Here's why you should stop memorizing your passwords
Have you ignored advice on using password managers? This video is for you.
Subscribe to our channel! goo.gl/0bsAjO
Every time a big company is hacked, like when Yahoo got hacked in 2016 and exposed the personal info of over 1 billion accounts, experts tell us to stop trying to memorize all of our password and to use a password manager instead. A password manager is basically a virtual safe where you can safely store all of your passwords. Since when you use a password manager you don't have to remember every single password anymore, you can make them really long and complicated. Your passwords are also encrypted so even if your password manager gets hacked, all of the individual passwords stored within are safe from hackers.
Vox.com is a news website that helps you cut through the noise and understand what's really driving the events in the headlines. Check out www.vox.com to get up to speed on everything from Kurdistan to the Kim Kardashian app.
Check out our full video catalog: goo.gl/IZONyE
Follow Vox on Twitter: goo.gl/XFrZ5H
Or on Facebook: goo.gl/U2g06o
Пікірлер: 3 900
If I was a hacker, I would create a Password Manager so that everybody'd send me their passwords.
@lukefrance9558
7 жыл бұрын
channalbert but right now you may just get one guy
@gregdesouza17
7 жыл бұрын
The trusty password Managers do not ask for internet Connection to work, so there is that.
@thespicehoarder
7 жыл бұрын
lol, you never need to ask to steel something now do you?
@dantruong2582
7 жыл бұрын
you would be found out really fast. Not all hackers are black hats. Some are white hats and they will bust you up. plus almost all password systems are double blind. Your master password would hashed. Then there would be a temp key created each time decrypt your data.
@MaxMakerChannel
7 жыл бұрын
Could your iPhone not potentially get a little keylogger that saves your master password as you enter it?
i was waiting for the password manager app sponsor
@jong9379
7 жыл бұрын
R4vel I recommend KeePass. it's free and works really well.
@R4vel
7 жыл бұрын
oh no im not looking for one, i personally just write down my PWs physically
@horseradish843
7 жыл бұрын
k
@matec.1773
7 жыл бұрын
+R4vel Same.
@neilviejon6303
7 жыл бұрын
R4vel lol same
I'll put my password manager password inside my password manager
@jared8515
6 жыл бұрын
*DONUTS* How are you going to get your password for your password manager if you put your password manager password into your password manager
@apoorvlathey5421
5 жыл бұрын
@@jared8515 r/whoosh
@jared8515
5 жыл бұрын
@@apoorvlathey5421 ironic r/woooosh
@felipealvesdourado1584
5 жыл бұрын
Then, every time you want to remember your password manager password, you just have to open the password manager app and see your password manager password.
@jared8515
5 жыл бұрын
@@felipealvesdourado1584 But if you haven't told your password manager to save your password when logging into password manager, you can't go find your password for password manager in password manager because you need your password from password manager to get into your password manager and to restore your password manager password in password manager.
plot twist the password manager app are the hackers.
@indogmore0n686
5 жыл бұрын
Hackers made the password manager and force everyone to either use their plugin or get hacked
@razvansamoila4022
5 жыл бұрын
That's a twist.
@User-xw6kd
3 жыл бұрын
Passwords are encrypted. Even LastPass doesn't have access to it's users' passwords.
@StarlasAiko
3 жыл бұрын
User 5748 or so they claim
@angelnajera5107
3 жыл бұрын
@@StarlasAiko You have to just trust most password managers if you use them, but Bitwarden has the software as open source, so anyone can look up the code to double check. The source code has also been checked. If you're distrustful, Bitwarden is one of the best choices.
Out there, someone truly terrified has the password macaroni123
@MyEverty
7 жыл бұрын
macaroni123 is the 9th most commonly used password
@edwardt2396
7 жыл бұрын
[PANICKED SCREECHING.]
@custradcrev
7 жыл бұрын
no paradise What the flip? Who decided that that was a good idea? Seriously, just: Person: Hmm. I can't think of a password. Person2: Use Macoroni123. Person1: Great idea! The End.
@fern8168
7 жыл бұрын
thomas jefferson
@edwardt2396
7 жыл бұрын
Blood And Guts No, the passwords he uses are "ilovevirginia777", "adams2k1797", and "alexandersucks".
Plottwist the password manager is the Hacker
@quilliamattari2772
7 жыл бұрын
lol
@BettyAlexandriaPride
7 жыл бұрын
THINK Godd Oh no. ohh no. OHHH NOOOOOOOOOOOOOOOOOO!!!!!!
@Khwerz
7 жыл бұрын
there are some that are open source, so you can verify those
@kaboomwinn
7 жыл бұрын
THINK Godd the best password is hand written on a paper and places in the real world safe in your very own house
@adidasovich524
7 жыл бұрын
what if someone comes in and steals it
You're telling me to stop memorizing my passwords? I don't! The secret is resetting your password anytime you want to get into your account. It is extremely annoying but I don't think I've gotten hacked YET :)
Let's play a game take a shot every time he says "Password"
@aidenmclean6981
6 жыл бұрын
EricWasHere I give up already😔
@kjlucky7513
6 жыл бұрын
EricWasHere ThAt wUz A grATe IdeA! But I don't drink. Orange juice here I come.
@rondoyle1638
6 жыл бұрын
I used water instead of alcohol
@Minecraft101ToonLink
6 жыл бұрын
My door has a huge hole from me shooting at my door.
@radomiami
6 жыл бұрын
Eeeeeeeeuuuyy helllllaoi gaiuss i5tsz tieemse fo4re aanothh voddreo
I don't trust Password Managers neither, i'll just be macaroni123 forever
@amorecredibleusername692
7 жыл бұрын
folddpstcrd thx
@liesdamnlies3372
7 жыл бұрын
And why don't you trust password managers? Ignorance of how they work?
@brandonxu3872
7 жыл бұрын
lies damnlies have you ever thought how a hacker could hack the password manager, get into your password manager account, and then have access to all your other passwords?
@forreal7403
7 жыл бұрын
lol that's the password from 1:27
@Hca.brandon
7 жыл бұрын
folddpstcrd 😂😂😂u made my night
The hacker would pay me to change my password after he cracks it when he sees my credit score...
@Guuy
7 жыл бұрын
RIP
@TS_Mind_Swept
6 жыл бұрын
(number)TheHacker (number)CyberChase
What about a sticky note???
