Quote:
Originally Posted by CZroe
No need to brute-force if I find your list, considering that you'd have to carry it around with you to have any chance of getting logged in using other services and machines and have to keep a backup copy somewhere to avoid losing access to all your services. That's why you aren't supposed to write anything down. You are supposed to make a password you can't forget with accommodations that make it more secure and a application-specific suffix that you can figure out if need be. If a password policy requires you to write something down and will not let you use your system, only then is it OK (must change weekly, can't use a previous password, must be XX% different, etc; hey: they asked for it).
As it is, I hope you don't save them electronically. I could easily brute-force access to your documents on an encrypted NTFS filesystem and get your entire list of passwords if you stored it electronically.
|
As soon as you use them a couple of times you remember them quite easilly, atleast that's me
Also, you would need to have access to that said document. Meaning you'd need a remote access to my computer to put your hands on a lets say word document on my computer. So you'd first have to KNOW i have that said password file in my computer, and know it's name/where it is located. Then you'd need to RAT me.
And then you'd need to brute-force a combination of 12 random letters/numbers, which would take you ages. All that, to get access to my forum passwords?