:

Re: An important PSA from nECrO

Unread post by MagikFingerz »

Query: Let me know if this sounds safe - similar to the way most people unlock their smart phone, making a pattern on the keyboard for the password. Example: BhU89iJn (straight lines from B up to 8 and 9 down to N).

Thanks for the warning btw, most of my passwords are way overdue :roll:
- Tom

Check out my collection

My (abandoned and now severely outdated) Playing Card Wiki
User avatar
Mike Ratledge
Site Admin
Site Admin
Posts: 5496
Joined: Sat Nov 02, 2013 4:25 pm
Collector: Yes
Player: Yes
White Whale: OG USPCC Vanity Fair [mint]
Decks Owned: 7800
Location: Awendaw/McClellanville (Charleston county) S.C.
Has thanked: 1911 times
Been thanked: 760 times

Re: An important PSA from nECrO

Unread post by Mike Ratledge »

You can't really overdo it for passwords, but I do agree it looks bad to require resets unless you have a good reason, and it may well give people the impression that you were hacked.

I use a password vault program that generates random passwords and for most sites I have no idea what the password even is.
>Mike<
"You can't please everyone, so you've got to please yourself"
They say "Ignorance is bliss". Obviously, some people are much happier than others...

Members are encouraged to
Show Us Your Cards!


Our UC2021 Decks entitled
"Odd Fellows"
by Lorenzo Gaggiotti / @Stockholm17
Coming soon: AKA
«Eighth Annual Decks»


UC members help maintain Portfolio52
THE Playing Card Database Online
Contact ecNate for details and access


UC2019 "Seventh Annual Decks"
by Montenzi Design
Funded 207% on KS: HERE


>>> UC Deck Sales <<<


Insert disclaimer here...
All information posted as fact is accurate at the time of posting to the best of my knowledge.
User avatar
montecarlojoe
Moderator
Moderator
Posts: 2529
Joined: Mon Jun 24, 2013 7:10 am
Collector: Yes
Player: Yes
White Whale: Avant Guard UL Gr - No17 Crown
Decks Owned: 690
Location: Portsmouth, England
Has thanked: 253 times
Been thanked: 268 times
Contact:

Re: An important PSA from nECrO

Unread post by montecarlojoe »

Yep me too now - LastPass is very good and supports mobile and two stage authentication.
User avatar
nECr0MaNCeD
Member
Member
Posts: 1233
Joined: Thu Mar 13, 2014 11:46 pm
Cardist: Yes
Collector: Yes
Player: Yes
Magician: Yes
Decks Owned: 677
Location: Silver Spring, MD
Has thanked: 215 times
Been thanked: 131 times

Re: An important PSA from nECrO

Unread post by nECr0MaNCeD »

MagikFingerz wrote:Query: Let me know if this sounds safe - similar to the way most people unlock their smart phone, making a pattern on the keyboard for the password. Example: BhU89iJn (straight lines from B up to 8 and 9 down to N).

Thanks for the warning btw, most of my passwords are way overdue :roll:
Sorry for the delay getting back to you. Lines on the keyboard would be better than dictionary words but not really good. It would be similar to using qwerty. Password crack programs have look for patterns such as these. Mike's suggestion about password vault programs is a good one.
If it's too loud.... you're too old!
Post Reply

Who is online

Users browsing this forum: No registered users and 29 guests