Re: Hacked!
- From: Catriona R <catrionarNOSPAM@xxxxxxxxxxxxxx>
- Date: Mon, 12 Apr 2010 22:30:04 +0100
On Mon, 12 Apr 2010 15:15:03 -0600, Lewis
<g.kreme@xxxxxxxxxxxxxxxxxxxxx> wrote:
In article <82gc80FuvuU1@xxxxxxxxxxxxxxxxxx>,
Catriona R <catrionarNOSPAM@xxxxxxxxxxxxxx> wrote:
Just as a note, I'm sure I read somewhere that WoW doesn't recognise
the difference between capitals and lowercase,
No, that's wrong. I often (well, often enough) mistype my password with
a lower case in place of a capital and WoW rejects it as it should.
Seems as somebody else posted it's a difference between US and EU auth
servers then - I just tried capitalising a few random letters in my
password (usually all lower case) and it logged in fine.
so no point having a
capital letter there. I don't have another character in mine either
but it's what looks like a random mishmash of letters and numbers
that'd take some time to bruteforce (and then there's my
authenticator, oh and did I mention I use an email address I use for
nothing else?), might change the s in it to a $ sometime but not that
sure it's needed at this point in time; only way anyone's getting past
my authenticator is with a man in the middle attack that would log the
password as well in any case!
If I bothered with an authenticator then I wouldn't bother with a secure
password. As you said, the only way someone will get through the
authenticator they will have the password no matter what it is.
Yep, the more I hear about hacking, the more glad I am I got the
authenticator, since it makes it so much safer. I really have to ask
my bank soon exactly why they haven't given me one too... seems
ridiculous having better security for an online game than for my RL
money.
Tips for making rememberable but secure passwords - take something you
can remember and then adjust the letters to numbers or symbols which
are similar, s>%, i>1, etc. Rememberable things could be memorable
dates (not birthdays but I use the day my football club won a
particular trophy as one of my passwords) or car registration numbers
(good luck anybody finding the numbers of the cars my dad had when I
was a little child ;-)), meaning you're already going to be able to
remember the numbers side of it, rather than having to use a word as a
key.
This is not as effective as it once was. The crackers know all about
these common substitutions too, and run them in their dictionary
attacks. They will check password and Password and p4ssw0rd and
p455\/\/0rd and those are all really bad choices because of this.
True, I was mainly meaning start off with something obscure to begin
with and then mangle it some more. Which I probably should do for my
regular use stuff since what was a decentish password years ago is
probably kinda dated now. WoW is safe enough behind the authenticator
but my other things maybe need more security on them.
--
EU-Draenor:
Sagart (80 Undead Priest)
Tairbh (80 Tauren Druid)
Buinne (80 Troll Shaman)
Balgair (75 Human Rogue)
Eilnich (70 Blood Elf Warlock)
Ruire (70 Blood Elf Paladin)
.
- References:
- Hacked!
- From: Raymond Feist
- Re: Hacked!
- From: Urbin
- Re: Hacked!
- From: Catriona R
- Hacked!
- Prev by Date: Re: Please Explain the Children's Week PvP Achievements
- Next by Date: Re: Please Explain the Children's Week PvP Achievements
- Previous by thread: Re: Hacked!
- Next by thread: Re: Hacked!
- Index(es):
Relevant Pages
|
