|
There are really just a few websites (about 10 to 20?) that I frequently visit and want to have an account with: email, Facebook, CP, LinkedIn...
And then there are the millions of websites that require you to create an account for "your convenience"...
A web shop I'll order from once and probably never again. Why the hell do they need me to register? There are a few who have "express checkout" and just let's you enter your details once without creating an account, but they are few.
It's a shame that websites are like that, the "register" button has become a turn off that makes me lose interest in the site almost immediately (kind of like a beard on women, except when you're a dwarf and dig bearded women).
|
|
|
|
|
It depends.
If the site is "important" to me, I use my real email address, because I have some business with the site.
If the site is not important, like some comment-forums on various sites, where I just want to drop a line I register with a special spambox address/alias which is not forwarded to my main inbox (see it like a ignore-all-mailbox).
Most of my passwords are generated and in a password-safe - in most cases I do not even know them - I pick them from the safe.
|
|
|
|
|
I generally use the same Username (or minor variation) but use site-specific email addresses (all on my own domain, so they come through a catch-all into my primary email account). That way if someone sells my email (or is hacked) I know the root source of any spam; it also makes it easy to filter any email if I decide I don't want/need whatever they want to sell me.
|
|
|
|
|
Every site has a unique email address. And when I'm spammed, I know who sold me out.
Getting even is every bit as much fun as it's cracked up to be! Try it. You'll like it.
Ravings en masse^ |
---|
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
|
I don't need to pay any particular attention to anyone who's behaving. ebay would, for example, be ebay@ , etc. Self maintaining reference.
Those who miss behave have the email routed directly to themselves in some manner - and possible a couple hundred SMTP emails telling them about my displeasure. Each of the SMTP's is different, with a randomized from email at a major email domain; body and subject slightly modified on-the-fly.
If I'm really in the mood, the SMTP mailer will send any number of emails with a gap between them so they're more likely to be interspersed with real email - more hassle to delete. Depends upon what kind of mood I'm in.
Ravings en masse^ |
---|
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
I saw a variation of this at work.
Mail to me where sent sent from a mail address on the form (company)-spam@domain.com
|
|
|
|
|
|
|
I use Keepass for every site I use - bar one.
Some complete dullard of a dev at the site in question thinks it's a good security step to not allow pasting into the password field thus cleverly forcing users to use memorable passwords https://codeproject.global.ssl.fastly.net/script/Forums/Images/smiley_doh.gif
It's a significant factor in them getting much less of my business than their rivals do.
Slogans aren't solutions.
|
|
|
|
|
PeejayAdams wrote: Some complete dullard of a dev at the site in question thinks it's a good security step to not allow pasting into the password field
I have encountered this and it is really terrible.
So much misinformation about what makes passwords and password entry secure.
|
|
|
|
|
PeejayAdams wrote: to not allow pasting into the password field thus cleverly forcing users to use memorable passwords
My problem is not with remembering the safe password.
My problem is with typing it... it is a PITA
M.D.V.
If something has a solution... Why do we have to worry about?. If it has no solution... For what reason do we have to worry about?
Help me to understand what I'm saying, and I'll explain it better to you
Rating helpful answers is nice, but saying thanks can be even nicer.
|
|
|
|
|
For some I use unique logon + password combination that I don't have "remembered", for others I use a generic email + password that I only use for web "accounts" that I am unlikely to ever visit again - the email is not used for anything else and the password is nothing like any other that I use. And every flavour in between.
For other stuff I also use an encrypted password storage with a strong master password, but even within that not all of the passwords are entire.
|
|
|
|
|
I have Google for that... Closing the site by simple removing its access via my account...
Skipper: We'll fix it.
Alex: Fix it? How you gonna fix this?
Skipper: Grit, spit and a whole lotta duct tape.
|
|
|
|
|
Currently I'm registered at just three sites, including CP. It used to be four, but one of them leaked my mail address to people who I don't want to hear from, so that mail address quickly died, as well as the registration at that site. Right, Fleabay?
I simply use different mail addresses for each registration, so that they can quickly be disposed of if spam starts coming in. Russians concerned about my endurance and the prince of Nigeria can sell their pills or share their wealth elsewere.
The language is JavaScript. that of Mordor, which I will not utter here
This is Javascript. If you put big wheels and a racing stripe on a golf cart, it's still a f***ing golf cart.
