Dr Bob Posted August 19, 2017 Report Share Posted August 19, 2017 On 17/08/2017 at 13:38, blackrose said: I use my 25GB data allowance on my phone and tether to my laptop to get internet access. It used to be fine and I was only using a maximum of about 8GB/month, but in the last couple of months I've been going over my limit and I haven't been doing anything different. Someone in the Vodaphone shop looked at my phone and told me it was the background apps in my laptop that were doing the damage. I've found the settings in Google chrome and there is an option in the advanced settings which says "Continue running background apps when Chrome is closed". This was switched on but I have now switched it off. But what about when Google chrome is open? Surely I don't want any background apps running then either? Is there an option to switch them off? Also if anyone has any other ideas on settings to reduce data usage I'm all ears. We've only recently started with data on a NB. Using a 4G router (from solwise) linked to 2 Ipads, 1 Iphone, 1 android phone and a Mac. I too was surprised at the amount of data used but on studying the router, about half of the data is going as 'upload' rather than download. Last month our 20gig was about half upload and half download. Havent a clue why there is anywhere near this much upload. I cloud has been turned off. We are not backing up to any clouds. When I send an email with a 2 meg word doc it seems to increase the upload by 100meg (maybe an over statement but you get my drift). I wondered if this was some sort of 'tethering' penalty - we on BT which uses EE - but we get the same uploads if I put my vodaphone sim in. It seems to happen all the time so I dont think it is one device with malware. Perhaps you are getting this upload as well. I'd be keen to hear how I can throttle the upload speed back - or even stop unwanted uploads. Link to comment Share on other sites More sharing options...
mross Posted August 19, 2017 Report Share Posted August 19, 2017 I use LastPass. My passwords are salted and encrypted so the 'cloud' feature is not a security risk. Syncing between phone and laptops is very useful. I also use LP to store secure notes and memos. Link to comment Share on other sites More sharing options...
Robbo Posted August 19, 2017 Report Share Posted August 19, 2017 18 hours ago, reg said: Don't fully agree with that One of the most common hacking techniques is to use dictionary searches of linked whole words. 2 or 3 dictionary words linked isn't a major problem for a dictionary linked interrogation programme. The normal starting points are names, dictionary words or geographical names then numbers then case. A better solution is password generator and database of these I prefer the standalone type I. E require manual backup and export/import. More work to synchronise across appliances but much more secure than an Internet linked system. I agree, using common words even if they make no sense strung together is like using 1 character per word. However if you use password padding any word can be used. And you can just write the word down and remember the padding. So let’s say my padding is 12dots............ and my password for this site could be canalworld followed by my padding, so my full password would be canalworld12dots............, this makes it easy to remember but very hard to crack. Link to comment Share on other sites More sharing options...
LadyG Posted August 19, 2017 Report Share Posted August 19, 2017 (edited) I understand if you are near a train line you might ge free wifi [esp after train hours!], its a cloudy issue. Edited August 19, 2017 by LadyG Link to comment Share on other sites More sharing options...
mross Posted August 19, 2017 Report Share Posted August 19, 2017 How could a hacker crack a passphrase such as elephantablegreen? No way is it comparable to etg . And if you were to put another character, such as '^' between the words, it would make it impossible. Link to comment Share on other sites More sharing options...
reg Posted August 19, 2017 Report Share Posted August 19, 2017 (edited) 31 minutes ago, mross said: How could a hacker crack a passphrase such as elephantablegreen? No way is it comparable to etg . And if you were to put another character, such as '^' between the words, it would make it impossible. Don't disagree if multiple words are used and special characters Another point is that a hacker is not likely to spend a lot of computing resource to crack my personal password the maximum benefit they could gain is some of my fortnightly pension. However in a commercial or government environment there may be some benefit to the hacker in dedicating computing resource to cracking a password. My personal preference is to use a strong password from a password generator stored in a password vault with no direct Internet access. This is very easy to achieve with a password app. Completely over the top which makes me happy because if it is easy to do then why not do it. This is a decent plain English summary of some of the basic techniques used. http://web.cs.du.edu/~mitchell/forensics/information/pass_crack.html By the way what us ETG? Edited August 19, 2017 by reg Link to comment Share on other sites More sharing options...
mross Posted August 19, 2017 Report Share Posted August 19, 2017 5 minutes ago, reg said: By the way what us ETG A previous poster seemed to imply that linked, dictionary words in a passphrase would be easy to crack so elephanttablegreen would be as easy to crack as three letters - etg. Link to comment Share on other sites More sharing options...
