What's new
What's new

OT... Thy last ditch effort for help unlocking my Facebook account.

I looked at a couple "Password manager" apps. I don't understand how they work? So when I go to login to PM what happens? The app logs in for you? Or do you copy and paste your password from the app to whatever it is your logging into?

Are your passwords stored off site so to speak? If my laptop takes a dump or my phone gets broken beyond use how does a user recover their passwords?

Brent

Can anyone answer any of the questions from that ^^ post up there? Is there a recommended password manager app?

Brent
 
Can anyone answer any of the questions from that ^^ post up there?
Software equivalent of a large building's "key cabinet", where ONE key grants acess to ALL OTHER keys. That's why they are the first target.

Usually found as:

- part of your Operating System, or a "keyring" application for it.

- your Mail User Agent

- each browser, for those among us who run "many"

.. as "all of the above" and more. just to name the more common ones.

Out on a "cloud" owned by others is about the LAST place to put that, but there has never been any shortage of willing fools, so...

May as well sharpie it onto the wall of a toilet stall in a busy airport. Fewer folks will see it, fewer-yet will pay it any mind.

Otherwise, it is a target.

Is there a recommended password manager app?

Brent

The human mind. It is more often aware when it is under attack. it is better able to fight back. Exercise is good for it.

Use it or lose it thing.

Not s**ting you. For-real.

Putting "convenience" over caution and what has become UNcommon sense is how humans - or other domesticated food animals, be it butter, eggs, milk, meat, or money - become so easily harvested.
 
Software equivalent of a large building's "key cabinet", where ONE key grants acess to ALL OTHER keys. That's why they are the first target.

Usually found as:

- part of your Operating System, or a "keyring" application for it.

- your Mail User Agent

- each browser, for those among us who run "many"

.. as "all of the above" and more. just to name the more common ones.

Out on a "cloud" owned by others is about the LAST place to put that, but there has never been any shortage of willing fools, so...

May as well sharpie it onto the wall of a toilet stall in a busy airport. Fewer folks will see it, fewer-yet will pay it any mind.

Otherwise, it is a target.



The human mind. It is more often aware when it is under attack. it is better able to fight back. Exercise is good for it.

Use it or lose it thing.

Not s**ting you. For-real.

Putting "convenience" over caution and what has become UNcommon sense is how humans - or other domesticated food animals, be it butter, eggs, milk, meat, or money - become so easily harvested.

So is a typical device encrypted better than a password manager? Seems if it is 4X more difficult to actually get into someone's computer or device then cracking the password manager wouldn't be all that hard to do for a "Hacker" once inside. If that's the case then I don't see a point in running one. You also have to worry about your password being compromised on the other end, such as here on PM, Amazon or whoever has it. Which is good reason to have several, the bitch is keeping track of them. I highly doubt a person trying dick with your stuff would look through all your pictures, maybe write them on paper then snap a photo then hide it in a password protected Zip file? What a freaking pain in the ass!

Brent
 
So is a typical device encrypted better than a password manager? Seems if it is 4X more difficult to actually get into someone's computer or device then cracking the password manager wouldn't be all that hard to do for a "Hacker" once inside. If that's the case then I don't see a point in running one. You also have to worry about your password being compromised on the other end, such as here on PM, Amazon or whoever has it. Which is good reason to have several, the bitch is keeping track of them. I highly doubt a person trying dick with your stuff would look through all your pictures, maybe write them on paper then snap a photo then hide it in a password protected Zip file? What a freaking pain in the ass!

Brent

Been playin' at it since vacuum tubes did the math. I used one back when I had a zillion apps and servers to mind. Otherwise, used building names, street addresses, rack slots, etc as part of a memory trick and did not risk it.

Generally, those who harvest them don't look at all. They simply sell the lists - more than once - to others who each automate the "data mining" of them for one sort of advantage or another.

How secure is anything "on-box"? Not very, once a copy is taken-away over the 'net to be attacked elsewhere with heavier hammers and plenty of time. More often, malware is installed on-box to watch, collect, send off a continuing stream of info, as Huawei was caught doing in HARDWARE, even.

Been sofware infection on Windows boxes since forever-ago, Android & Mac more recently. The typical Winbox may have over two-dozen different cooties in place that a "Virus Checker" misses.

