1820: "Security Advice"

This forum is for the individual discussion thread that goes with each new comic.

Moderators: Moderators General, Prelates, Magistrates

cheweytoo
Posts: 9
Joined: Wed Jan 22, 2014 9:38 am UTC

1820: "Security Advice"

Postby cheweytoo » Wed Apr 05, 2017 1:44 pm UTC

Image

title: "Never give your password or bank account number to anyone who doesn't have a blue check mark next to their name."

The problem is, computer security is Hard™, and often unintuitive.

It was hard work to get my mother to understand "don't click on links in email". What finally did it was an email from her bank, sent by me, and linking to a "I just stole your data" page I built. It still wasn't immediate though, I first had to explain that I didn't make the bank send that email, and that I faked the sender.

It's strange that "fake sender" is such a hard concept to grasp: This exact same thing can be done with paper mail as well.
Last edited by gmalivuk on Wed Apr 05, 2017 5:17 pm UTC, edited 1 time in total.
Reason: added link

User avatar
cellocgw
Posts: 1856
Joined: Sat Jun 21, 2008 7:40 pm UTC

Re: 1820: "Security Advice"

Postby cellocgw » Wed Apr 05, 2017 2:34 pm UTC

Let's see..

I have two-factor smoke alarms, at least if you count that they're also CO detectors.

I occasionally have prime numbers in passwords, if you count single-digits.

Secure font? sounds like what you use when programming in Whitespace. Maybe I'll design a TrueType font all of whose elements are empty of black pixels.

I'm not big on chess, so I'll try badminton instead.
https://app.box.com/witthoftresume
Former OTTer
Vote cellocgw for President 2020. #ScienceintheWhiteHouse http://cellocgw.wordpress.com
"The Planck length is 3.81779e-33 picas." -- keithl
" Earth weighs almost exactly π milliJupiters" -- what-if #146, note 7

cryptoengineer
Posts: 126
Joined: Sun Jan 31, 2010 4:58 am UTC

Re: 1820: "Security Advice"

Postby cryptoengineer » Wed Apr 05, 2017 2:43 pm UTC

Two Factor Smoke Detectors are actually a thing.

There are two main sensor technologies for smoke alarms

    Photoelectric, good for smokey smouldering fires
    Ionization, good for flame detection.
Ideally, you should have both.

Some manufacturers, such as Kidde, have dual systems which have both sensors in one unit, and will go off it either or both systems trigger. (Both only is a BAD idea, unlike in Two-Factor Authenticaion).

Beyond that, you can get 'combination detectors', which also function as Carbon Monoxide alarms

richP
Posts: 172
Joined: Wed Aug 17, 2011 3:28 pm UTC

Re: 1820: "Security Advice"

Postby richP » Wed Apr 05, 2017 2:49 pm UTC

Re: 2 factor smoke detectors: Those are common in data centers. Saw one that had an ultra sensitive ionization system (had a network of pneumatic tubes in the ceiling to sample the air from various points in the room). That one could smell a blown cap on a power supply and give an early warning of failing hardware. The system had a second level of detection that was a stronger indicator of fire. The room also had a traditional (thermal?) fire detection system. Both systems needed to trigger to dump the Halon (well, some modern variety of Halon).

Re: Border crossing: I thought it was a fiddle contest?

jozwa
Posts: 135
Joined: Fri Sep 11, 2009 3:16 pm UTC
Location: Finland

Re: 1820: "Security Advice"

Postby jozwa » Wed Apr 05, 2017 2:50 pm UTC

Hold on a second. Was it always a thing that you could add "_2x" to the url and it showed a larger version of the comic? O_O

User avatar
HES
Posts: 4837
Joined: Fri May 10, 2013 7:13 pm UTC
Location: England

Re: 1820: "Security Advice"

Postby HES » Wed Apr 05, 2017 3:16 pm UTC

My smoke detector is also 2F, supposedly using some form of heat detection alongside smoke detection to prevent false-toaster-positives. Doesn't work though (the false positive prevention that is, the detector works fine).
He/Him/His Image

User avatar
orthogon
Posts: 2847
Joined: Thu May 17, 2012 7:52 am UTC
Location: The Airy 1830 ellipsoid

Re: 1820: "Security Advice"

Postby orthogon » Wed Apr 05, 2017 3:19 pm UTC

cellocgw wrote:I occasionally have prime numbers in passwords, if you count single-digits.