@Jannyl13
6 жыл бұрын
But it's very unlikely and you'd know immediately if someone broke into your home, so you could probably block your accounts. I have all my passwords in a notebook. Like "Facebook: t******15&". The asterisks, I know by heart. And I only write down the changes I make to my master password. This way, I have long passwords that are relatively safe and people wouldn't be able to use the info in my notebook :)
@micahsilvestre9236
6 жыл бұрын
+Jannyl13 wow. that was cool.
@Mickey27_
6 жыл бұрын
randomations Yt you gonna lose that one day
@BelsPlays
6 жыл бұрын
Jannyl13 very smart I’m gonna do that
@blahblahblahbloohblah
6 жыл бұрын
Sounds like how you get a code in an RPG.
I feel like a big reason why people don't use password managers is because it feels like yet another vulnerability. The average person doesn't really know what ways a password can and can't be stolen. Therefore, they might see a password manager as "yet another door" for a hacker to not just steal their accounts, but steal ALL accounts they have. While if they just cycle through a few simple passwords, at worst like 50% of their accounts can be stolen if a single account gets hacked, instead of this 100%. There's a lot of cognitive bias involved in this way of thinking, but that's just how humans are, especially with such a "wizard" subject as hacking.
@LunaDragofelis
5 жыл бұрын
Also I'm afraid of what to do in case of a broken hard drive or if I break my phone. Goodbye accounts!
@AstrixHatesU
3 жыл бұрын
Luna Meow nope if you use a password manager like Dashlane and make a account on it if your mobile even gets broken you can download the app on another phone and sign in your account and you will get access to all your password again you just need to memorize 1 password and 1 email
Ha jokes on you ! I wont be one of the 'millions of americans that get hacked' cause i'm not American !
@ytaaalx3195
7 жыл бұрын
and why would anyone hack my account? I'm nobody, ha. jokes on them ha ha ha huhuhuhuh
@simerpreetsingh6765
7 жыл бұрын
Rushdan Jaliel Congratulations, now go drink some water before it runs out in your country.
@TruKave
7 жыл бұрын
Simerpreet Singh Congratulations, now you can go and escape before you FEEL TRUMP'S WRATH!
@isamuddin1
7 жыл бұрын
TruKave Co. congratulations you just become keyboard warrior XD
@TruKave
7 жыл бұрын
isamuddin lol
HAH! I can't become "one of the millions of Americans who get hacked every year" because I'm not American. Checkmate!
@davidflores909
7 жыл бұрын
Wokis besides this is like for non-ingenious people. I'm not really good at memorizing all my complex passwords either, yet I know all of them because I memorize them using muscle memory.
@jasonj3867
7 жыл бұрын
What do you mean my muscle memory?
@BudderB0y2222
7 жыл бұрын
No, he means that as soon as you get hacked, you automatically become an American citizen.
@thanosunreal5848
7 жыл бұрын
Brendan Berney good one
@jonessss
7 жыл бұрын
Wokis There are probably autistic Europeans who think you're being serious..
I'm just so overwhelmed going through the comments
@jamesedwards3923
5 жыл бұрын
Relax, you just need to evaluate your options. My personal recommendation is to go open source if you can. If not there are paid options.
So all your super hard to guess randomised passwords will be protected by an easy password you made
@eyitsaperson
6 жыл бұрын
3717362742632521411424122522424$*&"$-+;dsndhxjrgtz.
@fabiocetrulo4462
6 жыл бұрын
Really? I didnt see the video
@Oreoezi
6 жыл бұрын
Finally someone who thinks and doesn't just listen and belive
@thefiyabros9561
6 жыл бұрын
surfie007 EXACTLY
@westy229
6 жыл бұрын
Well he said even if it was hacked your passwords are hypothetically all safe since it encrypts each password
This video is so true but 99.999% of us will not do anything about it
@inkbery4473
7 жыл бұрын
John Lim yep. Too lazy.
@1_HighDuke
7 жыл бұрын
If you don't want to use a pass manager, you can use passwords made out of two parts. One large part (a small phrase for example) with symbols, capitals, numbers, etc. that remains unchanged for all accounts and a smaller part (a few characters that you can remember) that changes for each individual account.
@vitas75
7 жыл бұрын
Teodor Stefanescu what i do is think up of a weird ass password with letters, numbers and @&*$#,#€*? that i can manage to remember, then write it down on a sheet of paper and store it somewhere around. after typing in the password a few times i remember it, and can hide the paper somewhere safe, in case i forget the pass someday.
@twisterlord665
7 жыл бұрын
I just switched to using lastpass right now.
@iamamcnea
7 жыл бұрын
I use an algorithm to calculate my password from a plain text which is usually the domain name. The algorithm only exists in my head. This is by far the most secure method I have heard of. LastPass just fixed a remote execution bug in their code. When you put your password any known place, you create a known target.
3:00 "And besides, it's better than the alternative: becoming one of the millions of Americans that get hacked every year." Agree, I don't want to be hacked every year and I definitely don't want to become an American.
@carlosquesnel8881
7 жыл бұрын
Hahahahahaha, not nice but funny
@ast8177
7 жыл бұрын
Michel van der Lans lmao me to
@Ggdivhjkjl
7 жыл бұрын
Glad I'll never be one too mate ;)
@GGg-ug3jr
7 жыл бұрын
Andreas S. * me too
@FooBarBash
7 жыл бұрын
Yeah, this comes off as really "America is the most important country in the world." You're releasing a video on an international platform, Vox. Don't lump us all in with the U.S.
That's why I write mine in a book! I lost the book.
To everyone going "What if the manager is hacked?" The video covers this, watch before you comment: 2:27
@OOnhar
6 жыл бұрын
Alficiro but the developer still can access them right?
@trenamus6626
3 жыл бұрын
@@OOnhar 3 years late but no
So if I use the same password on every account I can become an American?
@Neo-ew7mp
6 жыл бұрын
who wants to be American ! not me
@gabbysidebe8740
6 жыл бұрын
Ave Ver the 2nd. wtf is wrong with you? Stop making the world a worse place because of your involvement in it.
@MinhNguyen-si2mo
6 жыл бұрын
Ave Ver the 2nd Do you know the meaning of these words, anyways you spelled "faggit" wrong ; you 9 year old.
