Shocking: Sony Learned No Password Lessons After The 2011 PSN Hack
35 replies, posted
[QUOTE=lNloruzenchi;46651671]as paranoidly useful as it sounds, don't most websites have a limit on password size?[/QUOTE]
Actually pretty few from my experience. Majority of my passwords are 32 characters.
[QUOTE=Jsm;46653481]That's great and all but you probably have them saved somewhere as there is no way you are remembering them all.. There is a point where password complexity causes insecurity.[/QUOTE]
Well of course. I use KeePass 2.
I also hear good things about Lastpass
[QUOTE=Jojje;46653580]Actually pretty few from my experience. Majority of my passwords are 32 characters.[/QUOTE]
Annoyingly PayPal have a 20 character limit, Hotmail/Outlook is 16 characters.
[QUOTE=Jsm;46653481]That's great and all but you probably have them saved somewhere as there is no way you are remembering them all.. There is a point where password complexity causes insecurity.[/QUOTE]
Probably uses a password manager that has them encrypted.
One of the social network accounts for there film used the password 'sonypictures', I'm surprised it didn't get breached a while ago without this.
[QUOTE=Morgen;46654088]Probably uses a password manager that has them encrypted.[/QUOTE]
So he has one password (which is probably easy to remember) then..
[QUOTE=KillerLUA;46654398]One of the social network accounts for there film used the password 'sonypictures', I'm surprised it didn't get breached a while ago without this.[/QUOTE]
To be honest, that's only really weak to a targeted, human attack. In an automated online attack that would be reasonably secure.
[editline]6th December 2014[/editline]
The funniest thing here is that they could update their databases over the course of a weekend with two SQL queries to use hashed+salted passwords. Then its just a matter of changing the login systems they use to not use plain text and they're done. Not exactly a $10m job.
Sorry, you need to Log In to post a reply to this thread.