Not 7, I hope? 3 and especially 7 have much less entropy than the other single digits. [citation needed]
xtifr wrote:... and orthogon merely sounds undecided.

Mikeski
Posts: 963
Joined: Sun Jan 13, 2008 7:24 am UTC
Location: Minnesota, USA

Re: 1820: "Security Advice"

Postby Mikeski » Wed Apr 05, 2017 3:59 pm UTC

orthogon wrote:
cellocgw wrote:I occasionally have prime numbers in passwords, if you count single-digits.

Not 7, I hope? 3 and especially 7 have much less entropy than the other single digits. [citation needed]

That's why I prefer to use perfect squares in my passwords.

No digits; those are hard to touch-type, way up there in the top row. I mean the string "perfectsquares". A correct horse told me to do it this way.

fibonacci
Posts: 50
Joined: Mon Jul 09, 2007 8:37 pm UTC

Re: 1820: "Security Advice"

Postby fibonacci » Wed Apr 05, 2017 4:12 pm UTC

"If a border guard asks to examine your laptop, you have a legal right to challenge them to a chess game for your soul."
Or ping pong, as the case may be.
https://www.youtube.com/watch?v=8lsWeBNb_eI

User avatar
Rombobjörn
Posts: 143
Joined: Mon Feb 27, 2012 11:56 am UTC
Location: right between the past and the future

Re: 1820: "Security Advice"

Postby Rombobjörn » Wed Apr 05, 2017 6:52 pm UTC

cellocgw wrote:Secure font?

People have designed fonts that were supposed to be difficult for character recognition algorithms to read from a screenshot. Presumably it was meant as a countermeasure against an intruder who has enough privileges to take screenshots but not enough to read another process' memory. Maybe there was a time window when character recognition was primitive enough that that approach made some sense.

a9s
Posts: 12
Joined: Wed Jan 21, 2015 7:06 pm UTC

Re: 1820: "Security Advice"

Postby a9s » Wed Apr 05, 2017 7:56 pm UTC

  • Backup your emails before opening attachments

User avatar
Soupspoon
You have done something you shouldn't. Or are about to.
Posts: 3085
Joined: Thu Jan 28, 2016 7:00 pm UTC
Location: 53-1

Re: 1820: "Security Advice"

Postby Soupspoon » Wed Apr 05, 2017 8:04 pm UTC

a9s wrote:
  • Backup your emails before opening attachments

Why restrict it to emails? Remember to run XCOPY C:\*.* A: /S /E /Y /C /Q every morning and evening.

a9s
Posts: 12
Joined: Wed Jan 21, 2015 7:06 pm UTC

Re: 1820: "Security Advice"

Postby a9s » Wed Apr 05, 2017 9:36 pm UTC

Soupspoon wrote:
a9s wrote:
  • Backup your emails before opening attachments

Why restrict it to emails? Remember to run XCOPY C:\*.* A: /S /E /Y /C /Q every morning and evening.


Isn't A: typically reserved for floppy drives?

User avatar
Soupspoon
You have done something you shouldn't. Or are about to.
Posts: 3085
Joined: Thu Jan 28, 2016 7:00 pm UTC
Location: 53-1

Re: 1820: "Security Advice"

Postby Soupspoon » Wed Apr 05, 2017 11:52 pm UTC

a9s wrote:
Soupspoon wrote:
a9s wrote:
  • Backup your emails before opening attachments

Why restrict it to emails? Remember to run XCOPY C:\*.* A: /S /E /Y /C /Q every morning and evening.


Isn't A: typically reserved for floppy drives?


