Home |
Search |
Today's Posts |
|
Home Repair (alt.home.repair) For all homeowners and DIYers with many experienced tradesmen. Solve your toughest home fix-it problems. |
Reply |
|
LinkBack | Thread Tools | Display Modes |
|
#1
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
It says you should change your password if you have not done so since
2014. How can I tell when my password was last changed? I don't keep a record of that. |
#2
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
On 9/25/2016 10:34 AM, Taxed and Spent wrote:
It says you should change your password if you have not done so since 2014. How can I tell when my password was last changed? I don't keep a record of that. How difficult is it change passwords? I routinely change mine every six months or so. Just change it and move on. |
#3
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
On Sun, 25 Sep 2016 11:14:00 -0500, Unquestionably Confused
wrote: On 9/25/2016 10:34 AM, Taxed and Spent wrote: It says you should change your password if you have not done so since 2014. How can I tell when my password was last changed? I don't keep a record of that. How difficult is it change passwords? I routinely change mine every six months or so. Just change it and move on. The problem might be, if you do not know your password (it is stored on the PC) you can't change it. |
#5
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
On Sun, 25 Sep 2016 12:51:44 -0400, burfordTjustice
wrote: On Sun, 25 Sep 2016 12:47:12 -0400 wrote: On Sun, 25 Sep 2016 11:14:00 -0500, Unquestionably Confused wrote: On 9/25/2016 10:34 AM, Taxed and Spent wrote: It says you should change your password if you have not done so since 2014. How can I tell when my password was last changed? I don't keep a record of that. How difficult is it change passwords? I routinely change mine every six months or so. Just change it and move on. The problem might be, if you do not know your password (it is stored on the PC) you can't change it. http://www.lostpassword.com/asterisk.htm In my case I don't even have my Yahoo password anywhere. I only use it for one Yahoo group and I just answer the Emailed post. I never actually log in. I have tried recovering the PW but none of my answers match what I wrote 17 years ago when I set up the account. |
#6
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
|
#7
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
Sun, 25 Sep 2016 16:47:12 GMT in alt.home.repair, wrote: On Sun, 25 Sep 2016 11:14:00 -0500, Unquestionably Confused wrote: On 9/25/2016 10:34 AM, Taxed and Spent wrote: It says you should change your password if you have not done so since 2014. How can I tell when my password was last changed? I don't keep a record of that. How difficult is it change passwords? I routinely change mine every six months or so. Just change it and move on. The problem might be, if you do not know your password (it is stored on the PC) you can't change it. Is it stored in an encrypted password manager program or the web browser for auto login purposes? If the latter, nirsoft utils are your friend. If the former, you'd have to login to your password manager to recover the current password so you can change it to something else... Oh, one more thing, stop having your web browser store login/passwords for you, if that's something you do. As you'll learn by using the utils I mentioned, it's obviously, NOT secure. Anyone who has access to your computer with a brain (read: knows how to pull up the passwords using Nirsoft or a variety of other tools) can recover them, with ease. -- MID: Hmmm. I most certainly don't understand how I can access a copy of a zip file but then not be able to unzip it so I can watch it. That seems VERY clever! http://al.howardknight.net/msgid.cgi?ID=145716711400 |
#8
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
On 9/25/2016 12:14 PM, Unquestionably Confused wrote:
How difficult is it change passwords? I routinely change mine every six months or so. Just change it and move on. Why? If it has been working, what makes it more vulnerable with time? What makes a new password more secure than an old one? Maybe the new one is easier to crack. Given the number of web sites I use it would be an all day job to change them all. |
#9
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
On 9/25/2016 11:59 AM, Ed Pawlowski wrote:
On 9/25/2016 12:14 PM, Unquestionably Confused wrote: How difficult is it change passwords? I routinely change mine every six months or so. Just change it and move on. Why? If it has been working, what makes it more vulnerable with time? What makes a new password more secure than an old one? Maybe the new one is easier to crack. Given the number of web sites I use it would be an all day job to change them all. Think about it, Ed. time has nothing to do with it really. There was a breach and the password you may have thought to be secure has been leaked. If your current password is "jTR653ew$*LvfddseZ+" that is a pretty secure password. However, if there is a data breach on Thursday and that password and your email account/Yahoo account user name is leaked, it's worthless. If you change it to "jghfgfd$#cds@--:Y" the day after the breach (before some hacking AH changes your old one and locks you out) you are now secure again. (until the next breach) |