BruceinSanity Posted August 19, 2017 Report Share Posted August 19, 2017 5 minutes ago, mross said: A previous poster seemed to imply that linked, dictionary words in a passphrase would be easy to crack so elephanttablegreen would be as easy to crack as three letters - etg. I've tracked down the original story that led me to passphrases: https://www.theverge.com/2017/8/7/16107966/password-tips-bill-burr-regrets-advice-nits-cybersecurity Bill Burr who started the whole p@$$w0rd idea has now said he regrets his advice as it just leads to careless habits and passwords that are hard for humans to remember and easy for computers to predict and crack. Even if you use a password vault on or offline to store randomly generated passwords, you still need a master password to access it. Link to comment Share on other sites More sharing options...
Robbo Posted August 19, 2017 Report Share Posted August 19, 2017 11 minutes ago, mross said: A previous poster seemed to imply that linked, dictionary words in a passphrase would be easy to crack so elephanttablegreen would be as easy to crack as three letters - etg. Not quite as easy, as there are only a fine amount of characters, where there is quite a lot more words to use. Link to comment Share on other sites More sharing options...
mross Posted August 19, 2017 Report Share Posted August 19, 2017 Which of the following two passwords is stronger, more secure, and more difficult to crack? And which is easy to remember? D0g..................... PrXyc.N(n4k77#L!eVdAfp9 https://www.grc.com/haystack.htm Link to comment Share on other sites More sharing options...
reg Posted August 19, 2017 Report Share Posted August 19, 2017 2 minutes ago, mross said: A previous poster seemed to imply that linked, dictionary words in a passphrase would be easy to crack so elephanttablegreen would be as easy to crack as three letters - etg. Ok thanks for that thought it was a special technique I hadn't heard of. The previous poster was me by the way didn't say that elephantablegreen was as easy to crack as etg. One would take a lot more resource than the other, the link I gave above shows some orders of magnitude involved in computing power required. One other point I forgot to mention is the multiple passwords requirement for multiple sites. Whilst elephantablegreen with some special characters may be of reasonable strength for a personal password and is reasonably easy to remember you then have the problem of choosing whether to use elephantablegreen for all your sites or do you have a different three word string for each site. In the later case you then hit the old problem of trying to remember multiple multiword with characters passwords. Human nature basically says I can't be ars*d so I will use a simple password or a decent password but share it across multiple sites. Link to comment Share on other sites More sharing options...
mross Posted August 19, 2017 Report Share Posted August 19, 2017 You use a different password for each website, but a PASSPHRASE to secure your password manager. My passwords are 12 to 18 characters, random and include letter, numbers and special characters. LP generates these for me so they are truly random. My internet banking passwords and phrases are stored in my memory, nowhere else. LastPass works on any browser, phone, tablet, desktop or laptop. 7 minutes ago, reg said: The previous poster was me by the way I said A PREVIOUS, not THE PREVIOUS and it wasn't you! Link to comment Share on other sites More sharing options...
reg Posted August 19, 2017 Report Share Posted August 19, 2017 (edited) 41 minutes ago, mross said: You use a different password for each website, but a PASSPHRASE to secure your password manager. My passwords are 12 to 18 characters, random and include letter, numbers and special characters. LP generates these for me so they are truly random. My internet banking passwords and phrases are stored in my memory, nowhere else. LastPass works on any browser, phone, tablet, desktop or laptop. I said A PREVIOUS, not THE PREVIOUS and it wasn't you! I stand corrected thought it was a reference to my post 21 but have found the post you mean now. I've been responding to responses to my previous response when in fact they were not so doing. Thread has been helpful in that I am seriously considering swapping to Lastpass now, seems enough confidence in it to make the swap. Thread Responses give me enough confidence to use the secure synch and auto fill features which I currently, through chose, don't have Edited August 19, 2017 by reg Link to comment Share on other sites More sharing options...
