Steam was hacked

[spellman]

I believe XKCD screwed it up for everyone a few months back.

Yeah, XKCD made it much more popular to just use a really, really long phrase instead of a "strong" password. IMO, the real trick is mixing in random character replacements.

So, instead of say "mydogeatspoo" you use "myd0g347$P[]o"

Granted, hackers know about "basic l337" replacements, so get creative.

There's also a little bit of solace in knowing most people are morons, so as long as a hacker can access around 20-50% of the accounts they don't need to bring out the big guns. So, if you're tougher to break than 50% of the users, you have an extra, albeit small, layer of security.

That is until you're important enough you're being targeted individually. In which case hire a security team.

[antisocialmunky]

That doesn't help you if someone hacks your cell phone and posts internets of you on the naked photos though. :\

[sunrise089]

Considering the most tech proficient people I know plan to use their licensed Lord of the Rings swords (yes really) in they ever have to be in a life-or-death fight I'll take my chances with being physically attacked for my password.

It's different at a nation state level of course, but if I'm targeted by a nation state the goal is damage mitigation rather than victory. Mitigation like writing a nice set of last words for my family...

[Roland]

Considering the most tech proficient people I know plan to use their licensed Lord of the Rings swords (yes really) in they ever have to be in a life-or-death fight I'll take my chances with being physically attacked for my password.

It's different at a nation state level of course, but if I'm targeted by a nation state the goal is damage mitigation rather than victory. Mitigation like writing a nice set of last words for my family...

It always amuses me how people feel that those movie replicas are in any way usable for anything other than decoration or a paperweight. They're display pieces. They're not crafted from materials for combat. They're not forged and tempered for combat. They're not properly balanced for combat. They have a tang the size of a pencil, and about as long - thus, "rat tang". It will snap the moment they swing that thing with any amount of force.

On that note, I'd be the guy with the gun.

[T-hawk]

Yeah, XKCD made it much more popular to just use a really, really long phrase instead of a "strong" password. IMO, the real trick is mixing in random character replacements.
So, instead of say "mydogeatspoo" you use "myd0g347$P[]o"

No, XKCD points out the problem with that approach too. How do you remember which random letters are capitalized or which "o" is a 0 or [] or unmodified o?

[antisocialmunky]

It always amuses me how people feel that those movie replicas are in any way usable for anything other than decoration or a paperweight. They're display pieces. They're not crafted from materials for combat. They're not forged and tempered for combat. They're not properly balanced for combat. They have a tang the size of a pencil, and about as long - thus, "rat tang". It will snap the moment they swing that thing with any amount of force.

On that note, I'd be the guy with the gun.

I'll take a http://www.youtube.com/watch?v=RUXXGbNS8oY as I'm sure you could classify it as a very strong flash light so as to not have a waiting period.

[Nicolae Carpathia]

I think the ability and desire to escalate situations holds alot of appeal to people. Everyone wants to be king shit, and finding a (legitimate?) excuse and opportunity to beat the shit out of someone appeals to some dark part of people's brains.

Hence those lizard brain ads insinuating that anyone incapable of responding with deadly force should a hypothetical home invader are cowards, arrive creep the hell out of me. You know some people are itching for an opportunity to shoot some teenager the moment he steps onto their property.

[sunrise089]

If a stranger knocks down the door of my home uninvited in the middle of the night there won't be any "escalating" going on. That guy escalated things just fine, I'm now going to respond and mitigate damage, erring on the side of my family's safety.

I agree though that some people have a dark side and like the idea of hurting someone when they get the least excuse or just plain beating someone up. Fortunately the law pretty clearly doesn't let you shoot someone "the moment they step onto one's property."

I'll leave the issue of waiting periods aside as this isn't Realms Beyond Soapboxes.

I think we can all agree though that planning to fight with Lord of the Rings weaponry isn't a great idea. Not fighting is much better than that, no doubt.

[Nicolae Carpathia]

I think your dorky IT friends are pretty much fantasising about their enemies charging body-first into their blades as they ineptly swing the things around

It's an appealing fantasy, for the same reason why crypto nerds fantasise about getting attacks via their most secure entrance, and why people on the internet simply won't shut up about the best way to barricade their house against zombies. And why we play character vs swarm games like Diablo or tower defences.

But it's pretty much a given the best thing to do in reality is to avoid and de-escalate the best you can. Feel free to charge dozens if knights into a city in game!

[spellman]

No, XKCD points out the problem with that approach too. How do you remember which random letters are capitalized or which "o" is a 0 or [] or unmodified o?

Um, by being someone who remembers your passwords?

It's not a replacement for memorizing a password. However, it's a heck of a lot easier to remember than 12 completely random characters because you have a bit of framing.