LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-07-2017, 08:51 PM   #1
Lplater38
Member
 
Registered: Jan 2017
Location: Coffs Harbour NSW Australia
Distribution: ubuntu 20.04
Posts: 35

Rep: Reputation: Disabled
Hello and explanation


I did post a newbie question previously, but now that I have sorted things out, I am back as a new member. I will not cheat the system and this is my only "name" for Linux questions.

My previous ask was about being taken over by a rogue site and how to get rid of it.

I was given two answers, but by that time I had "Search and Destroy" the site, in other words, by accident I happened to find how to get rid of it, everything seems back to basics now.

Thank you for the two answers, but one of them left me out. I am 78, my learning curve has almost flattened right out and I do not know how to work the inner forbidden land of whatitsname, you know the guts of the thingo. I can't think of what they call it.

My other problem, one that no one can help me with, is I have lost my little book of passwords, even when I go to Logmein123 it asks for a password that is in the little book.

I will have to set up a kindergarten system.

You can all call me Pete if ya' wanna'.

Last edited by Lplater38; 01-07-2017 at 08:54 PM. Reason: 2 things happen when you get old, one is you start to lose your memory and I forget what the other one is.
 
Old 01-07-2017, 09:46 PM   #2
agillator
Member
 
Registered: Aug 2016
Distribution: Mint 19.1
Posts: 419

Rep: Reputation: Disabled
Many of the sites you use passwords for have another way of identifying you and letting you reset you password. Look for a 'Forgot Password' button or something similar. On programs or other places you may be out of luck. That's the thing about passwords. Banks will often have a phone number you can call and they can reset your password. If you are talking about a program, often you can reinstall the program and start over without losing saved data - or you can move the data so you don't lose it before you reinstall. Speaking in generalities is difficult because there are many, many possibilities. So try being a little specific about what needs the password and perhaps someone can help.

I don't know how you decide on your passwords and that can often be a problem. There are programs, as I think you know, that can help and it sounds like you are using one. One word of caution: how far do you trust them? Are they hackable? The answer is yes. The variables are how long it takes and how hard it is. Remember, ANY SECURITY SYSTEM DEVISED BY MAN CAN BE DEFEATED BY MAN . . . EVENTUALLY! However, all is not lost. Sometimes the time required is a little longer than the universe is expected to survive. But, technically . . . .

A system I have found useful to create a fairly strong but memorable password is to use a sentence, nonsense or not, that means something to you but is not obvious. Then take the first (or third, or fourth) letters of each word and use them to form your password. Replace common words (in, of the, to or anything that makes sense to you) with special characters such as # or _ or - or . or ,, whatever makes sense. Throw in a capital or two where it makes sense to you. You now have a password that is easier to remember. It doesn't solve your problem, but it helps. Believe me, I am not too far behind you and have also forgotten the same thing, but this system HELPS. The sentences can be written as part of a paper journal or something so you can recreate the passwords when necessary without being obvious.

You might also look into keeping a file encrypted by GNUPG or veracrypt so there is only one password or pass phrase to remember. Both of these put you into the realm of a billion years to decrypt according the the math wizards, or at least several thousand and after that long I think neither one of us will care.

One more thing to realize: there are two types of people, those who have and those who will. You have joined the group of those who have. Welcome to the club.
 
Old 01-07-2017, 11:26 PM   #3
beachboy2
Senior Member
 
Registered: Jan 2007
Location: Wild West Wales, UK
Distribution: Linux Mint 20 MATE, MX-19.3, antiX, EndeavourOS
Posts: 3,323
Blog Entries: 17

Rep: Reputation: 1262Reputation: 1262Reputation: 1262Reputation: 1262Reputation: 1262Reputation: 1262Reputation: 1262Reputation: 1262Reputation: 1262
Lplater38,

Welcome to LQ.

As agillator has stated, there are usually ways of resetting a forgotten or lost password.

Just go through your list of forgotten passwords and make new entries in a new Little Book of Passwords.

The chances are that your original BOP will show up when you least expect it.

I would NOT recommend that you give anybody remote access to your computer. That is a recipe for disaster!

I recommend that you use this random password generator:
http://passwordsgenerator.net/

Select the length of the password. 12 is a good minimum.

Click on “Generate Secure Password” and write this down BEFORE entering it on a new account.

Failure to do so means that you have no record of the password and you will be back to square one again!

Please ignore the nonsensical suggestion on how to "remember your password with the first letters of each word in this sentence".

Do you think you can remember:

walmart 5 NUT QUEEN hulu APPLE < ] drip , - VISA USA ZIP GOLF ?

to reveal your password:

w5NQhA<]d,-VUZG?

NB Scroll down the above link page for tips on what NOT to do.
 