@Esoeso933
6 жыл бұрын
I ate Ave Ver's brain so he/she really stupid XD
@Esoeso933
6 жыл бұрын
Jk I ain't a cannibal.
You're missing one huge problem. Your password for the password manager can get compromised. Then all your passwords will be exposed. It doesn't matter that the password manager encrypts the passwords, because your master password is the key to unlocking this encryption, otherwise obviously even you wouldn't be able to read them. It is a single point of failure.
@winkcla
7 жыл бұрын
G. Mikkelsen an attacker still has to get access to both the master password AND password manager data. Your encrypted passwords are not usually lying around on the web!
@Jeffers3094
7 жыл бұрын
Except you can transfer passwords between devices over the net. So yes your passwords are just lying around on the web.
@TheAxlin
7 жыл бұрын
1) Change the password if it's compromised. You should do this routinely regardless. I personally change mine every 6 months. You could probably do it annually and be just fine. Just make it a New Year's tradition. 2) Use 2-Factor Authentication (2FA) if it's available. That way if your password is compromised, they still need physical access to your 2-factor device, likely your (unlocked) phone, in order to obtain the randomized code needed in order to break into your vault. (This is also why it is SO important to enable 2FA for your other online accounts, such as your Google account; even in the unlikely event that your password manager is compromised, you will have 2FA protection further protecting your online identity). 3) Even if 2FA isn't available, your password manager probably already uses an alternative authentication mechanism. Namely, a special randomly-generated key which is required in *addition to* your password. Without that key, all they get is your encrypted data, which is essentially useless gibberish. Again, getting around this problem requires physical access to the device which stores this key. 1Password is a great example of this method, and they describe it here: blog.agilebits.com/2011/09/23/two-factor-or-not-two-factor/ tldr, knowing your password isn't enough on its own. Security goes *so* far beyond passwords, especially for password managers.
@TheAxlin
7 жыл бұрын
If you sync your passwords via "the cloud" (i.e., Dropbox, OneDrive, iCloud, etc.) using an offline password manager like KeePass, you cannot reasonably claim that it's more secure than a cloud-based service. After all, you will be, in effect, using the exact same mechanisms as the cloud-based service: storing an encrypted blob of data on a remote third-party server. Except that now you have to trust the password manager AND the cloud storage provider simultaneously. In addition, password management services are far more inclined to be transparent about their security practices considering that trust is a fundamental component of their very business model.
@officially8210
7 жыл бұрын
I get the feeling you haven't used a password manager. I've been using LastPass for over a year and it's really good at this. Once the master password has been inputted, you have to verify through email or an authenticator that you are who you say you are AND if you are logging in at a location that you haven't logged in from before, you have to email verify you are who you say you are.
Just want to say that I really love all these videos on such varying topics; they're very well made!!
If hackers can't see the passwords due to encryption, why are non-hackers able to see them unencrypted? How does the app know if it is the right person logging in?
@edNdr
6 жыл бұрын
That's my question too. It certainly sounds contradicted...
@pineapplecastella2584
6 жыл бұрын
I've been wondering
@Julian-vr1ed
6 жыл бұрын
they can see it when they log in with your master password. they can't see it when they attack the password manager database so in the end they just need to know one password to enter all your accounts conclusion: useless.
@tictac9272
6 жыл бұрын
so if your passwords are being accessed from a different computer, its going to be encrypted. Unless the person physically takes your computer, he will see them encrypted
@ElricHQ
6 жыл бұрын
TictacGAMES so if i buy a new computer or phone, the system will not recognize me and think im a hacker???
"Any two-watt bulbs?" "For what?" "That'll do. I'll take two." "Two what?" "I thought you didn't have any." "Any what?" "Yes please."
@sarab1329
7 жыл бұрын
Julia Curry cuz "For what" sounds like four-watt lol
@Spectrum16
7 жыл бұрын
Saw it on r/jokes about an hour ago.... ALRIGHT WHO TOOK IT
@Dargonhuman
7 жыл бұрын
Who's on first?
@ROBLOXSisters
7 жыл бұрын
saw this on one video, now it's copied over the internet so it isn't funny anymore :(
@Alex-lf1cl
7 жыл бұрын
Dargonhuman what's on second
I trust a piece of paper more than password manager.
@TuringMachine001
7 жыл бұрын
The problem is that it takes a lot more effort to write passwords down and type them all the time. You'll end up using easier-to-type passwords, which are less secure. I doubt you're typing something like "iJSHq7VTgYrYcOeImiID" every time you log into KZread. With a password manager, you literally go Ctrl+C, Ctrl+V and you're done. It also generates the passwords for you, so you don't need to spend time thinking of new ones.
@jimmydiaz1502
7 жыл бұрын
or use a txt file with an inconspicous name, in a folder with loads of other files with inconspicous names, and if youre feeling like it can get snatched off from your computer, dont put that folder smoewhere it can be accesed via networking, and maybe even encrypt it
@newbprogramming5043
7 жыл бұрын
I use a similar version of the Password Manager, that I made myself, using C# .NET and Xamarin :P Find a password manager that's open source so you know what it's doing.
@jimmydiaz1502
7 жыл бұрын
You're welcome
@sofija-fz8hx
5 жыл бұрын
How about your family?
im not american i cant be hacked?
@aybak3k
3 жыл бұрын
yep:)
@HeenaPatel253
3 жыл бұрын
yes
1:24 «Memorizing your passwords is bad because you often have only one of it and if someone knows it, all your accounts are accessible» 2:03 «A password manager is great because all your accounts are protected by one password»
registers for password manager next day *password manager hacked!*
@MamboBean343
6 жыл бұрын
They're actually very secure if your password is good. Yes, that is a risk, but it's much less of a risk than any of the many websites you visit getting hacked.
@emercaperlac
6 жыл бұрын
Password manager dont store your many password only your master password. Unless your pasword manager is really crap and stores ALL YOUR PASSWORD. You only need to change your master password. Easier and Safer than a website leaked and having to change all password.
@eamonmiller5135
6 жыл бұрын
Emerito Caperlac If they don't store all of your passwords how do they fetch them for you?
@ericcartmann
6 жыл бұрын
Password managers store the encrpted file that contains all your passwords. If you hack the password manager's server and get a hold of this file you need the password to decrypt that file. When you fetch your password list, this is file that you would get too. Decryption happens locally. If you used a 25+ character master password, it would be next to impossible for a hacker brute force decrypt the file that contains your passwords.
