Here's a statement of the obvious: The opinions expressed here are those of the participants, not those of the Mutual Fund Observer. We cannot vouch for the accuracy or appropriateness of any of it, though we do encourage civility and good humor.
Although not really fund issue, does anyone else use LastPass to mange passwords? It was recently hacked twice, so I am leaving probably for 1Password.
I do not use it for any brokerages or banks, but no reason to accept inadequate security
I don't use any sort of password manager- just one more piece of my life subject to someone else's control, as far as I'm concerned.
Being 83 does have some benefits: people of our age grew up with telephone numbers that had words as prefixes. For example, MAnhattan 5-9876, with the first two letters capitalized in the telephone books of the time.
Folks of that era can usually easily remember some of those numbers that were used frequently. Everyone in my age cohort will remember TUxedo 5-1234, which was the phone number for Yellow Cab in San Francisco for many years.
Those old numbers, easily remembered, make nice long passwords, because of the alpha-numeric combination along with the dash and partial capitalization.
It's a good idea to use long alpha-numeric passwords with mixed case and special characters. The 2L-5N numbering plan was phased out in most locations during the 1960s but it wouldn't surprise me if some of these obsolete phone numbers are included in hackers' dictionaries.
The "2L-5N" numbering plan was originally designed for a time before the Bell System was upgraded to manual dialing by the telephone system customers themselves. Prior to that, all calls were connected by asking telephone "operators" to make the connection to the desired telephone number.
Going back even before that time, telephone exchanges had only names, which were generally chosen by the Bell System to be easily understood over even poor connections. In a given city names such as "Market", "Enterprise", Baywater" and so forth were used, with four numbers following. Those four numbers translated into 10,000 possible individual telephone numbers within each exchange: "0000" to "9999". At this point a typical telephone number might be "Market 1234".
As the system expanded and became more automated, an additional prefix number was added, so that new exchange groups could be added within the existing physical equipment buildings. So now we had the possibility of prefixes such as "Market 1-1234", Market 2-1234", and so forth. But in many parts of the US those numbers were still being connected by human operators, and a phone number was now shown in the telephone directories as MArket 1-1234.
The final step in the system automation was the elimination of human operators, and the introduction of dials on each customer telephone. The central office (CO) equipment of course had no idea what a prefix such as "MArket" might mean, so those first two letters now became equivalent numbers: telephone numbers now consisted of a 3-number prefix, followed by the original 4-number group for each customer. "MArket 1-1234" now became "621 1234" from the viewpoint of the CO equipment. If you look at an old rotary dial telephone you will see the pattern for the conversion of the letter prefix into the new numerical prefix.
So at that point we had a "2L-5N" phone number, which in reality was actually "3N-4N" as far as the CO equipment was concerned. The "3N" was the exchange prefix (621), and the "4N" (1234) was the discreet telephone number within that exchange.
Even then, in the US Bell System operators were still very much employed, primarily for "long distance" calling, because the additional 3-number "area code" system was not yet in use. Going into the 1960s, the introduction of Area Codes allowed direct dialing almost anywhere in the US, and even those operators were gradually phased out, leaving human operators only for services such as "Information".
When I was a kid, if you needed to "look up" a local telephone number and didn't have access to a printed directory, you could dial "411" for "Information". If you needed to find a number in another city your local "Information" operator would connect you to her opposite number in the city that you wanted.
Now, of course, all of that is no more. Within today's AT&T it's almost impossible to talk to a human being to help with any communications problem. Your AT&T email stops working? Good luck to you... the person in India reading a canned script isn't going to be much help.
And now that much of telephony is actually transmitted over the internet, we have achieved connection quality which sometimes rises to that of the operator-connected phone calls of the 1940s. But it is cheap. As someone once observed, "cheap" drives out "good".
A little off topic, but lately I’ve encountered frustration over Apple’s IOS operating system attempting to create passwords for me when, like Old Joe, I desire to create my own. Sometimes this screws up the process. For less sensitive sites I’ll let the IOS system remember the password I’ve created for ease of logging in. But not for really important ones. I even have a few passwords that I don’t write down or file anywhere! When my iPad was hacked a while back, it appeared to me they were attempting to upload data from my office files. Be very careful.
