So, Twitch's Password Woes

General off-topic stuffs goes here.
User avatar
EarthPhantomTS
A little bit of a fan of Tiamat
Posts: 1463
Joined: December 25th, 2014, 5:33 pm
Location: In Tiamat's boobs

So, Twitch's Password Woes

Postby EarthPhantomTS » March 24th, 2015, 2:16 am

As some of us already know, Twitch had some data stolen from them, including possibly usernames and passwords. And I had the bad habit of using similar passwords for many things. So I had to scramble in damage control mode to change passwords.

My question is: is it too late for me to start using a password manager? How difficult are they to use? Which ones do you recommend? Is it possible to get a good, free one (paying money is not an option for me at this point in time)? I know you're supposed to a) use different passwords for EVERY site, and b) never write them down, but how do they expect people to do both?! I can barely remember the few passwords I've used, and I had to write down the ones I changed (I intend to change them to something better after figuring out how to do this)!
Resident slut, harlot, whore, tramp, and Tiamat fangirl. Also, proud pervert, nympho, and sex worshiper.

Proud to be a worshiper of Ishtar, Babylonian goddess of sex and war, in the 21st century CE Image Image!

Warning: Noted tendency to go from the Queen of Lewd to the Queen of Shrews seemingly at random. If this happens, explain that you meant nothing by it, and she'll quickly apologize

Image
Yes, she's still my wifey

User avatar
Alice
⦂☽
Posts: 3881
Joined: December 23rd, 2014, 10:47 pm
Location: Wonderland
Contact:

Re: So, Twitch's Password Woes

Postby Alice » March 24th, 2015, 2:30 am

I used Keepass for awhile and it worked fine. I stopped using it though because I found using a password manager more of a pain than my previous methods. (I have most of them written down on some paper around here, lol. The only exceptions are my most common password and my throwaway password since I can easily remember both of them.)

And no one ever actually does that crap. Luckily for me I just used my throwaway password on Twitch since I never use my account. Though they changed the way they handle passwords and now I had to use a better one. Let me choose whatever password I want ffs. If I want "password" as my password then it's my problem when someone gets into my account.
💙💙💙
Image
Image

User avatar
Absolut Zero
Posts: 610
Joined: December 24th, 2014, 3:51 am

Re: So, Twitch's Password Woes

Postby Absolut Zero » March 24th, 2015, 5:03 am

I highly doubt that Twitch was storing passwords in plain text so all they potentially have is your hash which should be at least SHA-2 (hopefully better though) and as long as you have a decent password with capital letters, numbers and a symbol or two then its not worth anyone's time to crack it.

User avatar
Rumia
Posts: 78
Joined: December 26th, 2014, 6:04 am
Location: Hell

Re: So, Twitch's Password Woes

Postby Rumia » March 24th, 2015, 5:32 am

It looks like Twitch is forcing people to reset their passwords anyway. Besides, better safe than sorry. :tstick:

For my passwording needs I use LastPass. It's freemium but it still works pretty well if you don't pay anything, plus the premium is fairly cheap.

User avatar
Alice
⦂☽
Posts: 3881
Joined: December 23rd, 2014, 10:47 pm
Location: Wonderland
Contact:

Re: So, Twitch's Password Woes

Postby Alice » March 24th, 2015, 5:45 am

Absolut Zero wrote:I highly doubt that Twitch was storing passwords in plain text so all they potentially have is your hash which should be at least SHA-2 (hopefully better though) and as long as you have a decent password with capital letters, numbers and a symbol or two then its not worth anyone's time to crack it.

Their announcement on it says the passwords were encrypted. And they've introduced some annoying method of accepting passwords. There is no minimum character requirement but if your password isn't complex enough then it won't accept it. My throwaway password is 6 digits with letters and numbers but even capitalizing half the letters and adding a space it wasn't enough for them. My main password was only barely acceptable according to their new requirements. Instead I used one I made up awhile back but never got around to using which includes unicode, lol.
💙💙💙
Image
Image


User avatar
Tovarisch Red Yoshi
Resident Commie Chameleon
Posts: 1952
Joined: December 29th, 2014, 10:57 pm
Location: Ashtree

Re: So, Twitch's Password Woes

Postby Tovarisch Red Yoshi » March 24th, 2015, 9:55 am

I do one of 3 things
use my old username I made when I was 12
use the password I've had since I was 8
use the last, but translated into German (been doing since a Chinese hacker tried to get into my google) (ni hao an hui!!!)