@coweatsman
6 жыл бұрын
Some password managers use the cloud as part of its design, others don't. I don't trust the cloud. I use Keepass which is an offline password manager and it can be carried on a USB stick.
stop trying to tell me how to live my life >_>
@CrazyHorse151
7 жыл бұрын
Well, you let them by watching this video? I guess?
@barakakautsarsofiuddin9288
7 жыл бұрын
Zac they're telling you how to live a "safer" life. They're not demanding it they're just suggesting it.
@jeppel1972
7 жыл бұрын
+CrazyHorse151 I think this is a joke about the right-wingers who always throw a tantrum in the comments on vox vids.
@azania1243
7 жыл бұрын
CrazyHorse151 mindception
Thank you Vox! Though, I knew some of this information like 10 years ago, since then I just use a regular paper-note-pad and pen. Since I only have 5 social medias.... with KZread being my favorite of all sites. When I write my books, mail, or passwords... I still use paper :D
another effective way to save your passwords would be this: Take a hand-held writing device,find a plataform like a sheet of white writeable substance,use the wriring device to carve your password in the substance.protip:use symbols and numbers for more efectivity. a.k.a. sticknotes and a pencil T_T
@sirtetris
6 жыл бұрын
or just use Notepad
@dcardigan13
6 жыл бұрын
Bendyfanboi XD or notebook. Cuz anyone can come in your room or office or cubicle and see your sticky note and they can hack your accounts anytime
@dcardigan13
6 жыл бұрын
Hydra Jamm ... As pranks maybe? If you don't mind them making prank posts using your account as long as they don't change your password then, ok, no biggie. But if you don't like that to happen, then being careful at keeping passwords ain't such a bad thing.
@thepotatoqueen4290
6 жыл бұрын
10/10 system works every time for me.
@RichardServello
6 жыл бұрын
That's effective how? If someone got that piece of paper....they would have all your logins. Were you not paying attention? Password vaults are 256bit encrypted. So even if someone got to the data it would be encrypted. And they use 2FA so even if they got your master password they would have to steal your phone too. And if they got in..you can remote lock the account. So unless you are using some James Bond paper that explodes after reading it....this is dumb.
Thats why I have my passwords written down physically in a notepad instead of on a computer.
@jeremyhatcher2886
7 жыл бұрын
Vox Andrews one day I'll be 80 years old too
@irrelevance3859
7 жыл бұрын
Vox Andrews 'Looses notepad'
@VoxAndrews
7 жыл бұрын
Jp.Girl Luckily, I'm not that big of a numpty as to lose my notepad. You got more of a chance of that program bugging out then losing a physical notepad
@MamboBean343
7 жыл бұрын
Vox Andrews nope actually. If you use a good password manager and sync the database file, your chance of losing them is nil
@VoxAndrews
7 жыл бұрын
I'm not saying that the program will fail, I'm just saying I would see a higher chance of it failing (Which it wouldn't at all) then me losing a physical notebook. I know the program ain't going to fail, I'm just saying that personally I think I would have better luck with keeping a physical copy
Why would anyone want to hack me. I'm nothing 😢
@marredcheese
7 жыл бұрын
aww
@christophertstone
7 жыл бұрын
They hack your social accounts, find our who your Grandma is, call her and explain you've been arrested and need to post bail. They explain how she can send Western Union for $500 to set you free. Sounds cheap and convincing because the hacker knows everything about you because they have access to your accounts. happens more often than you think.
@SkiDaBird
7 жыл бұрын
You're another computer they can use to DDOS or continue compiling info from. I've had 2 factor authentication stop multiple login attempts from Russia/Eastern Europe and I'm a no one as well.
@IglooCrafter1
7 жыл бұрын
you may be nothing, but your credit card sure is something
@juliason3414
7 жыл бұрын
China but I'm broke as F
OHH I GET IT, wait I dont, how does the password manager know that is the owner of the password and not a hacker...
@MimOzanTamamogullar
5 жыл бұрын
It doesn't. You have the decryption key
Very informative, awesome animation!
writing them down on paper and hiding that paper is the best.
@SoFlyIndustry
7 жыл бұрын
but you ll need 27 different ones, and what if you have to log in somewhere new, i guess you won t carry this paper in your wallet right ? Which makes you even more vulnerable.
@myron7642
7 жыл бұрын
+SoFlyIndustry - Write them on the same piece of paper. - Use the paper to help you remember the password instead of constantly referring to it. - Not everyone loses their wallet.
@myron7642
7 жыл бұрын
+SoFlyIndustry - Write them on the same piece of paper. - Use the paper to help you remember the password instead of constantly referring to it. - Not everyone loses their wallet.
@myron7642
7 жыл бұрын
+SoFlyIndustry - Write them on the same piece of paper. - Use the paper to help you remember the password instead of constantly referring to it. - Not everyone loses their wallet.
@SoFlyIndustry
7 жыл бұрын
Sure, but still means it is vulnerable and not flexible, so will you compose your passwords from words or random characters? because a piece of paper won t help you remember random *£&^4F type of passwords, knowing that you will need +20 variables of them. And if you use words for your pswrd that is very easy to hack and breach (at least one of your account)
* *sees macaroni123 as example password* * I think I should change my password 0_0'
@rishavmukherjee949
7 жыл бұрын
Hilarious and Original
@WyattYates
7 жыл бұрын
oh thanks I guess
@sammy094sbiggestfan2
7 жыл бұрын
They are being sarcastic genius.
@WyattYates
7 жыл бұрын
oh wow you are too kind for informing me
@gracie1052
7 жыл бұрын
Wyatt Yates hope fully it isn't your password because you just told everyone your password...
So vox is saying that because passwords are easily hackable, we should make all the passwords depend on a centralized, easily hackable, online, potentially expensive service. Seems legit.
Thanks for this. I was told to use Lastpass since I write mine down and lost the paper once. I was worried about someone hacking Lastpass, but now I will look into it.
I have a password formula, that way my passwords are easy to remember and secure.