Yes. Which is why you have a set of four floppy disks (one in the drive, one in the fireproof space, one in the fireproof safe at your other office and one being same-day couriered to/from that office, in strict rotation).

:mrgreen:

User avatar
jonhaug
Posts: 28
Joined: Fri Jan 02, 2015 12:44 pm UTC

Re: 1820: "Security Advice"

Postby jonhaug » Thu Apr 06, 2017 7:16 am UTC

Worst security advice?

It must be "Passwords must be changed frequently and must contain at least one uppercase letter, one lowercase letter, one number and one special character, and must never be written down."

Bad:
  • The probability of guessing someone's password increases only marginally if it is unchanged.
  • Frequent password change just makes the users add sequence number or the month name to the passwords.
  • All the character category requirements induce only bad passwords in order to be able to remember them.

Better:
  • Write down complex passwords and keep it in your wallet along with your 100 € notes, which you never want to loose anyway.
  • Simple password complexity evaluation algorithm, e.g. adding points to length, and the number of different characters and such.
  • Lock any account that is not used in some time interval, and use some other mechanism to unlock it, e.g. human administrator, email, SMS or extra long password for this purpose.

(Sorry to be serious here.)
Last edited by jonhaug on Thu Apr 06, 2017 1:06 pm UTC, edited 1 time in total.

speising
Posts: 2196
Joined: Mon Sep 03, 2012 4:54 pm UTC
Location: wien

Re: 1820: "Security Advice"

Postby speising » Thu Apr 06, 2017 7:52 am UTC

jonhaug wrote:red text


please don't use red, that's the mod's prerogative.

User avatar
ManaUser
Posts: 284
Joined: Mon Jun 09, 2008 9:28 pm UTC

Re: 1820: "Security Advice"

Postby ManaUser » Thu Apr 06, 2017 7:59 am UTC

jonhaug wrote:
  • The probability of guessing someone's password increases only marginally if it is unchanged.

The only explanation I can think of for insisting users change there password regularly is if they assume that passwords will be compromised regularly. So if this rule is seen as an important part of the password regime, that implies to me something else is horrible wrong.

User avatar
jonhaug
Posts: 28
Joined: Fri Jan 02, 2015 12:44 pm UTC

Re: 1820: "Security Advice"

Postby jonhaug » Thu Apr 06, 2017 9:32 am UTC

speising wrote:
jonhaug wrote:red text


please don't use red, that's the mod's prerogative.


Oh my! (It is ugly anyway.) I'll fix, but I cannot do so?

User avatar
gmalivuk
GNU Terry Pratchett
Posts: 26086
Joined: Wed Feb 28, 2007 6:02 pm UTC
Location: Here and There
Contact:

Re: 1820: "Security Advice"

Postby gmalivuk » Thu Apr 06, 2017 11:55 am UTC

For the password I need to remember and change regularly (as opposed to the ones I can change with a hasher or manager and not bother remembering), I just use one I know has good entropy and append digits for yymm at the end.
Unless stated otherwise, I do not care whether a statement, by itself, constitutes a persuasive political argument. I care whether it's true.
---
If this post has math that doesn't work for you, use TeX the World for Firefox or Chrome

(he/him/his)

User avatar
Soupspoon
You have done something you shouldn't. Or are about to.
Posts: 3085
Joined: Thu Jan 28, 2016 7:00 pm UTC
Location: 53-1

Re: 1820: "Security Advice"

Postby Soupspoon » Thu Apr 06, 2017 12:04 pm UTC

jonhaug wrote:Oh my! (It is ugly anyway.) I'll fix, but I cannot do so?

Find the <pencil> icon button on the top right (by the ! icon reporting button and the " icon for quoting).

Following on from your content, though, I recall having to give a modified form of advice regarding password changing. Our servers were at one point set up with enforced password-changes, something like three months then a prompt to change which could be deferred for up to five times. For the benefit of those that didn't just make it "password2", "password3", etc, I had to advise that if they got the prompt on the very last day before they went off on vacation (or seasonal holidays - and, being initially a UK firm, both were "holidays" anyway) they should ignore it...