If all else fails I use the password from the email I use if I expect a site to spam me or something, considering it uses a geometric constant, japanese, and several years

So yeah... I don't much into anti-hacker security (surprisingly evidently)

My grandma has to change her passwords every 6 months, and generally uses a form of SeasonYEAR e.g. Spring2012 or something. She's terrible with tech though, so she usually has to reset it like 9 times into a variant (last I heard she was using Autumn4102 and then dead pet names)
wikipedia wrote:The word "w00t" itself was first seen in 1994.[citation needed] The expression rose in popularity in the late 1990s and early 2000s (decade) mostly on MMORPG such as RuneScape. It remains a niche Internet term and is not in general usage. The symbolic approximation of Latin letter forms makes w00t a prime example of internet leetspeak. It may also sometimes be seen spelled as "wewt" or "wought".
Isocitration wrote:<Isocitration> a long obscure nonsequitur that must be explained
<Isocitration> the joke is funny because of that alone
<tovakj> you've known me how long, yet?
<tovakj> yes
<tovakj> you're finally figuring out my aesthetic

User avatar
EarthPhantomTS
A little bit of a fan of Tiamat
Posts: 1463
Joined: December 25th, 2014, 5:33 pm
Location: In Tiamat's boobs

Re: So, Twitch's Password Woes

Postby EarthPhantomTS » March 24th, 2015, 5:07 pm

Alice wrote:
Absolut Zero wrote:I highly doubt that Twitch was storing passwords in plain text so all they potentially have is your hash which should be at least SHA-2 (hopefully better though) and as long as you have a decent password with capital letters, numbers and a symbol or two then its not worth anyone's time to crack it.

Their announcement on it says the passwords were encrypted.


If enough passwords were stolen, and the encryption scheme is the same for all of them (as opposed to a "hash and salt" setup), they can still be cracked.

Alice wrote:And they've introduced some annoying method of accepting passwords. There is no minimum character requirement but if your password isn't complex enough then it won't accept it. My throwaway password is 6 digits with letters and numbers but even capitalizing half the letters and adding a space it wasn't enough for them. My main password was only barely acceptable according to their new requirements. Instead I used one I made up awhile back but never got around to using which includes unicode, lol.


Funny you mention this. I've heard it might actually be a bad idea to force strong passwords on users, since many of them will then write their passwords down. It's the same sort of mistake that "abstinence only" sex ed programs make, in fact; namely, refusing to compromise, demanding everything, and ending up with nothing as a result (and yes, any jokes about "only Earth could make a connection between computer security and sex" are appropriate here :tstick2: ).

Tovarisch Red Yoshi wrote:I do one of 3 things
use my old username I made when I was 12
use the password I've had since I was 8
use the last, but translated into German (been doing since a Chinese hacker tried to get into my google) (ni hao an hui!!!)

If all else fails I use the password from the email I use if I expect a site to spam me or something, considering it uses a geometric constant, japanese, and several years

So yeah... I don't much into anti-hacker security (surprisingly evidently)

My grandma has to change her passwords every 6 months, and generally uses a form of SeasonYEAR e.g. Spring2012 or something. She's terrible with tech though, so she usually has to reset it like 9 times into a variant (last I heard she was using Autumn4102 and then dead pet names)


I'm honestly surprised to hear that. I kinda do a similar sort of thing, using the same password for many places, but I've recently learned to use unique passwords for "important" stuff, like bank accounts, Amazon, and email (the latter is the "breaking point", because of password reset forms. If someone has your email, they have everything of yours). But I was expecting you to berate me for the fact that I needed to change passwords on other sites, not be in the same situation as me :undecided: .
Resident slut, harlot, whore, tramp, and Tiamat fangirl. Also, proud pervert, nympho, and sex worshiper.

Proud to be a worshiper of Ishtar, Babylonian goddess of sex and war, in the 21st century CE Image Image!

Warning: Noted tendency to go from the Queen of Lewd to the Queen of Shrews seemingly at random. If this happens, explain that you meant nothing by it, and she'll quickly apologize

Image
Yes, she's still my wifey


User avatar
Alice
⦂☽
Posts: 3881
Joined: December 23rd, 2014, 10:47 pm
Location: Wonderland
Contact:

Re: So, Twitch's Password Woes

Postby Alice » March 24th, 2015, 7:36 pm

EarthPhantomTS wrote:I'm honestly surprised to hear that. I kinda do a similar sort of thing, using the same password for many places, but I've recently learned to use unique passwords for "important" stuff, like bank accounts, Amazon, and email (the latter is the "breaking point", because of password reset forms. If someone has your email, they have everything of yours). But I was expecting you to berate me for the fact that I needed to change passwords on other sites, not be in the same situation as me :undecided: .

I've taken to doing the same sort of thing. I use unique passwords for important stuff (ie: my Steam account and the email it's registered to both have different passwords and none of my emails share a password either. They're also all extremely long and complex passwords, some even containing unicode symbols though not many since some sites completely break if you use unicode in a password) then for the rest I either use my main password, my throwaway password if I don't actually care about the account (or intent to give a trusted friend access to the account), or I use one of the various other passwords I've come up with but never use because I can't remember them. Those latter ones are the ones that get written down.
💙💙💙
Image
Image



Return to “General Perversion”

Who is online

Users browsing this forum: No registered users and 2 guests