If THAT is a PITA? Consider this. Folks who have the need - HSBC online banking clients, to name but one - have a PHYSICAL keyring with a whole collection of battery-powered crypto gadgets that generate an account-unique, challenge-unique matching response code to a challenge put onto the screen as part of their login process.

Others of our banks - and the US Social Security Administration - chase similar goals by sending a fresh login code to your device, each session.

There are means to defeat every one of these. Some are just faster and cheaper than others.

An instructor I studied under a Very Long Time ago published a couple of good books on all of that [1].

It's like a pyramid, risk is.

At the sharp, pointy, top, might sit ONE entity with security so good only ONE opponent has the wherewithal to even press an attack. which may fail. At the wide base, anyone can beat anyone else.

"Spending" and "smarts" are how you move up the pyramid - making it harder and harder to be victimized.

Another mentor - and my next-higher for ten years made it simple:

We cannot afford the grade of safes and interlocking alarm systems you would like to have.

We CAN afford systems JUST enough better than OTHER firms have that any attacker expert enough to beat us will pick the other guy as an easier target, and any attacker not as expert will get caught before they can complete the break-in.

Ten years at it, I had one break-in that left two dead, police officer and an alarm company tech, another maimed, store manager.

Human error.

Three rings of alarm had tripped, Perimeter, area, point - in sequence, exactly as they should have. The fatal mistake was failure to trust what that said, then walk in rather than cordon-off and await backup.

Bugged me. But statistically? Hard to have done better, as many sites as were involved, how attractive the target, (Jewellery stores..) and how long the span of time.

:(


[1] Robert Rosberg: A Prectitioner's Guide To Security Risk Management for basic study, Game of Thieves for real-world examples of some of the more daring crimes.

NEWER material - some of it written by my own younger, former partners can fill up your house or several hard drives. Biggest "business" on-planet by now, electronic thievery and warfare, and the resistance to it, government agencies' budgets are counted.
 
I use a password manager, the passwords are coded in the app( by me) it’s simple enough that I can remember it, but even if someone broke the encryption, it’s highly unlikely that someone could figure out the actual password. Even the site (bank)names are not really the ones I use
Now a keystroke logger or camera? , game over


Sent from my iPhone using Tapatalk Pro
 
I use a password manager, the passwords are coded in the app( by me) it’s simple enough that I can remember it, but even if someone broke the encryption, it’s highly unlikely that someone could figure out the actual password. Even the site (bank)names are not really the ones I use
Now a keystroke logger or camera? , game over


Thank you! This is the stuff I was wondering about. If you don't mind which one do you use?

Brent
 
Yes you CAN remember frequently used passwords if you make them something you can remember.

Favorite machine tool, etc.?

Use the number and letter acronym as part of a password:

" 4log10EEface? " is something I just came up with now. It translates as " for logging in 10EE lathe facebook ". It satisfies minimum length requirements and contains numeric, lowercase and special characters as required by some sites.

How about this one? " b4I4qkissamee " looks like gibberish but it reads as an old bawdy phrase.

First car? the name of one you always wanted to own (or swore you never would).

Favorite pet? The name of your least favorite girlfriend. :D

Ad infinitum

It's not that hard to have a half dozen or more passwords that are easy to remember but almost impossible to guess. The main thing is to avoid anything that might be common knowledge about you or in some database.
 
Now a keystroke logger ...

LOL! Yazz. I remember the easy-times when on a so-called-secure Winbox, all one had to do was read the plaintext log the WIN-serf sheeple didn't know was a bog-standard, built-in and "helpful" Win-feature!

I can't be bothered to even wonder if that still has a modern-day counterpart. I just presume Win is wot it is. Not intended to be secure, and very successful at implementing said intention against all resistance, no matter how well-funded, nor by what government!

KEEPING it exploitable, is, after all, how Gates & Co. could LOSE a Government anti-trust lawsuit, yet go on to be so well-paid.

Predictable that the hooverments who exploited that thought they were smarter than pirates hungrier than they were.

Sure got THAT wrong, yah?

:)
 
You can use one password at multiple sites. I have different “level” passwords, banks and retirement accounts? They get the most complicated. A site like PM or countless others I’m on- real simple and nothing like the banks passwords. Who cares if someone “hacks” my PM account.