Most people at that time just logged in once during the day (maybe twice, the second being after lunch break - later on there were passworded screensaver timeouts1) and if at 8:00-9:00 on the Friday before their week in Scarborough (or two weeks in Lanzarote?) they changed a password that they'd not use again that day, then on their return they'd be pestering me (and more inclined to use "password8" at a later date). Which nobody wanted... ;)

Of course, if they had a password they used multiple times during the day, then switch it straight off. Get the practice in, and retrain the muscle-memory...

(As personal experience, between one term and another at University, I had succumbed to this effect, went to the Computer Centre to get the reset (to something garbled and needing immediate changing, as opposed to our later corporate practice of making it something like "sillybilly" (and requiring immediate change) in a pointed but friendly bit of humour) and then immediately afterwards recalled the password I'd just had overwritten, and that I couldn't even reuse due to historic passwords being ineligible. In fact I still do know that exact password (and several other decades-old ones, though not necessarily which systems they might have once unlocked), despite it being an alphanumeric mishmash (not even 1337!), and I have used versions of it since. Not so that it'd be useful to anyone, and not on this forum, but I'm still not telling you what it is.)




1 And later still, Ctrl-Alt-Del and "Lock", rather than just letting it sit idle for five minutes, unattended... So far as I know, I was the only person who set up a keyboard shortcut to the "companyname.scr" file to activate on demand so that pressing four specific buttons at once locked me up, safe and secure... But then I was in charge of things like passwords, with near total administration access, so I thought I at least ought to not open myself up to having my terminal usurped...

User avatar
HES
Posts: 4837
Joined: Fri May 10, 2013 7:13 pm UTC
Location: England

Re: 1820: "Security Advice"

Postby HES » Thu Apr 06, 2017 12:55 pm UTC

Soupspoon wrote:...and then immediately afterwards recalled the password I'd just had overwritten, and that I couldn't even reuse due to historic passwords being ineligible.

I regularly try to change a forgotten password to the forgotten password. At least I can usually cancel the reset and log in with the freshly remembered one.
He/Him/His Image

User avatar
water_moon
Posts: 8
Joined: Tue Apr 05, 2016 4:09 pm UTC

Re: 1820: "Security Advice"

Postby water_moon » Thu Apr 06, 2017 4:00 pm UTC

So out of curiosity, other than the horse password being used character for character by far too many, what other good advice has backfired?

User avatar
da Doctah
Posts: 861
Joined: Fri Feb 03, 2012 6:27 am UTC

Re: 1820: "Security Advice"

Postby da Doctah » Thu Apr 06, 2017 5:08 pm UTC

Soupspoon wrote:I still do know that exact password (and several other decades-old ones, though not necessarily which systems they might have once unlocked), despite it being an alphanumeric mishmash (not even 1337!), and I have used versions of it since. Not so that it'd be useful to anyone, and not on this forum, but I'm still not telling you what it is.


I still remember the unreadable password Earthlink set me up with around 1988, but that doesn't count because I've used it for other things in the interim. Only thing older than that that I can still recall is 3x2(9yz)4a, and it doesn't even get me into the Speed Force like it's supposed to.

User avatar
gmalivuk
GNU Terry Pratchett
Posts: 26086
Joined: Wed Feb 28, 2007 6:02 pm UTC
Location: Here and There
Contact:

Re: 1820: "Security Advice"

Postby gmalivuk » Thu Apr 06, 2017 5:45 pm UTC

da Doctah wrote:
Soupspoon wrote:I still do know that exact password (and several other decades-old ones, though not necessarily which systems they might have once unlocked), despite it being an alphanumeric mishmash (not even 1337!), and I have used versions of it since. Not so that it'd be useful to anyone, and not on this forum, but I'm still not telling you what it is.
I still remember the unreadable password Earthlink set me up with around 1988, but that doesn't count because I've used it for other things in the interim. Only thing older than that that I can still recall is 3x2(9yz)4a, and it doesn't even get me into the Speed Force like it's supposed to.
I still remember the first password I ever came up with, which is actually a reasonably secure one (or would be if I hadn't reused it so much over the first half of the past 20 years), because the service I was signing up for specifically recommended using the first letters of words in a sentence to come up with a strong but easily memorable password.