@AS-mo9sh
7 жыл бұрын
Dylan Boardman heres an example hobby three numbers color symbol this would turn into: knitting871redpercent
@raza838
7 жыл бұрын
Jedwig lamb so I could use "jerkingit247white!"? haha
@Bivesu
7 жыл бұрын
If you want to be super secure with a backup keep them in a physical form in a safe or write it in notepad, take a screenshot, change the stuff in the filename of the screenshot to .txt, put it in a .rar file and keep that rar somewhere safe. online or on a USB stick or your dropbox or something else. There will be a random .rar (seal the rar with macaroni123 if you want) on a random usb stick in your house containing random .txt files that do not make sense to anyone else but you. You can go as paranoid mode as you want with this stuff.
@liesdamnlies3372
7 жыл бұрын
By having a formula to generate your passwords that isn't based on randomness, your passwords, by definition, are not secure. They are vulnerable to anyone (or machine) that can deduce your formula.
@aluisious
7 жыл бұрын
The odds that anyone is going to try to reverse engineer his formula from encrypted data is basically zero. Unless he is sinking British supply ships, no one will ever bother with that level of effort.
Email's password is *the most important* password.
@iprimoonanollie2598
7 жыл бұрын
Aakash Kalaria no, you can use a backup email and then change the password with a couple of verifyers and boom, changed password in mimutes. very little someone can do in 3 minutes, every big email changer needs a verification through a backup email or phone. If someone takes your phone, backup email, and email, we'll then only option is call your email company and tell them your explanation and story and verify your date of birth, adress, and security questions and some recent activity and other stuff maybe, then boom, you got your main email password changed and you can log in and change things, and the hacker will only have your phone and backup email.
@tisajokt7676
7 жыл бұрын
+I primo on an ollie That's assuming that you're able to detect the hack immediately.
@ricardoamendoeira3800
7 жыл бұрын
+I primo on an ollie Sorry, no, lots and lots of services use your e-mail as a password reset mechanism so by getting into your e-mail lots of damage can be done. Not many people use two factor authentication so for them it's quite dangerous. I also don't see where you got that 3 min figure from, I can almost certainly guarantee an attacker would have much longer than that, imagine if they get in while you're asleep or far from a computer. They can also lock you out of the account, good luck reverting that in 3 minutes. Regardless, a well prepared attacker might have a bunch of scripts ready and will do all he wants in less than 30sec, forget 3min.
@LukeHot
7 жыл бұрын
I get it 😂
@LukeHot
7 жыл бұрын
Am I the only one that understands the joke?
Pfff my password for every website is "I
@scoobydubbynoo5034
5 жыл бұрын
Zekey moomoo I need your account name real quick
@trisatibia3134
5 жыл бұрын
I need ur email
@BunsoGaming
4 жыл бұрын
@afootineachworld lol
Thx. I've been wary of password managers but I'm reconsidering them now.
damn! macaroni123 is my bank account password
@custradcrev
7 жыл бұрын
Usman Sohail what the actual duck? Why?!
@Jacob-on2sb
7 жыл бұрын
Why does everyone's name start with a U? I'm scared
@countolaf6078
7 жыл бұрын
Well, which bank account?
@whoever_81
7 жыл бұрын
username: meatballs123
@nischay4719
7 жыл бұрын
Help Me Get 1,000 subs Without any Videos illuminati confirmed
Yeet
@eliran9231
7 жыл бұрын
that what i thought XD
@myron7642
7 жыл бұрын
I don't get it..
@salmonfish1145
7 жыл бұрын
Myron Heng Don't worry, you are just a little slower.
@myron7642
7 жыл бұрын
+Salmon Fish I still don't get it
@teranrytner6941
7 жыл бұрын
Daniel Mongan {insert roll safe pic here}
Why not use an algorithm that is based on the name of the domain that you can do in your head? You only have to remember one password and you can't hack your brain assuming you have one.
@thearmyofiron
5 жыл бұрын
That's vvhat I do ;:3
@jamesedwards3923
5 жыл бұрын
The problem is that you are going to form patterns. Remembering dozens of passwords is needless. Besides, your cell phone and an app can do a much better job creating passwords than any human brain. There is no logic to it. Plus it reduces what you must know from twenty seven things to two or three. Which is much better for your brain as a human.
@thearmyofiron
5 жыл бұрын
@@jamesedwards3923 that's why I made an app for myself ;:3 to use
@jamesedwards3923
5 жыл бұрын
@@thearmyofiron I am not a programmer. If your app is well constructed and gets the job done. More power to you. I have a question, how are you storing your passwords? In the application or in file after creation.
@thearmyofiron
5 жыл бұрын
@@jamesedwards3923 in the file after creation
Thank you Vox
This is literally just an ad
@MapleSyrup473
7 жыл бұрын
more like a PSA
@mattm.3685
7 жыл бұрын
Uhh not really, they are recommending you use a service, not specifying or even recommending who to get the service from. Its a PSA
@forreal7403
7 жыл бұрын
If you want an ad channel go to UnboxTheraby cuz that's all his channel is.
@Sebastian1011
7 жыл бұрын
Propagandistic Service Announcement ^:)
@LetoDK
7 жыл бұрын
So if anyone recommends something useful to you, without getting paid to do so (like a friend) you consider it an ad?
Will my Nuke launch codes be safe in it?
@boss180888
7 жыл бұрын
trump is that you?
@forreal7403
7 жыл бұрын
Well the guy that used to hold it got exposed and fired just a this week.
@aluisious
7 жыл бұрын
Set them all to zeroes just to be sure. Worked for Strategic Air Command for decades.
@devilanuj17
7 жыл бұрын
boss180888 nope his lil brother in "north area"
@egoist920
7 жыл бұрын
00000000?
Thanks so much for this video! 😊 I downloaded the Norton password manager and so far, I love it ☺ Just spent like an hour playing around with it, adding my accounts and seeing what it can do. It's wonderfully user-friendly and I like that it can interact with other apps, not just browsers (Firefox, Chrome, etc.). Also love their extra security options ☺ Thanks again -- after a recent (thankfully failed) attempt was made to get into my PayPal, it's reassuring to be able to take extra steps and make my passwords so much harder to crack ☺ Keep up the awesome work! 😊 xox
Awesome Video Vox Team.
Every time I hear about major password database hacks I check how far down the list "correct horse battery staple" is. Still disappointingly low.
Downvoted because of "belieber"
@Jimpozcan
7 жыл бұрын
I suppose he means "thumbed down" and for good reason ... "belieber2017" ... really ... the writers at Vox _actually_ admit to being fans?
