Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
01-07-2017, 09:51 PM
|
#1
|
Member
Registered: Jan 2017
Location: Coffs Harbour NSW Australia
Distribution: ubuntu 20.04
Posts: 35
Rep:
|
Hello and explanation
I did post a newbie question previously, but now that I have sorted things out, I am back as a new member. I will not cheat the system and this is my only "name" for Linux questions.
My previous ask was about being taken over by a rogue site and how to get rid of it.
I was given two answers, but by that time I had "Search and Destroy" the site, in other words, by accident I happened to find how to get rid of it, everything seems back to basics now.
Thank you for the two answers, but one of them left me out. I am 78, my learning curve has almost flattened right out and I do not know how to work the inner forbidden land of whatitsname, you know the guts of the thingo. I can't think of what they call it.
My other problem, one that no one can help me with, is I have lost my little book of passwords, even when I go to Logmein123 it asks for a password that is in the little book.
I will have to set up a kindergarten system.
You can all call me Pete if ya' wanna'.
Last edited by Lplater38; 01-07-2017 at 09:54 PM.
Reason: 2 things happen when you get old, one is you start to lose your memory and I forget what the other one is.
|
|
|
01-07-2017, 10:46 PM
|
#2
|
Member
Registered: Aug 2016
Distribution: Mint 19.1
Posts: 419
Rep:
|
Many of the sites you use passwords for have another way of identifying you and letting you reset you password. Look for a 'Forgot Password' button or something similar. On programs or other places you may be out of luck. That's the thing about passwords. Banks will often have a phone number you can call and they can reset your password. If you are talking about a program, often you can reinstall the program and start over without losing saved data - or you can move the data so you don't lose it before you reinstall. Speaking in generalities is difficult because there are many, many possibilities. So try being a little specific about what needs the password and perhaps someone can help.
I don't know how you decide on your passwords and that can often be a problem. There are programs, as I think you know, that can help and it sounds like you are using one. One word of caution: how far do you trust them? Are they hackable? The answer is yes. The variables are how long it takes and how hard it is. Remember, ANY SECURITY SYSTEM DEVISED BY MAN CAN BE DEFEATED BY MAN . . . EVENTUALLY! However, all is not lost. Sometimes the time required is a little longer than the universe is expected to survive. But, technically . . . .
A system I have found useful to create a fairly strong but memorable password is to use a sentence, nonsense or not, that means something to you but is not obvious. Then take the first (or third, or fourth) letters of each word and use them to form your password. Replace common words (in, of the, to or anything that makes sense to you) with special characters such as # or _ or - or . or ,, whatever makes sense. Throw in a capital or two where it makes sense to you. You now have a password that is easier to remember. It doesn't solve your problem, but it helps. Believe me, I am not too far behind you and have also forgotten the same thing, but this system HELPS. The sentences can be written as part of a paper journal or something so you can recreate the passwords when necessary without being obvious.
You might also look into keeping a file encrypted by GNUPG or veracrypt so there is only one password or pass phrase to remember. Both of these put you into the realm of a billion years to decrypt according the the math wizards, or at least several thousand and after that long I think neither one of us will care.
One more thing to realize: there are two types of people, those who have and those who will. You have joined the group of those who have. Welcome to the club.
|
|
|
01-08-2017, 12:26 AM
|
#3
|
Senior Member
Registered: Jan 2007
Location: Wild West Wales, UK
Distribution: Linux Mint 22 MATE, Peppermint OS-Devuan, EndeavourOS
Posts: 4,265
|
Lplater38,
Welcome to LQ.
As agillator has stated, there are usually ways of resetting a forgotten or lost password.
Just go through your list of forgotten passwords and make new entries in a new Little Book of Passwords.
The chances are that your original BOP will show up when you least expect it.
I would NOT recommend that you give anybody remote access to your computer. That is a recipe for disaster!
I recommend that you use this random password generator:
http://passwordsgenerator.net/
Select the length of the password. 12 is a good minimum.
Click on “Generate Secure Password” and write this down BEFORE entering it on a new account.
Failure to do so means that you have no record of the password and you will be back to square one again!
Please ignore the nonsensical suggestion on how to "remember your password with the first letters of each word in this sentence".
Do you think you can remember:
walmart 5 NUT QUEEN hulu APPLE < ] drip , - VISA USA ZIP GOLF ?
to reveal your password:
w5NQhA<]d,-VUZG?