I'm with OJ on passwords. No third parties. We have two electronic files on thumb drives in two different locations and a paper copy stashed where it will not be found by unwanted folks in our house.
"I even have a few passwords that I don’t write down or file anywhere"
Exactly why using old telephone numbers that you already have stashed in your memory works well. Using the entire exchange name prefix with the first two letters capitalized plus the remaining five numerals and a dash (ie: PRospect 6-9827) is easy to remember and gives very good protection.
@hank- How do you think that your iPad was hacked? I'd guess that might have happened using it at a free "hotspot" somewhere outside of your home.
"I even have a few passwords that I don’t write down or file anywhere"
Exactly why using old telephone numbers that you already have stashed in your memory works well. Using the entire exchange name prefix with the first two letters capitalized plus the remaining five numerals and a dash (ie: PRospect 6-9827) is easy to remember and gives very good protection.
@hank- How do you think that your iPad was hacked? I'd guess that might have happened using it at a free "hotspot" somewhere outside of your home.
No. The one that was afflicted doesn’t leave the house. Would have gained access thru my Starlink broadband. Of course, it might have been more difficult for someone to get in previously when I was only connected by cellular hotspot. No idea - but must assume a security flaw in one of the updates Apple seems to send out every few weeks. Of course, every subsequent one contains a security patch of one form or another. I do leave it logged on to wi-fi in the house 24/7 and that alone might increase risk. I’m pretty happy with the Norton anti-virus I installed later on for a small price.
My passwords tend to consist of single cap letters that stand for past activities, places, persons coupled with lower case letters and numerals that relate to said. Sometimes they tell a story. Of course, I throw in some special characters as part of the entire scheme. One way to keep them semi-recorded is to write to files skipping several letters or numbers and replacing those with dash marks. So only you can figure out what belongs in those blank spots.
I have been using Dashlane on my Apple devices for at least three years and I find it well worth the annual fee. I has the option to create its own password (mind-numbingly difficult to remember) or to use my own. It warns of multiple uses of the same password and reports on security problems. Works equally well on desktop iMac, iPad, and iPhone.
Now you guys are scaring me. A coworker was using an app on his Android phone to store his passwords and it was compromised. He found his online bank account was open by someone else. Nothing was taken and he does not know how it happened.
I am old school and doing something that catch22 does. Also I change the password every 30 days.
Could not help noticing the typo in the title of this thread. Topical for the season: Did you hear that the Wise Men showed up and ran away screaming: "It's a GIRL! It's a GIRL!"
Passwords: I find the current level of REQUIRED difficulty in creating passwords imposed by the websites I really need are already sufficiently bothersome. On the basis of their bothersome-ness, I get creative with obscenities as passwords, with the additionally-required "special characters," numbers and capital letters.
One of my credit unions lets me log-in to my account, but if I try to simply click on an announcement or promotion WITHOUT logging-in, it stops me in my tracks. Buncha crap. After a phone conversation with them, it appears a security tool I use is the reason. It spoofs my OS every so often. (But who really knows? The way things operate today, the machines ARE in charge. No human could ever get to the bottom of it. Another brick in the wall. Another instance of amoral operations at work. Nothing needs to make sense anymore, as long as we can do what we want to do. Until we CAN'T, because the system blocks us. Why? Might as well wait for Godot to get an answer. THAT is an unacceptable ethical flaw, but the Powers That Be just throw it over their shoulder.)
Password Manager? No, I don't need ANOTHER layer of interference.
Comments
Being 83 does have some benefits: people of our age grew up with telephone numbers that had words as prefixes. For example, MAnhattan 5-9876, with the first two letters capitalized in the telephone books of the time.
Folks of that era can usually easily remember some of those numbers that were used frequently. Everyone in my age cohort will remember TUxedo 5-1234, which was the phone number for Yellow Cab in San Francisco for many years.
Those old numbers, easily remembered, make nice long passwords, because of the alpha-numeric combination along with the dash and partial capitalization.
The 2L-5N numbering plan was phased out in most locations during the 1960s
but it wouldn't surprise me if some of these obsolete phone numbers are included in hackers' dictionaries.