@digitaloctavelol3700
7 жыл бұрын
Mr. Meseeks The autism strong with this one
@fgv3357
7 жыл бұрын
jimpozcaner I enjoy his music.
Something that almost anyone does is to remember a rule where you encrypt the name of the website you are accessing. You just need to remember the rule and every service will have a unique password.
@Ken.-
11 ай бұрын
I love when people do that because they think that simple substitution is so genius and I now have all of their passwords.
Great video, let down in the very last sentence. Why would I in the UK want to hear what Vox has to say about, for instance, Kurdistan, when you seem to think password security is a uniquely American issue?
@DylanHammitt
6 жыл бұрын
That statement hit me with similar thought as well... I was like,"That's very inconsiderate, Vox"
@UmutErhan
5 жыл бұрын
Thought the same thing..
What if hackers get your password manager password
@solokom
7 жыл бұрын
watch the video!
@TheNerdProblems
7 жыл бұрын
surfie007 what if you actually watched the whole video before asking such a silly question?
@krombopulos_michael
7 жыл бұрын
Harry Hamilton it did when Lastpass got hacked.
@lokisg3
7 жыл бұрын
people who thumb you up are actually using password: password.
@marty3713
7 жыл бұрын
Decrypting takes significantly more computing power than encrypting. It's not a reversible process - as stated in the video, it can take hundreds of millions of years to decrypt. These aren't simple substitution ciphers you may be familiar with, they're complex polynomial curves where the information is hidden inside the curve's properties. tl:dr mathematicians made it hard to decrypt, and super simple to encrypt.
Sponsored video?
@MamboBean343
7 жыл бұрын
Why? It merely recommends that you use a password manager. This is the security advice of nearly any security expert you ask.
@DanWantsTech
7 жыл бұрын
Just because he keeps mentioning "one password" i.e. the most popular password manager rn "1Password". I mean I already pay for 1Password for my family but I digress. Even though it's good to encourage people to stop using one password for everything, seems like clever indirect marketing using scare tactics.
@Ray-wy4kq
7 жыл бұрын
This video was made for the DNC.
@kidsinafrica3080
7 жыл бұрын
Its not sponsored he never said it was and dosnt say it is in the desc
@BCsJonathanTM
7 жыл бұрын
Wooooow...
I kept expecting this video to turn into an advertisement for a specific company, but it didn't. Yay?
I have like 10 variations on the same pssword and i make new ones every week and i change the pass on all my accounts with a different variation. Easy to remember just to go through all the variations.
Passwords dont have to be random and complex tho. Computerphile did a video that explains how a password like "dogbananahou_se" is many times more secure than something like "27$/ptyah1.-"
@swrdghcnqstdr
7 жыл бұрын
Blake Zonca correct horse battery staple
@nyx211
7 жыл бұрын
But passwords have to be sufficently unpredictable. "dogbananahou_se" is basically a concatenation of three relatively common English words with one letter replaced by a symbol. A computer going through a trillion passwords a second by using a dictionary can easily break it.
@herbderbler1585
7 жыл бұрын
XKCD and Computerphile are partially correct in their logic, but they're woefully out of date on how passwords are hacked now. Longer passwords become exponentially more difficult to break as long as you're NOT using real words. Brute force hacking now uses massive word databases to speed up their guesses. Once they see something like "sta" they don't continue making random guesses like "stakbfqw". They start seeding known words like stay or stasis...or staple. This completely negates whatever benefits you might have seen from the extra character length provided by these words. Hackers can eliminate obvious nonsense and guess entire strings of characters in one shot. That is, unless you ARE using nonsense instead of real words. Then they're just wasting their time in a different way, which is precisely what you want. TL;DR - Dictionary attack means neither length nor random alone makes an effective password. Longer + random is the only safe bet nowadays.
@aapjew18
7 жыл бұрын
Ok, so, I use a master password that's four words from four different languages and some symbols thrown in. Is that safe enough or should I really just get a full on random password?
@alexandermercer5363
7 жыл бұрын
Herb Derbler Brute force hacking has a very limited use, though. Nowadays, it can't be effectively used for big websites (facebook, google, twitter and such) and especially not for important sites (paypal, banks). Measures against brute-force hacks are far too easy to implement, so easy in fact that most new websites are started with those measures already in place. The bigger use these days is phishing - which I have personally done a few times (some people who fell for it had complex passwords, others had ridiculously simple ones). Phishing has this major advantage over brute forxe - the complexity and length of a password is utterly irrelevant if you are willfully handing it over, it could be 30 characters long and include all sorts of things, and it wouldn't make it any harder.
What if hackers just create fake password managers? We're back at square 1.
@TheBlobik
7 жыл бұрын
Not really. There are already few established brands and it is highly unlikely that the new ones will set off in already saturated market. Especially since some of the best (KeePass, for example) are open source and free-of-charge. There is little to gain by creating fake password managers
@bozardio
7 жыл бұрын
KeePass is the best solution, imo
@swrdghcnqstdr
7 жыл бұрын
TheBlobik Open source password manager, _what could go wrong?_
@trini2pink
7 жыл бұрын
( O_〉O)? ikr
@yeetusfetus8687
7 жыл бұрын
William Herron Ah yes, closed source is so much better because we have to trust the company not to accidentally leak the passwords
Man I love Vox
@Crxw2Tired
6 жыл бұрын
Gross.
@BogusBozo
6 жыл бұрын
@captain why gross?
"An average person has 27 different logins" Me with 134 different passwords
yeah, rather than rembering your passwords, place them in a black box that magically takes care of them and rather than trust yahoo, trust some random app.
@TheBlobik
7 жыл бұрын
Since most of the people who manage IT systems trust those random apps, if they were fishy or insecure it would not matter if you give the app your passwords or not. The hackers would already have access from the inside :)
@jaredmorse6539
7 жыл бұрын
Yes, definitely don't trust Yahoo. They've got hacked about no times with like no lost info... right? Oh. Wait.
@heisvi9317
7 жыл бұрын
You watching this on on your Macintosh II? Cause I don't think you even know anything about computers.
Don't memorize your passwords instead memorize a password
@sson386
7 жыл бұрын
make sure that password is macaroni123
@schadenfreudebuddha
7 жыл бұрын
that's amazing! I've got the same combination on my luggage!
