Welcome to the O2 Community

Has your question already been answered? See the community FAQ's

Off-Topic

Reply
Community Manager
Posts: 1,141
Registered: ‎10-08-2020

Re: Password Security Tips - World Password Day

That's tru @Anonymous but I think 16+ is just considered the safest wink

 

I actually didn't even know you can include the @ in these kind of passwords @pgn 

 

@mm7000gb not any website of course! But check out the one posted above, it's generally created to help people create safer passwords!

COVID-19 support - Help and support from O2 during the lockdown
Access for You: Registration - Find out how to register for our Access for You service.
Just joined the community or thinking of registering? Check out this handy starter guide!
Have a query about your account? login to My O2 for help


If you'd like to take part, why not register? Smiley Happy
signature

Community Manager
Posts: 1,141
Registered: ‎10-08-2020

Re: Password Security Tips - World Password Day

You are right @madasaf1sh it is a bit of a nightmare, I myself have to admit that I sometimes struggle to remember my passwords and often end up having to reset them. That's why I think it's great to have applications such as 1Password or LastPass to help you with this. Thanks for sharing the article, that's a great read on the topic and sure will add to the discussion around passwords!

 

That's a great start @Jenny105, however I think might be a bit dangerous if someone discovers this pattern. In that case maybe you could try one of the above mentioned apps or website to generate totally different passwords for each login and be on the safe side!

COVID-19 support - Help and support from O2 during the lockdown
Access for You: Registration - Find out how to register for our Access for You service.
Just joined the community or thinking of registering? Check out this handy starter guide!
Have a query about your account? login to My O2 for help


If you'd like to take part, why not register? Smiley Happy
signature

Community Manager
Posts: 1,141
Registered: ‎10-08-2020

Re: Password Security Tips - World Password Day


@Bambino wrote:

Fry.jpg


This sure would make our IT team laugh @Bambino sweat smile

COVID-19 support - Help and support from O2 during the lockdown
Access for You: Registration - Find out how to register for our Access for You service.
Just joined the community or thinking of registering? Check out this handy starter guide!
Have a query about your account? login to My O2 for help


If you'd like to take part, why not register? Smiley Happy
signature

Posts: 409
Topics: 15
Registered: ‎29-09-2016

Re: Password Security Tips - World Password Day

All joking aside this what I do: Have a different pasword for every site, make it long random mixed case/numbers/ etc, get your device to remember the passwords and auto-enter it for you.

Make sure your device (PC/Laptop/Tablet/Phone) is secure with all security updates and updated anti-virus and configured firewall.

For online payments I usually use Paypal (If available) as your card details are not made available to the website you are using it on. 

Okay the above is not the perfect solution but then nothing is, the most important thing is to keep your device and passwords secure. 

Posts: 17,912
Topics: 142
Registered: ‎11-04-2012

Re: Password Security Tips - World Password Day


@TheresaV wrote:

I actually didn't even know you can include the @ in these kind of passwords @pgn 

 


It is useable in many, @TheresaV - some call out

  •   # & ? / "

as invalid characters...

Problem with @ is the position of that character is dependent on the keyboard layout, so it is Shift-2 on US keyboards, and Shift-' on UK keyboards - so @Bambino may be struggling because he would typing 

 

  •   E"zy2Remember

 

instead of the example I gave...

Result? Incorrect Password! Confused

8a58aa5e7d36f84509a25534f0a83854.jpg

 

Most Random Thread.pngMost Useful Guide.pngWe cannot access your account
Level 70: Enigma
Posts: 17,183
Registered: ‎31-03-2010

Re: Password Security Tips - World Password Day

I actually have a Logitech solar keyboard that I brought with me from the UK, @pgn, so I don't have that problem. I didn't want to have to get used to the US layout after using the UK layout for so long.Smiley Wink

I DO NOT WORK FOR O2



Funniest-Thread-2
Posts: 2,996
Topics: 25
Registered: ‎25-10-2010

Re: Password Security Tips - World Password Day

Hmm, passwords are a bane of my life. Rather password resets are my life. Be grateful you don't have to deal with I have to do every single day:

 

1) power on laptop, enter pin code

2) log on to windows user account

3) logon to vpn using a different user name, a six digit number plus a token code which you have to get by entering a passcode

4) Logon to one environment using a different username plus password and a code from a hardware token that you have to unlock with a 4 digit code. Then to progress, enter a username and password. Then to progress to the actual desktop, enter the username and password. Then once you're in, login to various servers and apps using usernames that are different to the ones you have used so far.