(Speaking of which, does anyone know what kind of entropy-per-character initial words have in English sentences? I've seen lots of experts talk about how that makes a secure password, but no math putting bounds on just how secure it is (since obviously it's not quite as secure as a same-length completely random string would be.)

water_moon wrote:So out of curiosity, other than the horse password being used character for character by far too many, what other good advice has backfired?
Some have already been mentioned here, like how frequent required changes either mean the person writes it down or the person just adds an incrementing number to the end of their otherwise easy password. I also think requiring letters and numbers leads a lot of people to independently come up with the idea of replacing specific letters with similar-looking numbers or symbols, and because they aren't aware of how common this is, they think p45$vv0rd is a clever and strong way to alter an otherwise easy-to-guess password.
Unless stated otherwise, I do not care whether a statement, by itself, constitutes a persuasive political argument. I care whether it's true.
---
If this post has math that doesn't work for you, use TeX the World for Firefox or Chrome

(he/him/his)

User avatar
Old Bruce
Posts: 86
Joined: Tue Jun 28, 2016 2:27 pm UTC

Re: 1820: "Security Advice"

Postby Old Bruce » Thu Apr 06, 2017 6:10 pm UTC

The SF publisher Tor is a little bemused;
http://www.tor.com/2017/04/05/xkcd-tor-com-joke/

User avatar
Schol-R-LEA
Posts: 6
Joined: Sat Mar 18, 2017 12:17 am UTC

Re: 1820: "Security Advice"

Postby Schol-R-LEA » Thu Apr 06, 2017 9:32 pm UTC

Always use a random line out of a Shakespearean sonnet to use as your password, interspersed with three two-digit numbers.

ButBeautysWaste19HathInThe75WorldAnEnd33

Come to think of it, that's not really all that bad as such advice goes... I mean, it's better than most, anyway... be a bongo to type out correctly each time, though.

(apologies to David "Damn You" Willis for stealing the 'bongo' gag.)
Rev. First Speaker Schol-R-LEA;2 LCF ELF JAM POEE KoR KCO PPWMTF TGIF
Realitas vestri renuo, sufficioque mei || (defn Kinsey [] (ranged-int 7))
Lisp programmers tend to seem very odd to outsiders, just like anyone else who has had a religious experience they can't quite explain to others.

User avatar
Flumble
Yes Man
Posts: 1990
Joined: Sun Aug 05, 2012 9:35 pm UTC

Re: 1820: "Security Advice"

Postby Flumble » Thu Apr 06, 2017 9:41 pm UTC

Schol-R-LEA wrote:Always use a random line out of a Shakespearean sonnet to use as your password, interspersed with three two-digit numbers.

ButBeautysWaste19HathInThe75WorldAnEnd33

Use spaces and punctuation in your password. "But beauty's waste 19 hath in the 75 world an end 33.".
If the password is rejected, you shouldn't use such an insecure service in the first place.

User avatar
ucim
Posts: 6066
Joined: Fri Sep 28, 2012 3:23 pm UTC
Location: The One True Thread

Re: 1820: "Security Advice"

Postby ucim » Thu Apr 06, 2017 11:22 pm UTC

Schol-R-LEA wrote:Always use a random line out of a Shakespearean sonnet to use as your password, interspersed with three two-digit numbers.
ButBeautysWaste19HathInThe75WorldAnEnd33
Come to think of it, that's not really all that bad as such advice goes... I mean, it's better than most, anyway... be a bongo to type out correctly each time, though.
(emphasis mine)
Shakespeare wrote 154 sonnets. Each has 14 lines, so there are a maximum of 2156 possibilities. This is the weakest part, and the hardest part to beat on a bongo.

