This is a static archive of the old Zorin Forum.

The information below may be outdated. Visit the new Zorin Forum here ›

If you have registered on the old forum, you will need to create an account on the new forum.

Old Zorin Forum archiveOff Topic

[MOVED] Re: The Mint Forum Hack

mdiemer

Sat Mar 05, 2016 9:51:58 pm

Recently the Mint forum was hacked. Anyone downloading Mint that day got a hacked version. Plus, all forum members potentially had their forum passwords hacked. And that could be a problem if you use a password formula, with the core the same, and the rest tailored to your other online accounts. So, two questions:

1: how vulnerable to this is Zorin?

2: what is the best way to have truly safe passwords?

I am considering a password manager, but isn't that also potentially vulnerable? How do you really know they don't keep your master p/w, as they claim? And are p/w generators really safe? What if they are hacked? What if they are a fraud themselves?

Is using a 20-25 character password, with totally different ones for every site, the only safe way? And how safe is that, as computers themselves get more sophisticated? In the future, quantum computers will be so fast that there won't be enough particles in the universe to hold them off.

Swarfendor437

Sun Mar 06, 2016 6:53:17 pm

Hi, I can't speak for the Zorin site itself or anything to do with downloads of Zorin. Taking it to the basic level, Routers should have a connection strength password of 25 characters in length, which is what I utilise and a complete mash-up of numbers, letters and special characters. In respect of computer logons I use a 15 character password. The one password manager that is allegedly the best to use on all platforms is Keepass2 - but I am somewhat wary of such applications as yourself.

Interesting paper here:

http://srp.stanford.edu/ndss.html

[Thread moved from 'Chat About Zorin OS' - feel it is more appropriate here as the topic is effectively wide ranging and not just about, or limited to, Zorin. ;) :D ]

mdiemer

Mon Mar 07, 2016 4:31:40 am

That article is interesting, but way beyond me. A question: What is a router password? I do have a router. Two of our computers are on wireless, the other is wired. Do you mean that the wireless computers should use a 25 character password? I have devised a 19 character one that I would use as a base, with additions for each website. I can generate it from memory, but nobody would ever figure it out as it uses three different matrices which only I could know. Or I could use it with a password manager. Still feeling a bit unsure about that, however. To have all your passwords out there on the cloud...not sure I'd sleep well at night. (Actually, I don't now, the world is too crazy).

Swarfendor437

Mon Mar 07, 2016 1:11:18 pm

I mean the admin password for the router - you should never leave it as the default, e.g, Netgear routers are usually on http://192.168.0.1 - you login as 'admin' and the password if not changed is 'NETGEAR'

See http://www.techspot.com/guides/287-defa ... addresses/ for your router.

You should change the default password for as long as it can cope with. For users, the wireless login should be 25 characters and then set - if you want to be really secure, change the passwords once a month. ;) :D