Dark Web

[370Dancer]

Speaking of the dark web, I started using a password utility and really complex passwords (LastPass - like it a lot) after we got a bank account hacked. It turned out not to be a password issue, but in the meantime, we signed up for another security tool for our home PC, Avast. Its a bit of a resource hog it seems, but works. Avast has a “sales hook” that worked for us. You go on their site and simply submit your email address. Then they send you an email with a link that shows you all of the web sites that have been hacked where your email address AND PASSWORD!!! Are in databases in the dark web. Like many people, I reuse passwords at times, and there they were… out there on the hackers list of morons to try to scam. So now they are all unique and not simple. And I changed my email address too.

The key to this is to use patterns, with a unique twist that you can change whenever you want to.

 

[440 Jim]

Only an Ichthyologist would be able to make heads or tails of mine. Not too many Ichthyologist hackers out there I would imagine.

 

[Skybolt]

Only an Ichthyologist would be able to make heads or tails of mine. Not too many Ichthyologist hackers out there I would imagine.

Cute, a fish password to stop phishing exploits.

No hacker actually figures out the password, those days are have long since gone. They figure out how to exploit a security hole and gain access to the database in some fashion, which holds the passwords. Or simply buy existing password info from the dark web etc. then use hack software to try and access the system.

 

[440 Jim]

That was my first major, somehow it turned into electrical engineering?

Dunno, but very careful on the interweb

Never made the fish to phish connection, cool.

 

[boatman37]

Passwords aren't actually transmitted across the internet. Your password is hashed using an algorithm (SHA-1, SHA-256, etc) and that hash value is transmitted. They are not supposed to be reverse engineered but there is such a thing as collisions, meaning one hash may match a couple of different words. There are databases called rainbow tables that store password hashes and and words that match those hashes. I used to crack passwords before as part of my computer forensics career. No black magic there. Just use the tools that were already out there. I haven't done it for awhile so likely different with Win10 than it was with XP. I have cracked a few where the password I used wasn't the actual password but the one I used matched the hash that came from the actual password. Much of this may be outdated now cause I haven't done any of this type of work since about 2013 or so.

 

[440 Jim]

All I can say is wow...

 

[Ike]

That's why I stopped wearing my USCG Retired ball cap. Too many strange people coming up and asking questions like that.

 

[zool]

Dark Web is a term used by entities destined to scare.....there's one web, with all walks of life. Passwords are a feel good measure.......Being tracked is an essential of web navigation.....Its the nature of the beast.

A TOR browser will negate some of it.

 

[Creekwood]

The key to this is to use patterns, with a unique twist that you can change whenever you want to.

Lastpass does it for me now and patterns are not needed. I can generate a complex password (with a bunch of options) and not have to remember it.