There are 100 two-digit numbers, yielding 1000000 possibilities for the set of three two-digit numbers.

Placing these numbers in the sonnet lines, assuming a line of 40 characters, would yield a maximum of 40^3=256000 64000 possibilities.

Naively multiplying it all together yields 551936 137984 billion possibilities.

All in all, it does not look good. It beats loses to eight alphanumeric characters, but only by a factor of two.

Jose
edit: Nothing to see here.... move along!
Last edited by ucim on Fri Apr 07, 2017 1:32 am UTC, edited 1 time in total.
Order of the Sillies, Honoris Causam - bestowed by charlie_grumbles on NP 859 * OTTscar winner: Wordsmith - bestowed by yappobiscuts and the OTT on NP 1832 * Ecclesiastical Calendar of the Order of the Holy Contradiction * Please help addams if you can. She needs all of us.

User avatar
gmalivuk
GNU Terry Pratchett
Posts: 26086
Joined: Wed Feb 28, 2007 6:02 pm UTC
Location: Here and There
Contact:

Re: 1820: "Security Advice"

Postby gmalivuk » Fri Apr 07, 2017 12:41 am UTC

ucim wrote:
Schol-R-LEA wrote:Always use a random line out of a Shakespearean sonnet to use as your password, interspersed with three two-digit numbers.
ButBeautysWaste19HathInThe75WorldAnEnd33
Come to think of it, that's not really all that bad as such advice goes... I mean, it's better than most, anyway... be a bongo to type out correctly each time, though.
(emphasis mine)
Shakespeare wrote 154 sonnets. Each has 14 lines, so there are a maximum of 2156 possibilities. This is the weakest part, and the hardest part to beat on a bongo.

There are 100 two-digit numbers, yielding 1000000 possibilities for the set of three two-digit numbers.

Placing these numbers in the sonnet lines, assuming a line of 40 characters, would yield a maximum of 40^3=256000 possibilities.

Naively multiplying it all together yields 551936 billion possibilities.

All in all, it does not look good. It beats eight alphanumeric characters, but only by a factor of two.
And then once you go through and check your math, you eliminate a factor of 4 before you even worry about the likes of double-counting...
Unless stated otherwise, I do not care whether a statement, by itself, constitutes a persuasive political argument. I care whether it's true.
---
If this post has math that doesn't work for you, use TeX the World for Firefox or Chrome

(he/him/his)

User avatar
ucim
Posts: 6066
Joined: Fri Sep 28, 2012 3:23 pm UTC
Location: The One True Thread

Re: 1820: "Security Advice"

Postby ucim » Fri Apr 07, 2017 1:33 am UTC

What's a factor of four among friends?

Jose
Order of the Sillies, Honoris Causam - bestowed by charlie_grumbles on NP 859 * OTTscar winner: Wordsmith - bestowed by yappobiscuts and the OTT on NP 1832 * Ecclesiastical Calendar of the Order of the Holy Contradiction * Please help addams if you can. She needs all of us.

User avatar
Cougar Allen
Posts: 45
Joined: Thu Dec 24, 2015 4:49 am UTC

Re: 1820: "Security Advice"

Postby Cougar Allen » Fri Apr 07, 2017 2:24 am UTC

fibonacci wrote:"If a border guard asks to examine your laptop, you have a legal right to challenge them to a chess game for your soul."
Or ping pong, as the case may be.
https://www.youtube.com/watch?v=8lsWeBNb_eI


Death plays with a nunchaku.

User avatar
jonhaug
Posts: 28
Joined: Fri Jan 02, 2015 12:44 pm UTC

Re: 1820: "Security Advice"

Postby jonhaug » Fri Apr 07, 2017 6:08 am UTC

HES wrote:
Soupspoon wrote:...and then immediately afterwards recalled the password I'd just had overwritten, and that I couldn't even reuse due to historic passwords being ineligible.

I regularly try to change a forgotten password to the forgotten password. At least I can usually cancel the reset and log in with the freshly remembered one.