Sent from my iPhone using Tapatalk Pro
 
You can use one password at multiple sites. I have different “level” passwords, banks and retirement accounts? They get the most complicated. A site like PM or countless others I’m on- real simple and nothing like the banks passwords. Who cares if someone “hacks” my PM account.

Probably run one of the "major" operating systems, and the popular applications too?

Dream on.

One tiny raveling fiber leads to a thread, leads to a fabric, can easily lead to the whole b***y wall-to-wall carpet being yanked out from under yer life.

Read the funny papers. Not as if that were news.
 
You can use one password at multiple sites. I have different “level” passwords, banks and retirement accounts? They get the most complicated. A site like PM or countless others I’m on- real simple and nothing like the banks passwords. Who cares if someone “hacks” my PM account

This reminds me we have 401k through Merrill Lynch where I work. They send paper statements to the house every 3 or 6 months, I don't remember the wife gets them. Anyhow I can't get on the website anymore because I don't remember something, either the username or password one? I can call them I just haven't yet going 3 or 4 years now. No kidding...

Brent
 
This reminds me we have 401k through Merrill Lynch where I work. They send paper statements to the house every 3 or 6 months, I don't remember the wife gets them. Anyhow I can't get on the website anymore because I don't remember something, either the username or password one? I can call them I just haven't yet going 3 or 4 years now. No kidding...

Brent

As we age.... or just shift to other interests... time cometh to make a plan to manage all this stuff - and implement it. We also put a Lawster and a new will into the mix, just recently. A small extra fee, added a much YOUNGER lawyer as built-in successor.

Sore troublesome that inactivity will actually flag a person for cessation of benefits or ownership. Their game. You can lose.

Some firms do it a-purpose as a farming activity - then git caught and find theirselves fined for it. One of the major insurance and pension-payers so nailed, just recently.

My bet is they are already doing it again. The fines have become just one more cost of doing business, Finansters game.

M-L are a BofA property, as I'm sure you already know. You can actually go and speak with live humans, branch near you. Faster, most days, even if NOT so near, than settin' on the phone while an Artificial Idiot yammers sales pitches in your ear.

Also check history. 46 years with BofA, but even so:

Bank of America | Violation Tracker

Not perfect, but I'm happier, 53 years on and counting with these folk:

USAA | Violation Tracker
 
I'd be suspicious that that device has caught some kind of malware.

One should be able to ask for a password reset by calling Facebook directly.

For things like Facebook passwords, the threat is not that hackers will fly around the world and break into your house, so it's OK to write those passwords down. But use multiple passwords, so when there is a compromise, the damage is limited.
 
I'd be suspicious that that device has caught some kind of malware.

One should be able to ask for a password reset by calling Facebook directly.

For things like Facebook passwords, the threat is not that hackers will fly around the world and break into your house, so it's OK to write those passwords down. But use multiple passwords, so when there is a compromise, the damage is limited.

How would you check or know if you have a virus or malware?

I had zero luck on calling them the only number I had was definite not them. They don't offer any phone support, that'd help if I could talk to someone.

Brent
 
How would you check or know if you have a virus or malware?

Try to get in from some other device using your credentials.

Be aware that your account may already been owned. If this is the case, only Facebook can solve the problem.

Google on the exact words that come up when you try on your original device.

I had zero luck on calling them the only number I had was definite not them. They don't offer any phone support, that'd help if I could talk to someone.

Google on Facebook and look for a contact email address, or perhaps a forum. Or a place to report security problems. (I'm not in Facebook, so I don't know the best path.)
 
Dashlane is a free Android app that acts as a password manager. Use one master password (or your fingerprint) to unlock it, and store your various logins and passwords inside it.
 
Oh man, you beat me to it. Why in the world would anyone want a Face Book account?

:popcorn:

I remember when Facebook first became popular. I had this conversation with several friends and relatives.

THEM: I'm signing up for this great new site where I can chat with others about personal things, post family photos, etc.

ME: You mean you're going to put all this stuff online, post details of your life, send messages to friends and relatives and expect to keep any of it private?

Them: It's completely secure, I can control who sees my stuff and at what level.

Me: Good luck with that!

Years later as I hear the complaints about invasion of privacy and all the other problems the flies are having on the spider's web, all I can think is "People like me did try to warn you".
 








 
Back
Top