#10
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
"Unquestionably Confused" wrote
| If your current password is "jTR653ew$*LvfddseZ+" that is a pretty | secure password. I read an interesting article awhile back saying that one of the best ways to make a password is to just join 4 words. Cracking algorythms necessarily look for patterns. Four words is very memorable to humans, but not a pattern mathematically. For instance: breadtarmacskatesblot More memorable, yet still seemingly random, things could be invented that mean something only to the inventor. For instance: ruthdoilyxmasbarnard For your aunt Ruth who like doilies and invites the family every Christmas to her house in Barnard. It's memorable to you but for a computer it's just 20 random characters. |
#11
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
On 9/25/2016 12:25 PM, Mayayana wrote:
"Unquestionably Confused" wrote | If your current password is "jTR653ew$*LvfddseZ+" that is a pretty | secure password. I read an interesting article awhile back saying that one of the best ways to make a password is to just join 4 words. Cracking algorythms necessarily look for patterns. Four words is very memorable to humans, but not a pattern mathematically. For instance: breadtarmacskatesblot More memorable, yet still seemingly random, things could be invented that mean something only to the inventor. For instance: ruthdoilyxmasbarnard For your aunt Ruth who like doilies and invites the family every Christmas to her house in Barnard. It's memorable to you but for a computer it's just 20 random characters. Run those through any password strength meter of your choice and you'll find that they are woefully inadequate |
#12
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
"Mayayana"
Sun, 25 Sep 2016 17:25:50 GMT in alt.home.repair, wrote: "Unquestionably Confused" wrote | If your current password is "jTR653ew$*LvfddseZ+" that is a pretty | secure password. I read an interesting article awhile back saying that one of the best ways to make a password is to just join 4 words. Cracking algorythms necessarily look for patterns. Four words is very memorable to humans, but not a pattern mathematically. For instance: breadtarmacskatesblot You might want to re-read the article. You seem a bit confused on what cracking algorithms can/can't do here. More memorable, yet still seemingly random, things could be invented that mean something only to the inventor. For instance: ruthdoilyxmasbarnard That's only going to semi protect you against a basic dictionary attack, a brute force one is going to get it once it reaches that amount of characters. Just a matter of time. Cracking 'algorithms' vary you see. simple Dictionary only attacks aren't very effective against such passwords, but the one you used for an example is ripe for a Brute force attack. The only thing that would save you in this case is the amount of times yahoo will let you get it wrong before it temp disables the account, etc. For your aunt Ruth who like doilies and invites the family every Christmas to her house in Barnard. It's memorable to you but for a computer it's just 20 random characters. See above. your example is only a-z and nothing else; 20 characters long. IE: NOT secure. -- MID: Hmmm. I most certainly don't understand how I can access a copy of a zip file but then not be able to unzip it so I can watch it. That seems VERY clever! http://al.howardknight.net/msgid.cgi?ID=145716711400 |
#13
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
"Ed Pawlowski" wrote
| How difficult is it change passwords? I routinely change mine every six | months or so. Just change it and move on. | | | Why? If it has been working, what makes it more vulnerable with time? Did you read about the news? It's a dramatically clear answer to your question. Yahoo was hacked a couple of years ago. Chinese hackers might be scanning your email now, waiting for something like a credit card number or bank account info, or enough personal info to spoof your identity. The passwords might have been sold. The data was stolen by breaking into Yahoo and stealing their member/password list, not by hacking passwords. If you changed your password periodically you would have been protected for most of the last two years. |
#14
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
On Sun, 25 Sep 2016 13:10:52 -0400, "Mayayana"