Some systems, including one I am responsible for, actually allow the user to "change" the password into the current one without any fuzz. In our case, this doesn't mean the password change point of time is reset to the current date, no state change at all is the result. (Yes, I know I've already proclaimed the "Change password frequently" policy as bad policy, but I don't make the rules.)

/Jon

User avatar
Znirk
Posts: 173
Joined: Mon Jul 01, 2013 9:47 am UTC
Location: ZZ9 plural Z α

Re: 1820: "Security Advice"

Postby Znirk » Fri Apr 07, 2017 6:28 am UTC

Schol-R-LEA wrote:Always use a random line out of a Shakespearean sonnet to use as your password, interspersed with three two-digit numbers.

For extra security, suggest this method to other people but use Philip Sidney yourself.

... So is the blue checkmark a reference to anything specific, other than the idea of keeping a list of people and a blue ballpoint on your person?

User avatar
Soupspoon
You have done something you shouldn't. Or are about to.
Posts: 3085
Joined: Thu Jan 28, 2016 7:00 pm UTC
Location: 53-1

Re: 1820: "Security Advice"

Postby Soupspoon » Fri Apr 07, 2017 7:21 am UTC

Znirk wrote:... So is the blue checkmark a reference to anything specific, other than the idea of keeping a list of people and a blue ballpoint on your person?

I think it's supposed to be a Twitter 'confirmed person' thing (though have no idea what hoops a person has to go through to convince Twitter's admin). But there's also "Safe Search" versions of web-search pages that have (some colour of) tickmarks next to suitably confirmed domains, to differentiate the likes of a www.microsoft.com result from a www.mircosoft.com one...

rmsgrey
Posts: 3311
Joined: Wed Nov 16, 2011 6:35 pm UTC

Re: 1820: "Security Advice"

Postby rmsgrey » Fri Apr 07, 2017 7:34 pm UTC

Znirk wrote:
Schol-R-LEA wrote:Always use a random line out of a Shakespearean sonnet to use as your password, interspersed with three two-digit numbers.

For extra security, suggest this method to other people but use Philip Sidney yourself.

... So is the blue checkmark a reference to anything specific, other than the idea of keeping a list of people and a blue ballpoint on your person?


Certain browsers or browser plugins include something that puts a checkmark next to "genuine" URLs in the address bar, so you know whether you're putting your password into www.amazon.com or into www.amason.com (or some other not-quite-right URL)...

User avatar
gmalivuk
GNU Terry Pratchett
Posts: 26086
Joined: Wed Feb 28, 2007 6:02 pm UTC
Location: Here and There
Contact:

Re: 1820: "Security Advice"

Postby gmalivuk » Sat Apr 08, 2017 1:44 am UTC

I think the Twitter explanation is more likely, since the comic says "anyone", suggesting people rather than websites.
Unless stated otherwise, I do not care whether a statement, by itself, constitutes a persuasive political argument. I care whether it's true.
---
If this post has math that doesn't work for you, use TeX the World for Firefox or Chrome

(he/him/his)

User avatar
chridd
Has a vermicelli title
Posts: 808
Joined: Tue Aug 19, 2008 10:07 am UTC
Location: ...Earth, I guess?
Contact:

Re: 1820: "Security Advice"

Postby chridd » Sat Apr 08, 2017 3:50 am UTC

YouTube also has blue checkmarks. I'm not sure what determines who gets them, and I'm not sure the people who have them know either.

jozwa wrote:Hold on a second. Was it always a thing that you could add "_2x" to the url and it showed a larger version of the comic? O_O
It seems to start at comic 1084, and that one at least was last modified 08 Dec 2016.
~ chri d. d. /tʃɹɪ.di.di/ (Phonotactics, schmphonotactics) · she(?)(?(?)(?))(?(?(?))(?))(?) · Forum game scores
mittfh wrote:I wish this post was very quotable...
flicky1991 wrote:In both cases the quote is "I'm being quoted too much!"


Return to “Individual XKCD Comic Threads”

Who is online

Users browsing this forum: mscha and 68 guests