Vox is beginning to overpower Buzzfeed
I've been hacked multiple times on multiple services, I've been using lastpass for over a year now and haven't been hacked since. Would recommend.
But the reall problem with this is if you are at a friend you cant login.
@dhritimanray2933
7 жыл бұрын
exactly I tried using one of these but it simply didnt work practically speaking
@krombopulos_michael
7 жыл бұрын
lucien1995 yeah you can, just log in to the password manager first. I still have passwords I can remember for the main things like Facebook and email but for anything else I'm just going to sign in to Lastpass and then copy the password.
@jeppel1972
7 жыл бұрын
You can put it on a usb stick.
@walk312
7 жыл бұрын
Look it up from your phone.
@LividPixel
7 жыл бұрын
Keepass has some pretty good features for having some level of security even if the computer is infected with malware. You enter your master password on a separate desktop (screen similar to when you choose 'yes' or 'no' when you run something as administrator.), and there is a setting that has obfuscates it's auto-entering of the password, using a combination of keypresses and the clipboard, writing the password out of order, etc. Most malware, unless specifically written to target Keepass, likely wouldn't be able to get anything out of it. And even if they get your password database file from your flash drive, they can't do anything without the master password.
Two-Factor Authentication is the only way to really solve this problem. A password manager is just a big storage for all your passwords and can be unlocked by a single key. Rogue password manager apps can also be setup to capture passwords. The smart solution is to step two-factor authentication that requires a password as well as a security code or password that is sent differently to a authorized device, mobile # or email of the end-user.
@chidubeanene6842
7 жыл бұрын
And with that I hope that people are wise enough to implement security measures on their mobile device such as fingerprint or PIN lock enabled. The purpose of Two-Factor authentication is to add an additional layer of protection, and your mobile device already has its own layer of protection. Also Androids and IOS are now capable of remote wipe, so if you lose your phone or if its stolen it can be remotely locked, disabled, or wiped. More security! =)
@taggerung_
2 жыл бұрын
this is why you must set up a local password manager, not a cloud based one.
@DanielEboli
2 жыл бұрын
@@taggerung_ how?
@Arcx_zero
2 жыл бұрын
@@DanielEboli writing all of your password on a real notebook
@grassytramtracks
Жыл бұрын
Most password managers have 2fa available and it is the best way to secure your account. You should absolutely use it for your important accounts but whilst it's there for the important accounts to keep safe, it's not available for the majority of other accounts I use on a daily basis. Passwords are terrible but they're not going anywhere anytime soon
When I saw the vox logo in the video I was like 🤔 ik that company... But from where? 😂
I feel like this is just an ad😂
3 ppl use macaroni123
@frederiknoget5746
7 жыл бұрын
No 4 does.
@copinman
7 жыл бұрын
No, I'm not THAT'S NOT MY PASSWORD DONTRY IT IS NOT MY PASSWORD
@Dexter101x
7 жыл бұрын
I use chilliconcarne, it's a delicious password
@superroydude
7 жыл бұрын
Make that 670
@MrEquusQuagga
7 жыл бұрын
Make that 726
This looks and sounds like an Ad for an app! A password manager app! Just saying..
@krombopulos_michael
7 жыл бұрын
ravi teja Sangeetha but it isn't, because they don't mention any specific apps and there are many password managers out there.
@Einar979
7 жыл бұрын
They try to not make it look like a ad, by not mentioning the exact password manager app.. But if you search for "password manager" in app store or google play, you can be pretty positive on that the top result probably had an impact on making this video..
@TheCaoth
7 жыл бұрын
Funny, because it feels like they aggressively abstained from writing "LastPass".
@krombopulos_michael
7 жыл бұрын
TheMainnj I don't know what manager shows up when you search for that, but I don't really care. There's no way of knowing that the person who made the video even uses that one.
1:31 whose bank account passwords is macroni123?
@FamiliarGecko
4 жыл бұрын
oh, he might be me.
I would recommend using an offline password manager like KeePassXC. If you do that you should probably back up the database of your password on a separate hard drive or something, so in case you lose the database, you have it backed up on another hard drive.
The only reason I never used password managers is because I thought it would be too risky if that got hacked. Thanks for this amazing video btw
Its like the plot of Fast 5, where they put all of the money into 1 safe which we know how it ended up :/
That's amazing, I've got the same combination on my luggage!
This video is an elaborate marketing technique. with Password Manager having a tight budget, so they could only afford an animated video
then password manager gets hacked, everyone cries
@ericcartmann
6 жыл бұрын
password managers are encrypted, so they still need your 'master' password to see the passwords. This is same with every website. When a hacker hacks a website they get a bunch of emails along with an encrypted passwords. They run algorithms to brute force various passwords to get the resulting encrypted password on the website. The reason to use a password manager is that you can use a longer, higher entropy password that cannot be easily brute forced. For example, 4 random words along with some capitalization + alpha numerals is almost impossible to guess. Its simply not worth the hacker's compute power. There's tons of people with easy to guess passwords that the hackers could go for.
@dahbajanman7044
6 жыл бұрын
Lol Truecrypt is also encrypted, but was hacked by the the US government.
@wonkylogic
6 жыл бұрын
These things seem so obvious to people like you and I that I find it hard to believe other people don't get it.
@coweatsman
6 жыл бұрын
I wouldn't use a password manager with a cloud storage element to it for that reason. I use an offline password manager, Keepass.
@TS_Mind_Swept
6 жыл бұрын
coweatsman - didn't i just see u up there?
PSA: There is no such thing as "Password Manager". It's simply a type of software, not the name of a product. They aren't advertising a product named "Password Manager", just a type of software.
@borix2600
7 жыл бұрын
Well, at the same time one can pay Google to put one`s "Password Manager" in top of search results
I was a victim of the Yahoo hack and coincidentally had the same password for Amazon. Thankfully I randomly checked my email and noticed within 20 minutes that whoever purchased my password had logged in and started purchasing expensive stuff. I now use a password manager and made new, complicated passwords for EVERYTHING.
