phpBB Academy at StarTrekGuide

[Jaymie1989]

Ok, Im going to generator a different complex password for all my online accounts.

That will be quite a few passwords.

[Obsidian]

Well I have got my random password with all characters and changed it on my forums that are run on phpBB software.

I hope you use a different password for every site? And it it not only for phpBB boards, but for every account you can possibly get on the internet.
And please forget the passwords . Your computer is made to remember that kind of stuff.

@NOTE: Technology is /not/ reliable.

I can only remember up to a 18-char password, I tried a 24-char once but that was too hard.

Anymore, it's not the password I remember, it's the pattern that the fingers dance typing it in that I remember.

[Kim_Possible Kim]

FYI, the KeePass data file (the encrypted file which the program creates with all the passwords) is non-client, non-installation specific. I have a Vista installation (KeePass) and a Linux installation (KeePassX) on my laptop, and the data file for KeePass/X is stored on my data partition (which is readable by all both operating systems). Both front ends can read and write to the same data file no problem. I also keep a copy of that data file up-to-date on my thumb drive, so I can use it on my sweetie's XP computer.

I've used KeePass/X extensively. It works great.

[Obsidian]

As a general rule of thumb, if you can remember your password, it is not safe.

Incorrect, if you're talking about personal/financial passwords. If you have to write it down, it's not secure. Go for as much as you can remember, but not to where you have to write it down!
All it takes is someone finding your password written down on a piece of paper in your desk and you're screwed.

[comkid]

NOTE: That all Firefox default password manager passwords can be found

[Erik Frèrejean]

Pretty easily, thats why FireFox is a browser and not a password manager . Some people always seem afraid to install software and thus use programs in a way that they aren't mend to be used.
I've never trusted the password manager in firefox, just for the simplicity or retrieving the passwords. Though it looks like you can now set a master password to make it a bit difficult. Safari for instance uses the OS X keychain to store its passwords, which is a lot more secure and implemented just to store passwords in it. Though a tool like 1password is always better .

[Obsidian]

On Linux, I think you can use the keychain programs to secure the Firefox passwords. Don't quote me on that though, I'm not too sure.

[scottlpool2003 Scott]

Which is better, but some sites don't allow symbols only abc/123's

Those sites are nub++ and you shouldn't use them, same as for silly maximum character limitations on passwords

You are correct on both counts, but I did want to point out that phpBB3 has a character limitation as well... which the administrator can set, but is usually 25-30 or more chars.
The safest passwords to use contain the following:

1. MiXeD CasE letters.
2. Non-dictionary words, nonsense, or gobbledegook.
3. Numbers interspersed and in no particular pattern.
4. At least 2 symbols, but the more the better. (i.e. #%(*!^@$)
5. Between 20 and 30 chars, the longer, the safer.

Really tough passwords are especially important for accounts such as:

1. Your Server access, root access passwords.
2. Your Database access passwords.
3. Your cPanel access passwords.
4. Your password for your administrator account on any software running on your server, including but not limited to phpBB.
5. eBay, PayPal, your online bank, credit card accounts or other accounts that could contain bank accounts, credit card numbers, social security numbers, or even your physical mailing address.

All of the above type of accounts you should never access on public or shared computers, but should always be accessed by your computer and have a password management program manage your passwords for these accounts so that you do not need to memorise them. As a general rule of thumb, if you can remember your password, it is not safe.

@ The password limitations, you can change this by editing the DB to allow more chars and editing the source code to allow the users to input more chars.

[Highway of Life]

@ The password limitations, you can change this by editing the DB to allow more chars and editing the source code to allow the users to input more chars.

You can do this via the Administration Control Panel, General (tab), Board Configuration -> User registration settings.
Set min and max password chars.

[yais]

My password automatically change every 45 seconds following a complex algorithmwhich nobody in the world knows so nobody can login/hack it .