5) Repeat step 4 to login to another environment, this time using a different hardware token

6) Repeat step 4 to login to the other environment with a totally different hardware token unlocked with a pin

7) Repeat step 4 though this time, add in two extra remote desktop steps with totally different usernames.

8) repeat steps 4 - 8 when the VPN drops for no reason.

9) Use the internal IT systems using a different username or the same windows user name or some random user name you've been assigned because they don't understand single sign-on.

10) repeat Steps 4-9 when the VPN kills your connection.

 

And it doesn't stop there, I have other environments that have to accessed using an authenticator app, a password, a pin code and a convoluted method of getting to that point. Also with a different username. Lets just say one password rules it all otherwise you'd never remember anything. Should I mention that the expiry period can be as short as 30 days? Imagine the fun I have once a month resetting passwords on systems that have different password policies. Before anyone suggests, password apps aren't exactly approved and another system I cannot be bothered with. 

 

Which brings me to the other pain: there is no standard method for password setting. Some have 8 characters that exclude certain ones, others demand you have to have a special combo but won't tell you what that is or if you're really unlucky you'll come across a system that remembers your last 15 passwords and variations of that. Its great for some security bod to say this is best practice when in reality its unworkable to do it so everybody resorts to keeping it as simple as possible. 

 

Would you like to know a simple password style that meets all requirements? Try this in your security checks if you don't believe me: Password_123!  Contains an uppercase, lowercase, special characters and numbers so ticking all boxes cool (er I wouldn't suggest you actually use Password_123! but um, lets say it does work in secure systems astonished )

 

Two things though: passphrases are a lot more memorable to come up with and how is the security officer going to check what you've come up with rofl Also obligatory XKCD link to Correct Horse Battery Staple 

 

I do like the Apple touch Id that er, fails sometimes forcing me to enter a PIN and I was quite taken by the Face ID on the Ipad Pro that also fails sometimes reverting to the pin. Still far more acceptable and useable than the convoluted login/passwords I have to tolerate. Biometrics is the way forward in my opinion. 

 

Posts: 17,912
Topics: 142
Registered: ‎11-04-2012

Re: Password Security Tips - World Password Day

Wow, @sheepdog!

Makes me glad of single sign-on (SSO) for all user-level business systems, and a single admin account for access to any back-end systems that I need to access for whatever reason.  The whole thing with the token was thrown out years back, now the encrypted laptop challenges for the SSO credential on boot-up and auto connects to the corporate network. Only downside is all traffic from the laptop passes through the corporate network, meaning certain sites are inaccessible, based on corporate policy, unless you request access to them via exception directly (if approved!).

Sometimes, the cookie crumbles your way...😉

 

 

Most Random Thread.pngMost Useful Guide.pngWe cannot access your account
Posts: 17,912
Topics: 142
Registered: ‎11-04-2012

Re: Password Security Tips - World Password Day

There's a lot to be said for using your own keyboard, @Bambino - I remember the days of "keyb uk" to get the £ symbol to work 😖

And if you're a Mac user, well, I have no clue!

Most Random Thread.pngMost Useful Guide.pngWe cannot access your account
Community Manager
Posts: 1,141
Registered: ‎10-08-2020

Re: Password Security Tips - World Password Day

That's exactly what I do as well @mm7000gb, I use my Apple device to remember my passwords but also try to minimize the number of accounts I have in general. If I have the chance to for example, I prefer to check out as a guest on shopping sites to avoid creating just another account. After all, it's important we all just do our best to keep our accounts secure!

 

I always had @ come out as an invalid character but then again I think I only tried it a couple of times @pgn sweat smile Learning something new every day I guess, that's why these discussions are so great even for me joy

COVID-19 support - Help and support from O2 during the lockdown
Access for You: Registration - Find out how to register for our Access for You service.
Just joined the community or thinking of registering? Check out this handy starter guide!
Have a query about your account? login to My O2 for help


If you'd like to take part, why not register? Smiley Happy
signature