Sounds like a great idea. Store your passwords in one place online so hackers can steal all of them in one go.
woah type in your password into the youtube comments and google will automatically hide it, it really works! **********
@FirstNameLastName-gu1mu
7 жыл бұрын
*********
@PumpkinTheHamster
7 жыл бұрын
ThatWog password12345
@waterdamnaged
7 жыл бұрын
ThatWog $uckMy2inchcocknu66et
@kidsinafrica3080
7 жыл бұрын
iWouldlovetodrinkbleach12345
@kidsinafrica3080
7 жыл бұрын
didnt work rip
So passwords.txt isn't a good idea? ;o
@osirzz
7 жыл бұрын
HatedAlways no, an unknown app owned by an unknown company across the globe that says "we will keep your passwords safe" by a master password that anyone could guess it, is way better than your way
@HatedAlways
7 жыл бұрын
All jokes aside, I use KeePass, saving my .kdbx file on my personal cloud storage. Hopefully that's good enough, for now
@liesdamnlies3372
7 жыл бұрын
Holy crap, someone who was joking about storing their passwords in a file on their computer, instead of encrypting them. I don't know what to do with myself. I mean just...wow.
@HatedAlways
7 жыл бұрын
Do you kiss the tip first, or do you shove the whole thing in?
@liesdamnlies3372
7 жыл бұрын
I just shove the whole thing in... Wait, are we talking about encryption keys? ... We're not talking about encryption keys, are we? ...
Ingenious advert for Pasword Manager! WOW!
This is why I have 2 Step Authentication enabled wherever possible.
"Oh no I lost my phone, Now I can't use anything :D"
Ill make my password into "Hitlerdidnothingwrong" so no one would dare to type it out >:)
@catgirlthyme
7 жыл бұрын
It's actually really easy to guess.
@Taken4Granted2
7 жыл бұрын
No one would type it though :)
@Taken4Granted2
7 жыл бұрын
You'll never guess my email muahahahah
@catgirlthyme
7 жыл бұрын
At least I'm halfway through. ;)
@PS2Damon
7 жыл бұрын
maybe your 9 year old friends wouldn't but most people would
i love how this is just an ad for the app
So instead of using one password for every website, put all of your passwords in one website that needs one password, I don’t see very much change.
And you seriously believe that I'll trust that "safe" password manager?? hahahahaha try again.
@keenantonio3835
7 жыл бұрын
Billderbeerg S a password manager is a software not a product there are many password manager out there
@vasarat1
7 жыл бұрын
Hmmm I don't know if I should believe a DBZ Ghandi, after all, their planet was destroyed...
@bleuflame12
7 жыл бұрын
I developed a password manager and wrote a research paper questioning whether they're "safe". The "one password" you need to remember is never actually recorded. It's most likely used as a symmetric encryption key that decrypts and encrypts all your data. So how does it know the "one password" was correct? There's likely a phrase that decrypts correctly with your correct "one password", which then tells the program your password was correct if it matches. So if a hacker were to get your data without that "one password", they would have complete gibberish. Encryption algorithms are INSANELY difficult to crack. No hacker with your encrypted data will gain access to your plaintext passwords. Encryption algorithms are so difficult to crack, there are cash rewards for anyone that can crack them. If you can crack RSA-2048, you'll receive $200,000. Also, 1Password uses AES-256, which Wikipedia says "At present, there is no known practical attack that would allow someone without knowledge of the key to read data encrypted by AES when correctly implemented." So as a software engineer, I can claim password managers are extremely safe.
@justinn5047
6 жыл бұрын
Bleu what is the most safe one?
@simivb
6 жыл бұрын
"The "one password" you need to remember is never actually recorded" That's also true for basically every website on the internet. The reasons you give why a password manager is safe are the exact reasons why "website are safe". And it also has the same flaws. What really bothers me is that since most of these password managers are also websites, all that is needed is a breach in one site - the password manager - to get access to your whole online identity, instead of many. And the "don't use the same password for every website" claim seems to no longer hold since passwords are hashed and salted. This makes recognizing the same passwords impossible if you looked at them in a database since the salts are different. "So as a software engineer, I can claim password managers are extremely safe" - just as Amazon and Yahoo and Microsoft and Google claim that their databases are extremely safe. Until they get hacked. There is no difference. I don't see a single advantage that a password manager provides, it only centralizes the problem.
That awkward moment when macaroni123 is your actual password 😩 Time to change passwords lmao
Some password managers sync the data locally so even if someone gets a hold of your password they would also have to have access to your computer which may have a different password. A lot of password managers use 2FA which requires a registered device like your phone to prompt you and have you confirm whether or not your a trying to sign in from a new device before that new device can be signed into.
Have fun hacking me because wtf are you expecting to find in a 13 year old's email
Why did you reveal my password at 1:28.
@evioli7089
7 жыл бұрын
King Kylos omg that's my password too
@abdulahad04
7 жыл бұрын
King Kylos now that u said that... u may get hacked..
Every time things like this happens I always think about the XKCD comic about how we taught ourselves to create very bad AND hard to remember passwords (xkcd.com/936/). The better option is almost certainly a password manager but if you really dont wanna switch, atleast create your next password the way it is done in the comic.
@anomouse5704
7 жыл бұрын
This guy knows what's up.
@takatamiyagawa5688
7 жыл бұрын
Aren't those just more vulnerable to dictionary-based attacks?
@Giorgal
7 жыл бұрын
2000 words are the most common words in the English vocabulary and you put 5 of these words in the password. The combinations are (2000)^5=32 quadrillion. Let's say I can check 1 million pass/sec (very optimistic ). That's still 32 billion seconds or ~1000 years unless I screwed up the calculations. And you can still add 3-5 easy to remember numbers at the end to screw with the dictionary attack.
@lordpoustray4064
7 жыл бұрын
Use words from different languages and you multiply the possibilities
@takatamiyagawa5688
7 жыл бұрын
Ok, maybe it's not so bad. I would have assumed a dictionary of around 50000 words, and a password including 4 of them at most, so, about 6E18 combinations for an attacker to try. On the other hand, if an attacker wants to try every combination of 74 characters in a 10-character password, that's about 5E18 combinations.
I memorize EVERY single unique password. I have about 100+ Passwords and all of it is as long as the maximum of letters you can use
@adboss10
6 жыл бұрын
OMG YOU ARE SO AMAZING YOU ARE THE SMARTEST PERSON IN THE WORLD ALL HAIL 'Princesses Are Awesome' CAN YOU GIVE ME SOME OF YOUR SMARTNESS
someday, all my accounts will be hacked, so i would drink bleach