Some people watching will have good passwords, Some people will have thought about this before, Some people should have thought about this and haven't, And hopefully will, after we talk about this, a little bit more.

This channel has insane amounts of quality content. Everything ranging from the set, to the editing and the way you speak and explain topics is fantastic. I thought you had millions of subscribers the first time I watched your videos and I was shocked to find out that that didn't. You definitely deserve more!

@jurgor8661

2 жыл бұрын

That's why this channel is growing really fast. Success in KZread is simple but it for sure isn't easy to make top notch content like this. Simple does not equal easy.

I don't understand why the videos have such low view counts! This is literally gold of a content right here! For Free!

@Sumsubcom

2 жыл бұрын

Or is it? Maybe we're harvesting your online DNA for our matrix-style human energy converter.

@passionatebeast24

2 жыл бұрын

@@Sumsubcom 😂😂

It's all fine and cool until you have to use a website that either (1) forces you to use uppercase, number, symbol, runes, smoke signals, etc. OR (2) limits your password to something like 12-16 characters...

@boggless2771

2 жыл бұрын

What's even worse is one that forces you to those smoke signals, and another website doesn't allow smoke signals. Then You really need dozens of passwords

This channel is by far one of the best upcoming channels I've seen in a long time, hooked with every video!

First, I love this channel. Second, it rather bothered me that the words 'authentication' and 'authorization' were used interchangeably. Athentication: proves you are who you claim to be, so that you can login to your account (e.g. username, password, 2FA/MFA, security questions, etc). Authorization: allows you to perform certain actions after you have been authenticated (e.g. account privileges for regular user vs administrative user, etc).

What most people don't realize is that this benefit comes with a major downside, two-factor identification makes it difficult, to stay anonymous...

@Ben-li9zb

2 жыл бұрын

And difficult to log into new devices

@qq84

Жыл бұрын

And if you lose your hardware key, you better have another one registered or you can't log in. And many services that offer FIDO only allow to register one. Often/mostly 2FA is only an excuse to get your phone number.

Good times breed weak passwords. Weak passwords breed bad times. Bad times make strong passwords. Strong passwords create good times

An informative video. Although I would have liked to have seen more attention given to password management systems.

@qq84

Жыл бұрын

Yes, he shouldn't only have called out the problem, but also offered a solution. And that's password managers.

Do you have a different set for every video or are they a 3d rendering?

I love how much history is packed in these videos

Quality content as always, Making boring topics interesting and entertaining!

Use a password manager, and make/have backups for it! 16:04 Another big advantage is that passwords work cross platform without any problems. Try to use a USB-based FIDO hardware key (like the ones you showed) on a smartphone... 18:20 Changing passwords regularly is a bad idea and even decreases the security. 19:40 ...because "conspiracy theories" are true. Or are the Snowden leaks, that are exactly about that topic, also "just a conspiracy theory"?

Keep it up guys. I remember that password strength to pass crack chart on reddit. 12 character password is the new minimum as processing power goes up it's harder for us to remember. By the way any thoughts on making a reddit sub?

*The last time I've seen a security question when creating or logging into an account was probably around 10 years ago.* 😅 I guess everyone realised how pointless and insecure they're.

@Cookiekeks

2 жыл бұрын

Windows uses it to this day

@_GhostMiner

2 жыл бұрын

@@Cookiekeks you mean the pointless shlt when creating an account with the UWP shlt?

@Cookiekeks

2 жыл бұрын

@@_GhostMiner UWP? I don't know what that is. I mean the normal windows accounts. They require security questions

@_GhostMiner

2 жыл бұрын

@@Cookiekeks UWP are the ugly windows Microsoft calls universal windows platform.

Why don't we move to Secure Certificates? Where your system puts a certificate on your system. This was used by a certificate authority called AStart. They aren't around anymore. You logged in once and then they would put a certificate on your system which was then used to log you in when you came to their site. Do certificate authorities have a problem with this? If this was used then a hacker would need to get onto your hardware your very device that you are using to log into any of your sites.

