Rss

Archives for : 2-step

Weaker passwords

So many web sites, so many passwords.  Unless you’re willing to risk using fewer than ten (or possibly only one) password for every site you use, you probably have the browser save the passwords and use a random password generator.

There are a number of apps which will generate passwords for you.  You can set the password strength and it will give you a unique password each time you ask for one.  If you’re hoping to get the same one twice, you’re probably going to die before it happens.  The apps give you nice, strong passwords.  Other apps will save the details for you, password keepers.

It’s not often, but from time to time I’ll come across a site which doesn’t allow the 40-50 digit passwords I tend to use.  Sometimes I’ll add a more, sometimes take a few off.  When I exit the app, the contents of the phone’s clipboard are sent to the PC.  From there I’ll often drop the password in to a .txt file and save it in Spideroak.  For those who don’t know, Spideroak is much like Dropbox but is fully secure, only decrypting the contents at the user’s device.

For the first time I’ve come across a web site which not only limits the length of the password, but doesn’t allow most of the special characters (for example !£$%^&*{[]}@’#~<>?/`¬\|etc.).  Eon Energy only allow the basic 0-9, A-Z, – and _.  For the first time since using password generators I’ve been effectively told my password is too strong, please use a weaker password, twice!

We’re living in a world where everyone is using stronger and stronger passwords.  Those with Microsoft qualifications need at least two special characters in their lengthy passwords.  Google, Twitter and Dropbox are amongst many sites using 2-step security, requiring a password and a code either generated by / sent to your phone.  These sites don’t require payments or personal information to use them, but they still offer 2-step security.

I didn’t sign up with Eon.  I was tempted to type in ‘password’, but in the end I was afraid it would be accepted.
Eon - too longEon - invalid format