Real dialogue about real password ideas

We have a Skype room called the International Internet Marketing Group where we discuss various topics related to Internet Marketing. Last night, we had a discussion, which I led, about passwords and online security. Here’s an excerpt:

EVERYBODY here needs to LEARN this stuff today.
[9/26/2011 7:59:22 PM] ™ Gary Simpson: If you choose not to read it or – even worse – IGNORE it then more fool you!
[9/26/2011 8:00:16 PM] ™ Gary Simpson: Marj, you wanna kick off with the subject?
[9/26/2011 8:00:43 PM] Steve Lorenzo: Ken is the (*) tonight
[9/26/2011 8:00:51 PM] ™ Gary Simpson: Yep.
[9/26/2011 8:00:59 PM] ™ Gary Simpson: The Sheikh of Geek!
[9/26/2011 8:01:22 PM] Dennis Pippin: I’m all ears Ken
[9/26/2011 8:03:13 PM] ™ Gary Simpson: Banging fist on table: GEEK! GEEK! GEEK!
9/26/2011 8:04:17 PM] ™ Gary Simpson: Those who need it most ain’t here – as USUAL!
[9/26/2011 8:04:21 PM] Marj Wyatt: Bill will catch up
[9/26/2011 8:04:55 PM] ™ Gary Simpson: “I will read it later” <— translates to “I can’t be stuffed.”
[9/26/2011 8:05:16 PM] Maureen Amberg: I’m here
[9/26/2011 8:05:24 PM] ™ Gary Simpson: NEXT: “My site has been hacked!”
[9/26/2011 8:05:35 PM] ™ Gary Simpson: HEEEEEEEEEEEEEEELP MEEEEEEEEEEEEEEEEEEE!
[9/26/2011 8:05:39 PM] Marj Wyatt: Topic tonight is Online Security for your Business (think we ought to keep it focused on Business)
[9/26/2011 8:05:59 PM] + Ken Harthun (Co-host: TIIMG): [Monday, September 26, 2011 8:04 PM] ™ Gary Simpson:

<<< Those who need it most ain’t here – as USUAL!Let them eat Phish!
[9/26/2011 8:06:14 PM] ™ Gary Simpson: ************************************
[Monday, September 26, 2011 8:05 PM] Marj Wyatt:

<<< Topic tonight is Online Security for your Business (think we ought to keep it focused on Business)************************************
[9/26/2011 8:07:15 PM] + Ken Harthun (Co-host: TIIMG): Gary, Steve, Anyone. What is the least secure password you can use.
[9/26/2011 8:07:26 PM] Kay Brasher: password
[9/26/2011 8:07:37 PM] ™ Gary Simpson: admin?
[9/26/2011 8:07:47 PM] Kay Brasher: I thought admin was the login?
[9/26/2011 8:07:49 PM] ™ Gary Simpson: Both are as DUMB as each other.
[9/26/2011 8:07:56 PM] Marj Wyatt: @Ken, children’s names, birthdays
[9/26/2011 8:07:58 PM] + Ken Harthun (Co-host: TIIMG): Yes, Kay, and what if I told you that password is perfectly OK to use IF you do something to it?
[9/26/2011 8:07:59 PM] ™ Gary Simpson: Your name?
[9/26/2011 8:08:01 PM] Marj Wyatt: Marj Wyatt just guessing
[9/26/2011 8:08:11 PM] Kay Brasher: Oh I am all ears
[9/26/2011 8:08:11 PM] Dennis Pippin: 123456
[9/26/2011 8:08:19 PM] ™ Gary Simpson: eg password versus !pass!word%
[9/26/2011 8:08:40 PM] + Ken Harthun (Co-host: TIIMG): Yes, 123456 is a good one. Also, can be one of the most secure passwords you can use. Anyone confused yet? Ready to lynch me?
[9/26/2011 8:09:09 PM] Marj Wyatt: have no idea, Ken
[9/26/2011 8:09:09 PM] ™ Gary Simpson: @ Ken – depends how you “conceal” it.
[9/26/2011 8:09:27 PM] + Ken Harthun (Co-host: TIIMG): Gary, you’re too damn smart for your own good… LOL
[9/26/2011 8:09:39 PM] Marj Wyatt: combo of upper/lower case alpha with numeric and special characters
[9/26/2011 8:09:47 PM | Edited 8:09:58 PM] ™ Gary Simpson: LOL!
[9/26/2011 8:10:01 PM] Marj Wyatt: lower case “us” Robert
[9/26/2011 8:10:22 PM] + Ken Harthun (Co-host: TIIMG): Here’s a question, based on Marj’s comment. What is the most secure password of these two? Xh73!*j3 or Dog……..?
[9/26/2011 8:10:37 PM] Kay Brasher: Xh73!*j3
[9/26/2011 8:10:48 PM] Marj Wyatt: [Monday, September 26, 2011 8:10 PM] + Ken Harthun (Co-host: TIIMG):
<<< Xh73!*j3that one
[9/26/2011 8:10:55 PM] + Ken Harthun (Co-host: TIIMG): @Kay BUZZZZZ! Not!
[9/26/2011 8:11:04 PM] + Ken Harthun (Co-host: TIIMG): Wrong, Marj.
[9/26/2011 8:11:20 PM] Marj Wyatt: oh well
[9/26/2011 8:11:28 PM] ™ Gary Simpson: 1k2e3n4h5a6r7t8h9u10n
[9/26/2011 8:11:34 PM] Marj Wyatt: I use an online strong password generator tool
[9/26/2011 8:11:44 PM] + Ken Harthun (Co-host: TIIMG): @Gary BUZZZZ you’re out XXXXXX
[9/26/2011 8:12:04 PM] ™ Gary Simpson: Spill Geek.
[9/26/2011 8:12:15 PM] Marj Wyatt: Ok Ken, why would Dog…….. be better?
[9/26/2011 8:12:23 PM] + Ken Harthun (Co-host: TIIMG): I vill give you my secret for a fee!
[9/26/2011 8:12:36 PM] ™ Gary Simpson: Stop speaking like the Count!
[9/26/2011 8:12:39 PM] Marj Wyatt: umhmmm
[9/26/2011 8:12:43 PM] ™ Gary Simpson: Has he bitten you?
[9/26/2011 8:12:43 PM] + Ken Harthun (Co-host: TIIMG): Everyone must pay the fee!
[9/26/2011 8:12:58 PM] Marj Wyatt: (bow)
[9/26/2011 8:13:09 PM] + Ken Harthun (Co-host: TIIMG): Ist you villing to pay ze fee?
[9/26/2011 8:13:27 PM] ™ Gary Simpson: I vill keel you if you keep the teeze.
[9/26/2011 8:13:30 PM] Kay Brasher: Sorry I am broke
[9/26/2011 8:13:37 PM] Marj Wyatt: I just bowed to you, that’s all yer gettin
[9/26/2011 8:14:04 PM] + Ken Harthun (Co-host: TIIMG): OK. The fee is simple: Promise to heed these words and USE what I am about to reveal to you!
[9/26/2011 8:14:10 PM] + Ken Harthun (Co-host: TIIMG): Agreed?
[9/26/2011 8:14:19 PM] Dennis Pippin: Agreed!!!
[9/26/2011 8:14:19 PM] ™ Gary Simpson: Agreed.
[9/26/2011 8:14:20 PM] + Ken Harthun (Co-host: TIIMG): It’s really a revelation1
[9/26/2011 8:14:21 PM] Marj Wyatt: (nod)
[9/26/2011 8:14:27 PM] Tina Golden: Agreed <and I’m here now… lol>
[9/26/2011 8:14:35 PM] ™ Gary Simpson: Quoting from the Bible now?
[9/26/2011 8:14:37 PM] Suzanne Patricia Howarth: most programs won’t allow 3 letter passwords anyway
[9/26/2011 8:14:41 PM] Kay Brasher: Agreed
[9/26/2011 8:14:43 PM] ™ Gary Simpson: ie Revelations.
[9/26/2011 8:14:50 PM] Maureen Amberg: Why can’t you have a password that noone could guess?
[9/26/2011 8:15:02 PM] Marj Wyatt: @Suzanne, except for DAP
[9/26/2011 8:15:03 PM] + Ken Harthun (Co-host: TIIMG): The correct answer is that Dog…… is a very secure password and easier to remember than XH@*222>>>@
[9/26/2011 8:15:22 PM] Marj Wyatt: That’s why I use Roboform!
[9/26/2011 8:15:23 PM] ™ Gary Simpson: @ Maureen – A brute force password attack will crack almost any English word so it’s
best to include some random characters to avoid the possibility of that.
(See Steve Lorenzo’s e-book/report on the most common passwords NOT to use.)
[9/26/2011 8:15:26 PM] -Bill Vallee (Leader:TIIMG): (whew) (wave) (flag:us)
[9/26/2011 8:15:38 PM] Suzanne Patricia Howarth: You are not saying why. please get to the point I need to go
[9/26/2011 8:15:40 PM] + Ken Harthun (Co-host: TIIMG): Gary, you’re stealing my thunder here.
[9/26/2011 8:15:59 PM] ™ Gary Simpson: Soz Ken. I will STFU. LOL!
[9/26/2011 8:16:14 PM] Dennis Pippin: so you mean dog with the dots?
[9/26/2011 8:16:45 PM] + Ken Harthun (Co-host: TIIMG): OK. here’s the scoop. You take any dictionary word, your name, your dog’s name, anything you want and PAD it with a personal password pattern that you will easily remember and you have an virtually unbreakable password.
[9/26/2011 8:17:05 PM] ™ Gary Simpson: EXCELLENT point.
[9/26/2011 8:17:35 PM] Steve Lorenzo: [Monday, September 26, 2011 8:06 PM] + Ken Harthun (Co-host: TIIMG):