The "2L-5N" numbering plan was originally designed for a time before the Bell System was upgraded to manual dialing by the telephone system customers themselves. Prior to that, all calls were connected by asking telephone "operators" to make the connection to the desired telephone number.
Going back even before that time, telephone exchanges had only names, which were generally chosen by the Bell System to be easily understood over even poor connections. In a given city names such as "Market", "Enterprise", Baywater" and so forth were used, with four numbers following. Those four numbers translated into 10,000 possible individual telephone numbers within each exchange: "0000" to "9999". At this point a typical telephone number might be "Market 1234".
As the system expanded and became more automated, an additional prefix number was added, so that new exchange groups could be added within the existing physical equipment buildings. So now we had the possibility of prefixes such as "Market 1-1234", Market 2-1234", and so forth. But in many parts of the US those numbers were still being connected by human operators, and a phone number was now shown in the telephone directories as MArket 1-1234.
The final step in the system automation was the elimination of human operators, and the introduction of dials on each customer telephone. The central office (CO) equipment of course had no idea what a prefix such as "MArket" might mean, so those first two letters now became equivalent numbers: telephone numbers now consisted of a 3-number prefix, followed by the original 4-number group for each customer. "MArket 1-1234" now became "621 1234" from the viewpoint of the CO equipment. If you look at an old rotary dial telephone you will see the pattern for the conversion of the letter prefix into the new numerical prefix.
So at that point we had a "2L-5N" phone number, which in reality was actually "3N-4N" as far as the CO equipment was concerned. The "3N" was the exchange prefix (621), and the "4N" (1234) was the discreet telephone number within that exchange.
Even then, in the US Bell System operators were still very much employed, primarily for "long distance" calling, because the additional 3-number "area code" system was not yet in use. Going into the 1960s, the introduction of Area Codes allowed direct dialing almost anywhere in the US, and even those operators were gradually phased out, leaving human operators only for services such as "Information".
When I was a kid, if you needed to "look up" a local telephone number and didn't have access to a printed directory, you could dial "411" for "Information". If you needed to find a number in another city your local "Information" operator would connect you to her opposite number in the city that you wanted.
Now, of course, all of that is no more. Within today's AT&T it's almost impossible to talk to a human being to help with any communications problem. Your AT&T email stops working? Good luck to you... the person in India reading a canned script isn't going to be much help.
And now that much of telephony is actually transmitted over the internet, we have achieved connection quality which sometimes rises to that of the operator-connected phone calls of the 1940s. But it is cheap. As someone once observed, "cheap" drives out "good".
Exactly why using old telephone numbers that you already have stashed in your memory works well. Using the entire exchange name prefix with the first two letters capitalized plus the remaining five numerals and a dash (ie: PRospect 6-9827) is easy to remember and gives very good protection.
@hank- How do you think that your iPad was hacked? I'd guess that might have happened using it at a free "hotspot" somewhere outside of your home.
My passwords tend to consist of single cap letters that stand for past activities, places, persons coupled with lower case letters and numerals that relate to said. Sometimes they tell a story. Of course, I throw in some special characters as part of the entire scheme. One way to keep them semi-recorded is to write to files skipping several letters or numbers and replacing those with dash marks. So only you can figure out what belongs in those blank spots.
I am old school and doing something that catch22 does. Also I change the password every 30 days.
Passwords: I find the current level of REQUIRED difficulty in creating passwords imposed by the websites I really need are already sufficiently bothersome. On the basis of their bothersome-ness, I get creative with obscenities as passwords, with the additionally-required "special characters," numbers and capital letters.
One of my credit unions lets me log-in to my account, but if I try to simply click on an announcement or promotion WITHOUT logging-in, it stops me in my tracks. Buncha crap. After a phone conversation with them, it appears a security tool I use is the reason. It spoofs my OS every so often. (But who really knows? The way things operate today, the machines ARE in charge. No human could ever get to the bottom of it. Another brick in the wall. Another instance of amoral operations at work. Nothing needs to make sense anymore, as long as we can do what we want to do. Until we CAN'T, because the system blocks us. Why? Might as well wait for Godot to get an answer. THAT is an unacceptable ethical flaw, but the Powers That Be just throw it over their shoulder.)
Password Manager? No, I don't need ANOTHER layer of interference.