phpBB Academy at StarTrekGuide

[topdown]

Do to the nature of hackers/crackers we have to do better to secure our sites.
Especially Admin and C-Panel accounts.
I actually use to use a memorable password letter number mix, but it simply isn't good enough anymore.
BAD : my3good4pass This can get Bruteforced
GOOD : IxKUozu9EZiA0iWJ3TnQ Good luck hacking that
For a good break down on passwords, check out this post
So here are some great little programs to fix that, so you can have long highly mixed passwords and different for every site.

Pointed out to me by Brainy in the phpBB Weekly Podcast

[11:44:53 AM] <Brainy> Check out KeePass

Well here it is
http://keepass.info/
Excellent little program that can give you all kinds of generated passwords, long, mixed, and store them in a secure database on a locked USB stick.

Works good on my Vista (32) and has 64 bit drivers so it should work there also.
For Mac read the next post

[mtotheikle]

If you are running a Mac I would urge you to buy 1Password. Yes it is expensive, but it is a great program and you can make sure your passwords are strong.

[brodo John]

If you only used Safari would that suffice and be "strong" enough to save passwords?

[3Di Marco]

got this: http://keepass.info/ I'll give it a shot.

[cherokee red]

GOOD : IxKUozu9EZiA0iWJ3TnQ Good luck hacking that .

Good, but adding a symbol or 2 in there would make it even better

IxKU$zu9&ZiA0iWJ%TnQ

[topdown]

Which is better, but some sites don't allow symbols only abc/123's
That app has the potential of creating passwords in just about any possible variation.

[Erik Frèrejean]

Which is better, but some sites don't allow symbols only abc/123's

Those sites are nub++ and you shouldn't use them, same as for silly maximum character limitations on passwords

[brodo John]

The 1Password for Mac demo is good... an excellent password generator included along with several other features... I can see this is going to cost me money...

Just tried the generator up full to create a password for here but it was deemed to long.

[Highway of Life]

Which is better, but some sites don't allow symbols only abc/123's

Those sites are nub++ and you shouldn't use them, same as for silly maximum character limitations on passwords

You are correct on both counts, but I did want to point out that phpBB3 has a character limitation as well... which the administrator can set, but is usually 25-30 or more chars.
The safest passwords to use contain the following:

1. MiXeD CasE letters.
2. Non-dictionary words, nonsense, or gobbledegook.
3. Numbers interspersed and in no particular pattern.
4. At least 2 symbols, but the more the better. (i.e. #%(*!^@$)
5. Between 20 and 30 chars, the longer, the safer.

Really tough passwords are especially important for accounts such as:

1. Your Server access, root access passwords.
2. Your Database access passwords.
3. Your cPanel access passwords.
4. Your password for your administrator account on any software running on your server, including but not limited to phpBB.
5. eBay, PayPal, your online bank, credit card accounts or other accounts that could contain bank accounts, credit card numbers, social security numbers, or even your physical mailing address.

All of the above type of accounts you should never access on public or shared computers, but should always be accessed by your computer and have a password management program manage your passwords for these accounts so that you do not need to memorise them. As a general rule of thumb, if you can remember your password, it is not safe.

[Erik Frèrejean]

Which is better, but some sites don't allow symbols only abc/123's

Those sites are nub++ and you shouldn't use them, same as for silly maximum character limitations on passwords

You are correct on both counts, but I did want to point out that phpBB3 has a character limitation as well... which the administrator can set, but is usually 25-30 or more chars.

I'm aware of that and 30 is a reasonable limit. I know however of enough sites that have limits way lower 10/12 chars and that where the ones I'm pointing at .