I read an article about how AI can easily crack simple passwords. It mentioned using a password consisting of twelve random letters and numbers.
When I install Linux Mint, I create a user name and password. The password is used to log into Mint, install applications, update applications, change permissions on files, access the local network and when using the terminal. It seems I am constantly needing the password.
How can one be expected to remember a password of twelve or even an eight random letters and numbers? I don’t want to look up my password in a notebook or a text file every time I need it. OK, maybe you can remember a password of eight random letters and numbers but my memory is not that good.
Use the first letter of each word of a sentence you can remember. If you can figure out how to add in some numbers and punctuation marks, even better.
My neighbor’s four dogs are always barking at me.
I’ve also read this, but never understood it. I have hundreds of p/w’s, and every one will lock me out after a small number of incorrect attempts.
Yeah, that detail is always missing whenever someone says “modern computers can try 4 million passwords per second” or some such thing.
Keep your passwords in plain sight…
Print a card from here (and remember to save the hex number at the bottom or save a copy in your safe).
Pick a row or column in whatever order you want. Even if someone knows your password is on the card, let them try to guess how many letters and digits you chose and from where.
Here is a sample card, but make your own.
Alternatively, use a program like StickyPass that will create cryptic random passwords and saves them in an encrypted database. I use that program on my Win10, Win7 and Android phones and the database is linked to all 3 so they can all access the same passwords. They have a free vesion and the paid version will allow you to do what I did with multiple devices accessing the same passwords. There is a lifetime at $59 right now.
I used the card for a long time until getting LastPass.
It’s a neat method and you literally carry your p/w with you in plain sight.
I am not sure that I made myself clear. I use a password manager for Internet sites. My gripe is about the frequency of using the Linux administrative password in a session and having to remember or look up a long complex password. I think ratbert2k’s solution will work for me. Why didn’t I think of that? Thanks.
Linux is a much more secure OS than Windows. The password requests are just part of that. I do experiment with Linux on a couple machines. They are desktops and never leave my house. So I use a very simple PW on them (4 characters). Xubuntu on an older 64 bit PC and Linux Lite on an even older 32 bit Gateway (don’t laugh!) PC.
I’ve been running Linux Mint for almost 10 years and the only time I have to use the admin password is pretty much when I’m installing a program.
The attack is not to guess passwords on the live site, rather it to acquire the site’s password database file and crack it offline. Once that is accomplished, the credentials can be used to log onto the site without facing the “few bad attempts and you are locked out” limitations.
I did not know that. Thnx
Interesting. I’ll try to remember to make a note when I use my password for a few days. Maybe we just use our computers differently.
I get a PW prompt when I run a software update too.
I used my password for Linux Mint six times today. I could avoid using the password by setting Linux Mint to start without a password. I also allow the screen saver to lock and need the password to unlock. The screen saver causes most password use.
Linux Mint offers updates very often and needs a password to install the update. I usually do not wait to update when one is offered.
Each of my computers can act as a server or a client on the home network. When I backup to another computer on the network, I need the password to mount the shared folder. When I was working from home on a temporary job a couple of years ago, I would move maps from my desktop to my wife’s computer for proof reading. Needed a password pretty often for that. Again I could avoid password use by leaving the shared folder permanently mounted but I think it would be an unnecessary security risk.
Sometimes I have an application that is not working correctly. I look up a fix on the Internet and usually I need to go to Terminal and use a command line. For example, I may need to change something in a configuration file. A password is needed to open the file with administrative privileges and make a change.
So I should not have complained about the frequent use of the password in Linux because most of it is my choice. I just want to be as secure as possible and wish I had a better understanding of how security works.