<<< Gary, Steve, Anyone. What is the least secure password you can use.The MOST used password is
“123456″
See the Most Used 500 Passwords here:

http://tipsandtricks.im/TOP-500-Passwords-Download/

^^^ It is still free to get for you ^^^
But I’ll be releasing it as a PAID product WSO next week
[9/26/2011 8:17:54 PM] Tina Golden: Awesome tip, Ken, thanks!
[9/26/2011 8:17:57 PM] + Ken Harthun (Co-host: TIIMG): The secret is that the hackers don’t know your password. They will try dictionary words and common variations, but once you force them to use brute-force guessing routines, they’re lost.
[9/26/2011 8:18:00 PM] Maureen Amberg: I do not use a dictionary word…..and do add numbers or symbols.  Is OK?
[9/26/2011 8:18:45 PM] Tina Golden: I use a name (not my own) and number combination
[9/26/2011 8:18:51 PM] Steve Lorenzo: One VERY important thing is
You do not need ONE password .. <<< dumbest thing to do, no matter how complicated it is!
[9/26/2011 8:18:56 PM] Tina Golden: But I like Ken’s suggestion
[9/26/2011 8:19:10 PM] Steve Lorenzo: But rather different passwords for each separate website
[9/26/2011 8:19:13 PM] + Ken Harthun (Co-host: TIIMG): Steve, I’ll use 123456 every day. Try to guess this one: +_..123456.._+
[9/26/2011 8:19:18 PM] Dennis Pippin: [Monday, September 26, 2011 8:16 PM] + Ken Harthun (Co-host: TIIMG):

<<< OK. here’s the scoop. You take any dictionary word, your name, your dog’s name, anything you want and PAD it with a personal password pattern that you will easily remember and you have an virtually unbreakable password.I don’t understand this
[9/26/2011 8:19:48 PM] Maureen Amberg: Excellent point Steve!
[9/26/2011 8:19:51 PM] Tina Golden: If you have a virtually unbreakable password, would it matter if we used it on more than one site?
[9/26/2011 8:19:52 PM] Steve Lorenzo: Ken, it’s not about me, but the hackers who would use software to try all the combos possible
[9/26/2011 8:20:04 PM] Steve Lorenzo: the simpler it is, the fastest they can push through it
[9/26/2011 8:20:11 PM] Dennis Pippin:  PAD it with a personal password pattern…. this is what I don’t understand
[9/26/2011 8:20:25 PM] ™ Gary Simpson: @ Dennis – look what I did here:
[Monday, September 26, 2011 8:11 PM] ™ Gary Simpson:

<<< 1k2e3n4h5a6r7t8h9u10n
[9/26/2011 8:20:34 PM] + Ken Harthun (Co-host: TIIMG): Once you add the padding, which is unkown to a hacker, and force brute force attacking methods, then length trumps complexity. Use anything you will easily remember, just add a pattern that you will remember and you’re good to go.

[9/26/2011 8:24:52 PM] + Ken Harthun (Co-host: TIIMG): @Marj. Brute force means you have to guess every character one at a time. It can take eons if your password is long enough.

Are you getting this?