NB Scroll down the above link page for tips on what NOT to do.
|
|
|
01-08-2017, 01:48 AM
|
#4
|
Member
Registered: Aug 2016
Distribution: Mint 19.1
Posts: 419
Rep:
|
Everyone has an opinion. If you want a truly random password, use a random generator. Every computer I know of has one. Using a web site provides an access point for a hacker, and again, how much do you trust their security and honesty? Writing down a password in ANY form is a security violation (perhaps necessary, but a major weakness anyway). The first question to be asked is do you want truly random (most secure) or something that can be remembered (not as secure, but can still be very secure). How are passwords cracked? If you have a truly random password and a 'nearly' random password that does NOT fall into any of the easily searchable categories (dictionary words, most used passwords, etc) and contains lower case, upper case and special characters then brute force or some type is probably required. Remember that a brute force attempt to crack a password can be a very long process. 12 characters? Why not 15, or 20, or 100, anything you can remember that will require a brute force attack. The mathematics involved are simple. If you select your characters from a population consisting of uppercase letters A-Z, lower case letters a-z, numbers 0-9, and special characters #*_-=+!@, for example, and have a password 15 characters long, then there are 70 to the fifteenth possibilities or approximately 4.74756 times 10 to the 27th. Now a cracker probably won't need to try all. The laws of probability say that the chances of the password being the last one available are very small. The actual password would probably be found somewhere near the middle of the search. That is still a whole lot of trying. Add to that the fact that most internet sites put a limit on the number of sequential unsuccessful attempts before they take some action - locking an account for some period of time or something - and many sites and programs purposely delay reporting whether a password is correct or not for a second or so, hardly noticeable to a human. Cracking a password without luck can be a very long process. Quite honestly how you arrive at a password doesn't matter a whit as long as there are no shortcuts to cracking it. The method I suggested is not truly random, but some judgment in using it, where and how you apply capitals and special characters makes it nearly random and does not decrease the effort dramatically. Note also that GNUPG and veracrypt (and others) require a 'pass phrase' not a 'password'. A pass phrase is simply a longer password that also uses more special characters (spaces for example). Twas brillig, and the slithy toves Did gyre and gimble in the wabe would be easy to remember (but not hard to hack). But, you could come up with something of similar length that was NOT easy to hack, and imagine how long it would take to crack that?
One more comment: let's not argue about how many angels can fit on the head of a pin. Security does not necessarily mean keeping someone from the information forever. Depending on the data and the needs, five minutes may be long enough, or an hour, or a week, etc. If you change passwords every 90 days, then a password that will take 180 days to crack is just as secure as one that will take 1000 years to crack. If you never change a password (a foolish and dangerous approach) then the 180 day password would not work at all.
When my mother was 70 something years old someone suggested something to help with her arthritis. She asked her doctor about it. He said that he had heard of it, that it appeared to help in the short term, but no studies had been done to see if it had any serious side effects 20 years down the road. Her response: 'I probably won't care 20 years down the road.'
Finally, you will find lots of experts on all subjects. Remember that you have to evaluate their advice. Advice tends to be worth what you pay for it, on the one hand, and an expert? Well, break the word down into its parts: ex - old, has been, over the hill; spurt - a drip under pressure. What you do and how you do it is up to you.
|
|
|
01-08-2017, 03:44 AM
|
#5
|
Senior Member
Registered: Jan 2007
Location: Wild West Wales, UK
Distribution: Linux Mint 22 MATE, Peppermint OS-Devuan, EndeavourOS
Posts: 4,265
|
agillator,
I gave the OP password security advice based on the information he supplied.
|
|
|
01-08-2017, 05:27 AM
|
#6
|
LQ Guru
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,524
|
I grab some object with printing on it--could be a serial card, a pill bottle, a laser pointer, remote control, and make a password from the labeling. Then I just have to remember the object and not to throw it out. On certain websites I don't even pretend I'll remember the password. I just change it every visit with the 'lost your password' function. For encrypted devices I use a passphrase.
|
|
|
01-08-2017, 06:16 PM
|
#7
|
Member
Registered: Jan 2017
Location: Coffs Harbour NSW Australia
Distribution: ubuntu 20.04
Posts: 35
Original Poster
Rep:
|
Passwords lost and found
Wow! Thank you everyone for your information. I have consumed most of it and will be applying some of it.
I have often thought that if anyone gets into my On Line Bank that they will probably say..."Poor Old Bugga!" and deposit $50.00 for me. LOL
I am with a credit union and they were once customer friendly, now like all money makers, customers that have hundreds of thousands deposited are customers, pensioners are the little parasites that make their life miserable, it seems.
I joined this organization when they first started and were crawling to all working groups to support them...and so the story goes.
I have tried to ring them this morning to renew my password, but they are "very Busy", so I will have to go to the local office and do my 'On line Banking' there.
Say la vee! yes incorrect spelling, but I do not care, I have a dose of the....whatevers!
Last edited by Lplater38; 01-08-2017 at 06:17 PM.
|
|
|
All times are GMT -5. The time now is 07:00 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|