"I don't know, extraterrestrial?"
"You mean like from space?"
"No, from Canada."
If software development were a circus, we would all be the clowns.
|
|
|
|
|
I follow, more or less, the same style, i create one e-mail alias for each website so i can kill spammers and molesters within a couple of clicks
|
|
|
|
|
Combine that with being very restrictive to register at sites, you get a very boring life withoud spammers and other unpleasant types. After Fleabay leaked one of my mail addresses, I got several mails from the same criminals, always claiming to be lawyers charged with getting the money from some bill I supposedly had forgotten to pay. They even had my address, but only a phone number from 10 years ago. They sure have been waiting long until threatening to drag me to court.
The language is JavaScript. that of Mordor, which I will not utter here
This is Javascript. If you put big wheels and a racing stripe on a golf cart, it's still a f***ing golf cart.
"I don't know, extraterrestrial?"
"You mean like from space?"
"No, from Canada."
If software development were a circus, we would all be the clowns.
|
|
|
|
|
I host mail for one of my friends.
Apparently he has not have as good discipline as the rest of you in who should know his e-mail address, because suddenly he got mails from all kind of dubious "pink" sites. He being a long term married man was a bit embarrassed to say the least!
We ended up creating a new address for him. The old one is forwarded to my spam learning filter and then onwards to /dev/null.
My friend got a bit wiser after that.
|
|
|
|
|
Are all bots. Trust me, no human can remember this much username/password combination, unless they are using browser of other password remembering services to do so.
What I do is, I try to claim my own username, "afzaal-ahmad-zeeshan", any combination of the same. One of the possible combinations is always available so I use it. As for the password, I use just one password to rule it all. I remember, once I asked my girl to set a password for my account... God knows what that password was.
Other than this, my personal preference is to consider Facebook, Google sign in. They are pretty much handy.
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
So...one password for everything?
That's horrible. Go to QA, and look at how many people are storing passwords in clear text - heck, look at the news - and think to yourself: how much do I trust every site I visit to secure my one and only password? Because if any one of them is vulnerable, that one-password-fits-all approach could come back to bite your ass, big time.
Just saying!
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
I agree with you in principle, but I pretty much do the same thing (using a couple of passwords across every site)..
Otherwise how do you remember every unique and ultra-strong password e.g. y[F9/fN.[y734hl ?
Ah, I see you have the machine that goes ping. This is my favorite. You see we lease it back from the company we sold it to and that way it comes under the monthly current budget and not the capital account.
modified 31-Aug-21 21:01pm.
|
|
|
|
|
I don't.
I use GUIDs (tweaked for each different sites stupid set of rules) and store them in a encrypted password manager I wrote. I remember one master password - which fits no other app or site - and it remembers the others for me. For "low security" sites like CP, I let Chrome handle the login - but for the bank, credit cards, and such like, nothing gets remembered.
Needless to say, the encrypted store and it's app is backed up extremely carefully!
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
Is it an online app?
I'm just wondering because I use a number of different machines (including Linux and MacOS as well as Windows) - it'd be great to have one place to store everything (Apple offer to save your passwords into iCloud so it'll remember them on your iPad and iPhone as well but it doesn't work across other platforms).
To be fair Apple does suggest Guids for passwords when creating online accounts, then stores them in iCloud but that's not much use when I'm trying to log in from my work PC.
Ah, I see you have the machine that goes ping. This is my favorite. You see we lease it back from the company we sold it to and that way it comes under the monthly current budget and not the capital account.
modified 31-Aug-21 21:01pm.
|
|
|
|
|
Not at the moment, but I'm planning to move it to a client/server architecture (so it can work offline, when I need my WiFi password for example) and replicate changes via the server. Partly so I can add an Android version that shares the same data. The fun part of that is keeping the encryption together with a page-level replication but not compromising the security. Think I've got that all worked out though.
But it's finding the time ...
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
|
|
|
|
|
OriginalGriff wrote: But it's finding the time ...
We all know that feeling
Ah, I see you have the machine that goes ping. This is my favorite. You see we lease it back from the company we sold it to and that way it comes under the monthly current budget and not the capital account.
modified 31-Aug-21 21:01pm.
|
|
|
|