@ShiroIsMyName

Жыл бұрын

A hacker could also reproduce the digital signal of your certified hardware, which would grant him access

@whtiequillBj

Жыл бұрын

@@ShiroIsMyName A foolproof solution is never going to happen. It would be harder, in my option, to fake security certificate then a password. Also at this time it wouldn't be expected because the technique it's used right now for log in credentials.

I love ur videos! there are really good designed and well strucurized! keep up! good and steady work wilk pay out

Great production.

One of the biggest issues with password complexity requirements is the lack of consistency too..was this the site that required an uppercase or a symbol or was it another site? Plus those complexity requirements have to be advertised so the attacker knows exactly what is valid or not too. Passwords suck though.

Your content quality is unbelievable.

I'd like to use teh fingerprint facility of my phone but I work on a farm. In the past I've had too much trouble trying to log in when my fingerprints have been worn down by work, or cuts won't let them be recognised. Voice recognition won't work when you're tired or have a cold. It's too big a risk that I can't get into my account when needed. When they come up with a biometric scanner that works better I might try again.

@Sumsubcom

2 жыл бұрын

Rowan, at least you're safe to burgle.

I'm 88.3% percent sure the set is 3d, but it looks really good regardless of it being real or not

Thank you sir ☺

I like that some alternative authentication methods don't work for everyone. There's a significant number of people out there which don't have fingerprints. Or they wore out over time.

pretty Interasting video great work and research as always

Great content

I just use my username as my password for everything. So I don't forget them. Secretly added an ! At the end though so it's harder to guess. 4:00 Shout-out to that one guy who commented saying he had some hash function super computer lmao

@ShiroIsMyName

Жыл бұрын

Hackers don't guess, they use a dictionary attack where a program tries hundreds of words and characters per minute, the username followed by a character would take milliseconds to crack

this channel is so underrated and needs more subs

Please can you cover the issue of the Google log-in loop that locks people out of their Google/KZread channels for *life* if they forget their password and lose their phone. No e-mail reset offered. Quite a few people have mentioned this online already. It's a growing problem and it seems inconceivable that Google can't find any way to solve this and reunite divorced accounts with their owners - or at least let people delete accounts and personal data even if they won't let them continue using the accounts. At this rate, Google is going to become a graveyard of lost accounts.

@Wigglythegreat2

Жыл бұрын

What about Google backup codes in this situation?

This set is amazing wth

You didn't have enough credit to password managers. That is the best solution I think

I store my master password locally everything else will be cloud but i also have 2FA which i don't overlap with my password manager as if either are found i want the extra security. i have multiple emails over the years for different purposes so simply testing my email and cracking it if successful will only compromise some of my account My 20-30 long passwords still get found out but my threat is features such as links that sign a user in and malware or even password reset links which do not require you to be signed in

Can anybody explain to me why you can't use any special characters that you want? When I make a password that I think has all the qualities of a good password, lo and behold, the next site I go to to use that password, it's no good because it won't allow some of the special characters I used originally. OK, I've decided to get a password manager, but still, it's one more thing we low skilled computer users will never, ever understand.

i use random characters i use the same one for stuff i dont care about, unique ones for stuff i care about with a hand written copy hidden somewhere, incase i forget, mine are hidden in plain sight, just looks like a pile of mail but in it at certain areas on the page is my password 😂

Since most websites lock you out after 3 incorrect tries there's no reason for a password to be required. If someone knows your password they'll get in, if they don't they'll have very little chance of guessing it in 3 tries. If the government wants access they'll just order the provider to let them in and they'll ALL comply. The weakness in in your selection of hints in case you forget your password. Its much easier for someone to know your mothers maiden name or the colour of your first car.

Passwords are a great topic

I use password monster to make my passwords strong a good thousand of years to guess

ur the only cool british person i love ur content man!!!

Can smart ring and smart watch combine to match biometric but could be dangerous for Agent life

any updates to that Zero Knowledge Proof based logins?

Nice background

can’t believe this wasn’t sponsored by a password manager lol

@qq84

Жыл бұрын

That's why he neglected them, even though password managers are the most important mention in this topic.

Where/How do you make these sets? 🤔

@ledgeri

2 жыл бұрын

This particilarly looked like an extremely good cgi-bluescreen combo, when i know it is not... I would guess it is even "someone has a good contact in a movie studio" kind of thing or "it is a good interior art school/ fil academy" :)

@Material_Monkey

2 жыл бұрын

Looks like a green screen

Saving passwords in a text document in the cloud is not unsafe. It is in essence what a (cloud) password manager does. Assuming of course, the cloud service uses encryption, which it absolutely should and in modern times overwhelmingly does. Still, I would prefer a password manager for the convenience and phishing protection.

I hate needing a cellphone number for EVERYTHING. I don't have a phone number. I don't need or want one. there's a million ways to contact me online

My next app will have multiple 2fa options as well as passwordless and maybe even usernameless with hw keys

What about public key cryptography? RSA

5:18 what are you talking about? Foobar is just a placeholder for variable names in programming, not some slang word...

@Sumsubcom

2 жыл бұрын

Until it IS

If password managers were free I'd use them, but it's BS expecting people to pay for them. Surprised so many people use them. Bring on password free world

@tcbobb1613

2 жыл бұрын

Bitwarden is a free open-source password manager.

@Filth_Hub

2 жыл бұрын

@@tcbobb1613 This

@qq84

Жыл бұрын

Password managers (cloud based) are giving you a service, so they can expect a payment for it. There are even ones that gift you a free account (like Bitwarden). And there are free and open source client based password managers like Keepass. The downside there is that you have to make sync and backups of your database manually.

I hate smartphones far more than passwords... and the solution to the password problem is, we simply have to combine the accounts ( then we only need one Password and the problem is solved ). But the only real solution for people who are annoyed of passwords is to turn off the computer, in the real analog world there are hardly using any passwords...

*Hey* 😀👋

18:20… “Why do we still love passwords so much?“… Huh?!… I have nothing but SEETHING HATRED of passwords! Having to use computer passwords today is like being forced to drive a 1963 automobile for the last 60 years and counting.(1963 was the year computer passwords were first invented)

the friend who only has his email password and just resets passwords all the time is funny af

Honestly the best password is a hardware device and nothing less something that's synced to a remote server that changes constantly and can only be unlocked with the device that's synced with that account like an rsa token except it's more like a USB type thing and even you don't know the password BUT it only works of its Able to use your biometrics like fingerprint etc. That way literally no one else will be able to use it even if it's stolen and hacked And I don't wanna hear "what if you lose it" well then that's your own fault you probably lose your car keys and have to order replacements lol Honestly if you need a replacement you have to go through a rigorous process to verify your identity with the whole voice recognition and even facial recognition and it's gotta be done on your phone the original device that was used to set everything up in the first place 🤷‍♂️🤷‍♂️🤷‍♂️🤷‍♂️ Find a flaw in this proposal I literally dare anyone to reasonably prove a way that someone could steal your credentials this way and have access to all your accounts lol I literally fucking dare anyone to find a flaw in this 🤷‍♂️🤷‍♂️

0 views, likes, dislikes and 3 comments 👌🏻

I tried password managers and I found them difficult to use, they made the situation worse not better.

@qq84

Жыл бұрын

What's so hard in using a cloud based password manager like Bitwarden?

This guy absolutely loves himself and is using his poor knowledge of something he read on Forbes to make a video lol 🤣

Why are you wearing a suit? It diminishes the weight of your words. Technicians should avoid suits and everything of that sort. Suits are the tools of people with fake personalities, and Technicians are not fake. Maybe you're fake. I don't know 😕

@dannymac6368

2 жыл бұрын

He is a science communicator, and a damn good one at that. He is not a technician. What an incredible, eclectic bunch of generalizations. I need to know more…How are suits tools of those with fake personalities? What is a fake personality? How can you be, even a little bit sure, that all technicians are authentic in personality? Maybe he likes wearing a suit. I don’t care. 🤷🏻‍♂️

@jeffbrownstain

2 жыл бұрын

Personally I've seen enough sweaty looking pc dwellers that it's quite refreshing seeing a well-spoken and well-dressed presenter give talks like this. You ever watched a defcon talk? You can smell some of those people through the screen. Bradley smells like he's been to a nice-smelling place.

Using picture as passwords