Actually that’s not totally incorrect. Fiber conduits suck.
On a serious note, the worry is that someone who steals a weaker DB like NYSpeed will have your email and password and the general user uses the same password for every account they can.
NYSpeed DB -> username, email, password -> try password as email password -> find past emails for accounts such as FB, banks, etc. and reset passwords since you can view the email -> access to more sites with just your NYSpeed password
Smart people have weaker passwords for sites, more complex ones for more sensitive information adn then the central email accoutn should be super secure. It may sound simple to tech people but a lot of people do not really think about this.
Esp when some asshat in a backhoe hits it.
No, its like saying, why bother with a ridiculous WEP/WPA key. My buddy’s is abacab1234567890987654321abacab which I find retarded. Mine is 000001111, I can tell my friends what it is without some lengthly story and repeating it five times. There is a difference between making a password that isn’t your name, and something that is 23 random special characters (which is what I’m pointing out is ridiculous).
Lol we had a contractor dig through a fiber conduit a few weeks ago. Apparently they told them not to dig there. The foreman told the operator to just dig. They took down a huge portion of our networks. The foreman got fired lol
My passwords are all similar, with a variation for each based on a pattern that is obscure enough that someone who gets my email facebook password isn’t suddenly going to have the keys to the kingdom and all of my accounts.
We have ongoing construction on our street outside. We have conduit taking fiber to the buildings across the streets, and we figured there would be some problems. They wound up crushing part of the conduit with fiber exposed then proceeded to bury it. I’ll have to get he pics, but they tried to deny it. Now we are having our cabling guy test all the fiber pairs that go over there to make sure they still work (not all of them are used ATM).
---------- Post added at 03:26 PM ---------- Previous post was at 03:25 PM ----------
Are all your accounts linked to that email? If so, and they got your password to the email, they could just do a bunch of password resets on your accounts.
This is my point entirely.
---------- Post added at 03:32 PM ---------- Previous post was at 03:31 PM ----------
No. I have different email accounts for work, personal stuff, forums/social media and business related things. Thats mainly an organizational thing on my part, although I suppose it helps in your scenario.
Verizons Fiber runs right on the edge of a lab of mine… (picture a small building near the very outer edge of a site)
I’m told its a VERY important trunk line and is a part of a ring or something…
So I’m going to be generating a shit ton of H2/CO in the lab that is attached to. 
Ya thats how mine is. I have a really good one that I use for Gmail and some other banking stuff as a lot of accounts are tied to that. I have a basic one for stupid stuff like forums and then variations of it for how much that site has access too like paypal, other accounts, etc.
We usually choose a line of a song and make that the password. When I was lab manager, our password was some variation of “as long as I gaze over waterloo sunset, I am in paradise”. It ended up being easy to remember through the phrase, but it was a 20+ length mixed alphanumeric / symbol password, that was next to impossible for human’s to visually see and steal.
^^^ LOL the best part is that the time needed to crack that password if you did it with no spaces and just the comma, So much more secure than a crazy 12 character one and this one wont get written down on a piece of paper.
Estimated Gross Number of hours to Crack: 4,394,412,170,059,770,000,000,000,000,000,000,000,000,000,000,000,000,000.00 hours
On Distributed Level: 183,100,507,085,824,000,000,000,000,000,000,000,000,000,000,000,000,000.00 days
If Number of Machines Employed were:
10.00 |||| 439,441,217,005,977,000,000,000,000,000,000,000,000,000,000,000,000,000.00 hours
50.00 |||| 87,888,243,401,195,500,000,000,000,000,000,000,000,000,000,000,000,000.00 hours
100.00 |||| 43,944,121,700,597,700,000,000,000,000,000,000,000,000,000,000,000,000.00 hours
250.00 |||| 17,577,648,680,239,100,000,000,000,000,000,000,000,000,000,000,000,000.00 hours
500.00 |||| 8,788,824,340,119,550,000,000,000,000,000,000,000,000,000,000,000,000.00 hours
1,000.00 |||| 4,394,412,170,059,770,000,000,000,000,000,000,000,000,000,000,000,000.00 hours
10,000.00 |||| 439,441,217,005,977,000,000,000,000,000,000,000,000,000,000,000,000.00 hours
100,000.00 |||| 43,944,121,700,597,700,000,000,000,000,000,000,000,000,000,000,000.00 hours
So something like Youareafilthypirate-hookerfromThailand is more secure than P1ra+{H00k3r ?
As soon as you add a special characters the size of the keyspace doubles.
They’re saying the longer is more secure if you can easily remember it and the time it takes to brute force a password that size.
Unless of coarse you have legacy support on your windows environment and all the hashes are stored as LM and not NTLM.
I just changed my password to a 20 character password with a special character. How secure am I now 
20 char with specials is pretty damn secure…like walter said earlier, when you compare it to the rest of your employees, you’re likely leaps and bounds ahead
it’s also a special character that isn’t on standard US keyboards so you have to use the unicode shortcut. It’s a pain in the ass to type though. I’m just going to use it for my AD login and network stuff.
I’m telling you it doesn’t matter how long it is in a XP/2003 environment lol
The whole point of this is that long passwords that are dictionary words are more secure on a brute force attack for the combinations than shorted multi character passwords or ones that admins make you use only 8 characters with requirements for symbols and crap. There are more and they are also easier to remember than someone having to write down their password that has so many special characters in it and if you simply use capital and lower case letters, any letter you add is another 52x combinations.
The password can be as sure as hell but if the system its stored on is easily attackable, its not that useful. Also, if someone can gain physical access to your box, your passwords are the least of your problems. Lol.
We’ll be moving to Win7/2008 soon, as soon as the domain controllers are upgraded.
N/M I couldn’t figure out how to get the same character on a mac, I changed passwords back.
MAKING A LONG PASSWORD MEANS IT TAKES LONGER TO TYPE IN EQUALS LESS PRODUCTIVITY EQUAL CASE CLOSED.