Old 01-08-2017, 12:48 AM   #4
agillator
Member
 
Registered: Aug 2016
Distribution: Mint 19.1
Posts: 419

Rep: Reputation: Disabled
Everyone has an opinion. If you want a truly random password, use a random generator. Every computer I know of has one. Using a web site provides an access point for a hacker, and again, how much do you trust their security and honesty? Writing down a password in ANY form is a security violation (perhaps necessary, but a major weakness anyway). The first question to be asked is do you want truly random (most secure) or something that can be remembered (not as secure, but can still be very secure). How are passwords cracked? If you have a truly random password and a 'nearly' random password that does NOT fall into any of the easily searchable categories (dictionary words, most used passwords, etc) and contains lower case, upper case and special characters then brute force or some type is probably required. Remember that a brute force attempt to crack a password can be a very long process. 12 characters? Why not 15, or 20, or 100, anything you can remember that will require a brute force attack. The mathematics involved are simple. If you select your characters from a population consisting of uppercase letters A-Z, lower case letters a-z, numbers 0-9, and special characters #*_-=+!@, for example, and have a password 15 characters long, then there are 70 to the fifteenth possibilities or approximately 4.74756 times 10 to the 27th. Now a cracker probably won't need to try all. The laws of probability say that the chances of the password being the last one available are very small. The actual password would probably be found somewhere near the middle of the search. That is still a whole lot of trying. Add to that the fact that most internet sites put a limit on the number of sequential unsuccessful attempts before they take some action - locking an account for some period of time or something - and many sites and programs purposely delay reporting whether a password is correct or not for a second or so, hardly noticeable to a human. Cracking a password without luck can be a very long process. Quite honestly how you arrive at a password doesn't matter a whit as long as there are no shortcuts to cracking it. The method I suggested is not truly random, but some judgment in using it, where and how you apply capitals and special characters makes it nearly random and does not decrease the effort dramatically. Note also that GNUPG and veracrypt (and others) require a 'pass phrase' not a 'password'. A pass phrase is simply a longer password that also uses more special characters (spaces for example). Twas brillig, and the slithy toves Did gyre and gimble in the wabe would be easy to remember (but not hard to hack). But, you could come up with something of similar length that was NOT easy to hack, and imagine how long it would take to crack that?

One more comment: let's not argue about how many angels can fit on the head of a pin. Security does not necessarily mean keeping someone from the information forever. Depending on the data and the needs, five minutes may be long enough, or an hour, or a week, etc. If you change passwords every 90 days, then a password that will take 180 days to crack is just as secure as one that will take 1000 years to crack. If you never change a password (a foolish and dangerous approach) then the 180 day password would not work at all.

When my mother was 70 something years old someone suggested something to help with her arthritis. She asked her doctor about it. He said that he had heard of it, that it appeared to help in the short term, but no studies had been done to see if it had any serious side effects 20 years down the road. Her response: 'I probably won't care 20 years down the road.'

Finally, you will find lots of experts on all subjects. Remember that you have to evaluate their advice. Advice tends to be worth what you pay for it, on the one hand, and an expert? Well, break the word down into its parts: ex - old, has been, over the hill; spurt - a drip under pressure. What you do and how you do it is up to you.
 
Old 01-08-2017, 02:44 AM   #5
beachboy2
Senior Member
 
Registered: Jan 2007
Location: Wild West Wales, UK
Distribution: Linux Mint 20 MATE, MX-19.3, antiX, EndeavourOS
Posts: 3,323
Blog Entries: 17

Rep: Reputation: 1262Reputation: 1262Reputation: 1262Reputation: 1262Reputation: 1262Reputation: 1262Reputation: 1262Reputation: 1262Reputation: 1262
agillator,

I gave the OP password security advice based on the information he supplied.
 
Old 01-08-2017, 04:27 AM   #6
AwesomeMachine
LQ Guru
 
Registered: Jan 2005
Location: USA and Italy
Distribution: Debian testing/sid; OpenSuSE; Fedora; Mint
Posts: 5,513

Rep: Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009Reputation: 1009
I grab some object with printing on it--could be a serial card, a pill bottle, a laser pointer, remote control, and make a password from the labeling. Then I just have to remember the object and not to throw it out. On certain websites I don't even pretend I'll remember the password. I just change it every visit with the 'lost your password' function. For encrypted devices I use a passphrase.
 
Old 01-08-2017, 05:16 PM   #7
Lplater38
Member
 
Registered: Jan 2017
Location: Coffs Harbour NSW Australia
Distribution: ubuntu 20.04
Posts: 35

Original Poster
Rep: Reputation: Disabled
Passwords lost and found

Wow! Thank you everyone for your information. I have consumed most of it and will be applying some of it.

I have often thought that if anyone gets into my On Line Bank that they will probably say..."Poor Old Bugga!" and deposit $50.00 for me. LOL

I am with a credit union and they were once customer friendly, now like all money makers, customers that have hundreds of thousands deposited are customers, pensioners are the little parasites that make their life miserable, it seems.

I joined this organization when they first started and were crawling to all working groups to support them...and so the story goes.

I have tried to ring them this morning to renew my password, but they are "very Busy", so I will have to go to the local office and do my 'On line Banking' there.

Say la vee! yes incorrect spelling, but I do not care, I have a dose of the....whatevers!

Last edited by Lplater38; 01-08-2017 at 05:17 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Explanation FaisalSeif Linux - General 5 07-31-2014 02:02 PM
ls */ explanation zeusys Linux - Newbie 3 08-17-2011 11:41 PM
while loop, need some explanation manya Programming 9 10-14-2009 01:42 PM
Further explanation on symlink munichtexan Linux - Newbie 4 12-01-2005 10:52 AM
I Could Use An Explanation winger Linux - General 3 04-13-2002 10:32 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 07:31 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration