CHASE ARE YOU KIDDING ME?

[JS80]

Originally posted by: MTDEW
I keep all my passwords in a file on my external hard drive along with all my backup software/saves and complete image of my pc's hard drive.
And i never plug in that external hard drive unless i need to grab a file off of it or restore my pc.
And of course important data is encrypted.

Admittedly sometimes its a pain to keep the external hard drive's files updated as i go.
But its well worth the effort cuz theres no way on earth i can remember all my username and passwords especially when im forced to change them periodically.

what do you if the HD fails or gets stolen or your house burns down?

 

[Terabyte]

I still have the message on my Wamu page - "Over the next few weeks, we'll ask you to change your User Name to transition your account access to Chase OnlineSM. Learn more." Chase/Wamu hasn't asked me to change my user name...

Unfortunately, I have a Chase bank account / 1 cc through them (before Chase bought Wamu) and a Wamu account. I'll probably have two separate accounts when they transition my Wamu over to Chase....

 

[MTDEW]

Originally posted by: JS80

Originally posted by: MTDEW
I keep all my passwords in a file on my external hard drive along with all my backup software/saves and complete image of my pc's hard drive.
And i never plug in that external hard drive unless i need to grab a file off of it or restore my pc.
And of course important data is encrypted.

Admittedly sometimes its a pain to keep the external hard drive's files updated as i go.
But its well worth the effort cuz theres no way on earth i can remember all my username and passwords especially when im forced to change them periodically.

what do you if the HD fails or gets stolen or your house burns down?

Well i have a backup house with a backup hard drive with a theft security system located next to my local firestation.
Doesnt everyone?

 

[waffleironhead]

I had this exact same problem with my online billpay. I emailed them and told them it is actually less safe to require me to change my password so often as then i will be forced to write it down somewhere rather than memorizing it. They happily edited my account so i do not have to change it. They do send emails reminding me that it is in my best interest to change it, but no longer is required.

This is something I go on about at work as well. The network admins require changes way too often, but then again the idiots dont set a password history, so every month I change it then change it back right way.

 

[Ns1]

Originally posted by: Terabyte
I still have the message on my Wamu page - "Over the next few weeks, we'll ask you to change your User Name to transition your account access to Chase OnlineSM. Learn more." Chase/Wamu hasn't asked me to change my user name...

Unfortunately, I have a Chase bank account / 1 cc through them (before Chase bought Wamu) and a Wamu account. I'll probably have two separate accounts when they transition my Wamu over to Chase....

I now have like 4-5 usernames...

 

[Appledrop]

you know whats funny? shit like this makes it less secure as people have to make notes of their password

 

[Red Squirrel]

someone had done a "study" where I work and like 70% of people have their password under their keyboard LOL. Sometimes strict password policies actually revert the whole purpose and forces people to write down their passwords.

Personally I think 8 char 1 cap 1 number and reset every 3 months is how it should be. Anything more and it's just ridiculous.

 

[Locut0s]

Originally posted by: gorcorps
Hmmm... that means that Chase is keeping a database of all used passwords. Doesn't exactly sound smart or safe in any way.

No it doesn't mean that. Usually passwords are run through a one way hash algorithm that generates random garbage. The key is that it's a ONE way algorithm that generates a unique piece of garbage for each possible unique entry. It's this garbage output they keep and compare with not the original passwords and there is no mathematical way of deriving the original password from the hashed mess.

 

[RagingBITCH]

Shut up

 

[Aluvus]

Get KeePass or an equivalent, store passwords (and usernames) in an encrypted database, stop worrying about such things.

 

[randomlinh]

keepass on truecrypt volume secured by password and key file.

on top of that, I usually use pass phrases that are modified systematically with symbols and numbers. the problem of course is when I run into a damn website that has some stupid 8 or 10 character restriction and/or no symbols/spaces.

 

[Shadow Conception]

Originally posted by: Locut0s

Originally posted by: gorcorps
Hmmm... that means that Chase is keeping a database of all used passwords. Doesn't exactly sound smart or safe in any way.

No it doesn't mean that. Usually passwords are run through a one way hash algorithm that generates random garbage. The key is that it's a ONE way algorithm that generates a unique piece of garbage for each possible unique entry. It's this garbage output they keep and compare with not the original passwords and there is no mathematical way of deriving the original password from the hashed mess.