Robbo Posted August 19, 2017 Report Share Posted August 19, 2017 21 minutes ago, mross said: Which of the following two passwords is stronger, more secure, and more difficult to crack? And which is easy to remember? D0g..................... PrXyc.N(n4k77#L!eVdAfp9 https://www.grc.com/haystack.htm The podcast that the guy does that runs the site is where I got the password padding bit from. Link to comment Share on other sites More sharing options...
Robbo Posted August 19, 2017 Report Share Posted August 19, 2017 27 minutes ago, reg said: Ok thanks for that thought it was a special technique I hadn't heard of. The previous poster was me by the way didn't say that elephantablegreen was as easy to crack as etg. One would take a lot more resource than the other, the link I gave above shows some orders of magnitude involved in computing power required. One other point I forgot to mention is the multiple passwords requirement for multiple sites. Whilst elephantablegreen with some special characters may be of reasonable strength for a personal password and is reasonably easy to remember you then have the problem of choosing whether to use elephantablegreen for all your sites or do you have a different three word string for each site. In the later case you then hit the old problem of trying to remember multiple multiword with characters passwords. Human nature basically says I can't be ars*d so I will use a simple password or a decent password but share it across multiple sites. One of the reasons I like the password padding is that I can use a simple word that’s related to the site so each site is different and I’ve no need to write them down or keep them in a password wallet. Link to comment Share on other sites More sharing options...
mross Posted August 19, 2017 Report Share Posted August 19, 2017 pwdhash is an app or website which uses the website domain plus a salt of your choosing so that you remember the salt and this app/site generates a unique password for each website. There are extensions available. All hashing is done on your computer. I can recommend it. It is run by Stanford University. Link to comment Share on other sites More sharing options...
Dr Bob Posted August 19, 2017 Report Share Posted August 19, 2017 37 minutes ago, mross said: Which of the following two passwords is stronger, more secure, and more difficult to crack? And which is easy to remember? D0g..................... PrXyc.N(n4k77#L!eVdAfp9 https://www.grc.com/haystack.htm how many dots was that? Link to comment Share on other sites More sharing options...
reg Posted August 19, 2017 Report Share Posted August 19, 2017 (edited) 26 minutes ago, Dr Bob said: how many dots was that? str.count(sub, start= 0,end=len(string)) To a programme that long Or http://www.charactercountonline.com/ Edited August 19, 2017 by reg Link to comment Share on other sites More sharing options...
blackrose Posted August 23, 2017 Author Report Share Posted August 23, 2017 (edited) On 17/08/2017 at 22:29, Chewbacka said: and it's a better password than the boat name, or Pa55word or some of the other most common passwords. I didn't choose the password for tethering to my phone - I think it's set by the phone manufacturer? On 17/08/2017 at 22:48, RichM said: If that is your primary means of connectivity, 25GB data is not really a lot in all fairness, mediocre at best. - Especially if you use the internet daily and even moreso if you stream online content. I use approximately 4-5GB a month just keeping my apps up to date on one phone and that's not including Windows updates for my laptop which add significantly to that. (some can be in excess of 3GB) Having said that there are people who get by with much less but I'm certainly not one of them! While turning off automatic updates will certainly conserve data, it's not advisable because apps are updated for several reasons and as an IT professional myself, I have seen serious consequences as a result of out of date software over the years. I could write an entire essay about the subject if I had to! 25 GB may not be a lot for you but it's been plenty for me over the last 10 months since I got this phone contract. As I said, I only normally use less than 8 GB/month and my browsing habits haven't changed, but over the last 2 months the data usage certainly has. Edited August 23, 2017 by blackrose Link to comment Share on other sites More sharing options...
Featured Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now