wrote: "Ed Pawlowski" wrote | How difficult is it change passwords? I routinely change mine every six | months or so. Just change it and move on. | | | Why? If it has been working, what makes it more vulnerable with time? Did you read about the news? It's a dramatically clear answer to your question. Yahoo was hacked a couple of years ago. Chinese hackers might be scanning your email now, waiting for something like a credit card number or bank account info, or enough personal info to spoof your identity. The passwords might have been sold. The data was stolen by breaking into Yahoo and stealing their member/password list, not by hacking passwords. If you changed your password periodically you would have been protected for most of the last two years. If they look at my Yahoo account, they are just going to see the spam in accumulated over the last 17 years because I never used it I would appreciate them sending me the password tho ;-) |
#16
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
Ed Pawlowski explained on 9/25/2016 :
On 9/25/2016 12:14 PM, Unquestionably Confused wrote: How difficult is it change passwords? I routinely change mine every six months or so. Just change it and move on. Why? If it has been working, what makes it more vulnerable with time? What makes a new password more secure than an old one? Maybe the new one is easier to crack. Given the number of web sites I use it would be an all day job to change them all. Given the exhaustive search or dictionary attack scenario, changing the password would make the already tried and failed passwords viable again, so the attacker would have to start over again. |
#17
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
On 9/25/2016 1:35 PM, FromTheRafters wrote:
Given the exhaustive search or dictionary attack scenario, changing the password would make the already tried and failed passwords viable again, so the attacker would have to start over again. And your "new" password may be the next one tried and thus cracked. Not so sure it improves the odds. |
#18
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
Ed Pawlowski wrote on 9/25/2016 :
On 9/25/2016 1:35 PM, FromTheRafters wrote: Given the exhaustive search or dictionary attack scenario, changing the password would make the already tried and failed passwords viable again, so the attacker would have to start over again. And your "new" password may be the next one tried and thus cracked. Not so sure it improves the odds. Sure, but the idea behind exhaustive search is not the same as behind random tries, it reduces the effective keyspace after each try. If the entire keyspace can be searched in a year, the average time to break is six months. If you change the password every three months they may never hit the mark. This definitely does improve your odds. |
#19
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
On 9/25/2016 10:35 AM, FromTheRafters wrote:
Given the exhaustive search or dictionary attack scenario, changing the password would make the already tried and failed passwords viable again, so the attacker would have to start over again. I use Yahoo's Two-step verification. It makes a dictionary attack useless on a strange machine. |
#20
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
AL submitted this idea :
On 9/25/2016 10:35 AM, FromTheRafters wrote: Given the exhaustive search or dictionary attack scenario, changing the password would make the already tried and failed passwords viable again, so the attacker would have to start over again. I use Yahoo's Two-step verification. It makes a dictionary attack useless on a strange machine. If they hacked the server, all they would likely have to do is exhaust the hash's keyspace no matter how many parts were involved in the hash's creation. They've had two years in this case, but it could have been worse. |
#21
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
On 25/09/2016 16:34, Taxed and Spent wrote:
It says you should change your password if you have not done so since 2014. How can I tell when my password was last changed? I don't keep a record of that. Simple answer: just change it now. |
#22
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
On 9/25/2016 10:06 AM, Bod wrote:
On 25/09/2016 16:34, Taxed and Spent wrote: It says you should change your password if you have not done so since 2014. How can I tell when my password was last changed? I don't keep a record of that. Simple answer: just change it now. That is a simpleton answer. Is there anybody who can answer the question I raised? |
#23
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
"Taxed and Spent" wrote
| Simple answer: just change it now. | | That is a simpleton answer. | | Is there anybody who can answer the question I raised? It's a simple answer for a dumb question. If you don't know when you last changed your password then who would? If you think Yahoo does then ask them. What other possibilities are there? Or you could just change your password now. You might also want to consider getting real email (from your ISP, a paid account, or your own domain) and not using Yahoo or other freebie webmail. |
#24
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
On 9/25/2016 4:49 PM, Taxed and Spent wrote:
On 9/25/2016 10:06 AM, Bod wrote: On 25/09/2016 16:34, Taxed and Spent wrote: It says you should change your password if you have not done so since 2014. How can I tell when my password was last changed? I don't keep a record of that. Simple answer: just change it now. That is a simpleton answer. Is there anybody who can answer the question I raised? To quote Queen Hillary, "What difference does it make [when you last changed your password (in this context)]?" There is no penalty for changing your password "too often," the only risk is not changing it often enough and being sloppy with creating it and storing it. You don't need it to change it with Yahoo. We can explain it to you but we can't understand it for you.g |
#25
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
On Sun, 25 Sep 2016 23:37:36 +0100, Unquestionably Confused wrote:
On 9/25/2016 4:49 PM, Taxed and Spent wrote: On 9/25/2016 10:06 AM, Bod wrote: On 25/09/2016 16:34, Taxed and Spent wrote: It says you should change your password if you have not done so since 2014. How can I tell when my password was last changed? I don't keep a record of that. Simple answer: just change it now. That is a simpleton answer. Is there anybody who can answer the question I raised? To quote Queen Hillary, "What difference does it make [when you last changed your password (in this context)]?" There is no penalty for changing your password "too often," the only risk is not changing it often enough and being sloppy with creating it and storing it. You don't need it to change it with Yahoo. We can explain it to you but we can't understand it for you.g The penalty is forgetting it. -- Do infants have as much fun in their infancy as adults do in adultery? |
#26
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
Taxed and Spent presented the following explanation :
On 9/25/2016 10:06 AM, Bod wrote: On 25/09/2016 16:34, Taxed and Spent wrote: It says you should change your password if you have not done so since 2014. How can I tell when my password was last changed? I don't keep a record of that. Simple answer: just change it now. That is a simpleton answer. Is there anybody who can answer the question I raised? Probably someone at Yahoo! can answer that, but only if there is some record keeping of that sort of thing on their end. |
#27
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
On Mon, 26 Sep 2016 01:01:23 +0100, FromTheRafters wrote:
Taxed and Spent presented the following explanation : On 9/25/2016 10:06 AM, Bod wrote: On 25/09/2016 16:34, Taxed and Spent wrote: It says you should change your password if you have not done so since 2014. How can I tell when my password was last changed? I don't keep a record of that. Simple answer: just change it now. That is a simpleton answer. Is there anybody who can answer the question I raised? Probably someone at Yahoo! can answer that, but only if there is some record keeping of that sort of thing on their end. I doubt a cheap **** free webmail service would bother answering your question. Have you never heard of POP3? -- ADULT: A person who has stopped growing at both ends and is now growing in the middle. |
#28
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
James Wilkinson formulated on Sunday :
On Mon, 26 Sep 2016 01:01:23 +0100, FromTheRafters wrote: Taxed and Spent presented the following explanation : On 9/25/2016 10:06 AM, Bod wrote: On 25/09/2016 16:34, Taxed and Spent wrote: It says you should change your password if you have not done so since 2014. How can I tell when my password was last changed? I don't keep a record of that. Simple answer: just change it now. That is a simpleton answer. Is there anybody who can answer the question I raised? Probably someone at Yahoo! can answer that, but only if there is some record keeping of that sort of thing on their end. I doubt a cheap **** free webmail service would bother answering your question. Have you never heard of POP3? What question? |
#29
Posted to alt.home.repair
|
|||
|
|||
OT Yahoo breach
On 9/25/2016 5:07 PM, James Wilkinson wrote:
On Mon, 26 Sep 2016 01:01:23 +0100, FromTheRafters wrote: Taxed and Spent presented the following explanation : On 9/25/2016 10:06 AM, Bod wrote: On 25/09/2016 16:34, Taxed and Spent wrote: It says you should change your password if you have not done so since 2014. How can I tell when my password was last changed? I don't keep a record of that. Simple answer: just change it now. That is a simpleton answer. Is there anybody who can answer the question I raised? Probably someone at Yahoo! can answer that, but only if there is some record keeping of that sort of thing on their end. I doubt a cheap **** free webmail service would bother answering your question. Have you never heard of POP3? I can access a Yahoo account via POP3. Can't figure it out? |
Reply |
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
Breach of planning/building regs | UK diy | |||
Breach or Debate | Metalworking | |||
O2 mobile number breach | UK diy | |||
Ayhnum's Christmas Magnum repair the breach | Home Repair | |||
ChoicePoint personal data breach | Home Ownership |