Is there any way at all to get the original password?

 

[guyver01]

Originally posted by: Ns1
I only got 5 "master" passwords

Someone didn't bother reading my carefully prepared memo on commonly-used passwords. Now, then, as I so meticulously pointed out, the four most-used passwords are: love, sex, secret, and... god. So, would your holiness care to change her password?

 

[Miramonti]

Roboform

(windows only, but worth every penny)

 

[AndrewR]

Try having passwords on multiple government networks that require 12-15 minimum characters with lower and upper case, numbers, and special characters, and the password cannot be a word, keyboard pattern, name, or even a word or name that has special characters substituted for letters!

Oh, and I forgot: You can't use your last 5-10 passwords, depending on the network.

When are biometrics going to be reliable and available?

 

[dud]

Stop complaining and do something about it.

Close your account and give your business to someone else.

 

[Tiamat]

I write down clues that mean something to me for each of my revolving passwords and new versions of the revolving passwords. No way could I remember each of them without clues.

 

[Arcadio]

My system of generating passwords and remembering them is foolproof: what I do is choose the name of one of my past girlfriends and then add the 2 or 4-digit year when we started dating. For example: Andrea98 or Lissete2003. I've using this system for years and I can always remember my passwords. Instead of girl's names you can names of anything, as long as it's something very familiar.

 

[alkemyst]

the latest is at least one capital, two numbers and a number cannot end or begin the password...

 

[Capt Caveman]

Originally posted by: Arcadio
My system of generating passwords and remembering them is foolproof: what I do is choose the name of one of my past girlfriends and then add the 2 or 4-digit year when we started dating. For example: Andrea98 or Lissete2003. I've using this system for years and I can always remember my passwords. Instead of girl's names you can names of anything, as long as it's something very familiar.

Shens. Did you ask these girls if they'd be your girlfriend on the first date?

 

[Arcadio]

Originally posted by: Capt Caveman

Originally posted by: Arcadio
My system of generating passwords and remembering them is foolproof: what I do is choose the name of one of my past girlfriends and then add the 2 or 4-digit year when we started dating. For example: Andrea98 or Lissete2003. I've using this system for years and I can always remember my passwords. Instead of girl's names you can names of anything, as long as it's something very familiar.

Shens. Did you ask these girls if they'd be your girlfriend on the first date?

No. Not really.

 

[Capt Caveman]

Originally posted by: Arcadio

Originally posted by: Capt Caveman

Originally posted by: Arcadio
My system of generating passwords and remembering them is foolproof: what I do is choose the name of one of my past girlfriends and then add the 2 or 4-digit year when we started dating. For example: Andrea98 or Lissete2003. I've using this system for years and I can always remember my passwords. Instead of girl's names you can names of anything, as long as it's something very familiar.

Shens. Did you ask these girls if they'd be your girlfriend on the first date?

No. Not really.

Oh Really....

 

[dullard]

I don't mind rotating passwords too much, I just increment a letter or a number or a symbol to the next one and send myself an email reminding me of what increment I'm on.

What bothers me is massively excessive passwords to websites that don't need security. Here is an honest (old) password given to me from the Bill and Melinda Gates Foundation:

X:Rd+l|&a*}L

Now you tell me. In the middle there. Is that a capital letter "i", or a lower case letter "L" or the symbol over the "\" key? I really don't have a freaking clue. After multiple failed attempts I had to just ask for another password. There is no security issue there if someone broke in. It isn't like they'd have access to money or any personal information that can't be found elsewhere.

 

[Rachael]

Just come up with a base password and change small aspects of it. Or do the first letter of the each word to a line from a song plus a couple of numbers at the end, and then next time do the same thing with the next line of the song.

 

[purbeast0]

yea i have this really stupid password thing with my timesheet software at work.

i think the password resets every 6 weeks, or maybe 8 weeks. it can't be any of your past 3 passwords.

well since i only log in to this site 3 or 4 times per password, i tend to forget which one of my "master passwords" i have used. so sometimes I just keep trying them till i finally get it.

the thing is, after 3 failed password attempts, it locks your damn account and i have to go talk to someone in HR to make me a new password.

what a terrible password system.