I would like to block foreign countries from attempting to login to my accounts why do they not offer that feature? Why not even allow the ability to block any state or town in any country? It just makes life harder to have to have all the different passwords for many different accounts we all use.
The worst thing is the wretched Captcha: I’ve gone down its rabbithole many times especially when trying to recover an account. Tiny blurred panels, numbers you can’t make out, audio clips that can’t be deciphered etc etc etc. There has to be more to life than this.
Leo, recently I saw a PBS special on cyber security that suggested using a "diceware" to create long passwords. Instead of using "complex" passwords it uses longer passwords of random simple words strung together to create password that are longer then say 24 characters. Easy to remember and key in but very difficult to crack. Any thoughts?
An important note: if your password isn't unique, they might guess it by chance, or brute force through. That makes me think: how random is the random generated password? Could someone got an exact one got suggested as well? Depending on the number of characters and the choice of types of characters. From the several billion accounts worldwide, there could be a small chance two people used the same password.
In practice, most systems like hotmail will impose a rate limit on password attempts thus making guessing the password pretty much a waste of time since the number of guesses allowed is relatively small. Other systems will require 2FA authentication from devices where the user hasn’t hasn’t checked the ‘remember me from this device’ box. So as long as you have a password that is reasonably secure as in at least a combination of letters and numbers then you are probably OK. The most important thing is as mentioned in the video: do not re-use passwords across different sites - in order to protect from password stuffing attacks.
Thanks Leo for making this video X had a notification on my phone and went onto secure my account and theres hundreds loads of contries, just opened a website recently was worried someone trying to get into my paypal, is hundreds every 5 mins should i be worried?
Who is "they"? Many websites have logic such as 3, 4, 5, 6 wrong passwords and the account is locked. The lock may be until you contact them by phone, or the lock may have a lockout period. Some advance the lockout period in series each time you are locked out (e.g., First lockout is 30 minutes; second lockout is 4 hours; third lockout is a day; fourth lockout is a month). Thing is, there is no standard and so each company (or even different apps at a company) will deploy different solutions. And, yes, companies with poor security hygiene do not apply lockouts.
It's funny that this video just came up for me. I recently changed a hotmail password and noticed the exact same thing.....dozens of login attempts from across the world. I never would have imagined that was happening.
Thank you for this one. I discovered this about my account three weeks ago and thought I was under attack, but I didn't know what to do about it. I've lost sleep from worry. So, it's not just me. I have since taken every step possible to secure my accounts. It was a wake up call.
@JamesCarl-v3m no, I just have lots more protection. I took all sensitive material off my laptop like password document in Word. I have Norton 360, removed my I fo from the internet and update and scan everyday.
Thank-you for this! But, why does Microsoft Outlook scare and Gmail does not? They scared the crap outa me about a year ago with, "Secure your account by logging in and clicking on each failed attempt to let them know it's not you." Hint Microsoft, if it's not in the USA, it's not me! Why won't Microsoft create a permantly checkmarked user selection that says, "If outside the USA, it will never be me" and then just take care of it for me? BL, I'd rather not know of all the attempts (it's unnerving), so I switched all my important accounts from Outlook over to another email provider.
I don't worry too much about email, etc. Besides my day job I have an LLC that I do development and web hosting for clients. 3 Linux cloud servers. I don't allow regular username/password on them. You need a private key to get access to anything. As soon as you try to login via SSH if your machine doesn't have private key on it you'll be disconnected.
Thanks Leo I have been so stressed about these passwords because of this cyberphobia or whatever u call it been aching giveing me headaches but non the less thanks leo
✅ Watch next ▶ Is Passwordless Authentication Safe? ▶ ruclips.net/video/81w_WaGGumk/видео.html
I would like to block foreign countries from attempting to login to my accounts why do they not offer that feature? Why not even allow the ability to block any state or town in any country? It just makes life harder to have to have all the different passwords for many different accounts we all use.
The worst thing is the wretched Captcha: I’ve gone down its rabbithole many times especially when trying to recover an account. Tiny blurred panels, numbers you can’t make out, audio clips that can’t be deciphered etc etc etc. There has to be more to life than this.
In outlook you can create Alias and remove the possibility of loggin. Those are the alias of your accounts that you will shared with the world.
How do i do that
Thanks, Leo. I learn something from every vid you post.
Leo, recently I saw a PBS special on cyber security that suggested using a "diceware" to create long passwords. Instead of using "complex" passwords it uses longer passwords of random simple words strung together to create password that are longer then say 24 characters. Easy to remember and key in but very difficult to crack. Any thoughts?
It's a legit approach, as long as the passwords remain long.
It's fairly simple to write a basic computer program to create this type of password.
i had accounts from 1995 cant get in them and cnt get any one to fix it
An important note: if your password isn't unique, they might guess it by chance, or brute force through. That makes me think: how random is the random generated password? Could someone got an exact one got suggested as well? Depending on the number of characters and the choice of types of characters. From the several billion accounts worldwide, there could be a small chance two people used the same password.
This is why 2FA is important and passwordless accounts are important. Microsoft does offer you to go passwordless
In practice, most systems like hotmail will impose a rate limit on password attempts thus making guessing the password pretty much a waste of time since the number of guesses allowed is relatively small. Other systems will require 2FA authentication from devices where the user hasn’t hasn’t checked the ‘remember me from this device’ box. So as long as you have a password that is reasonably secure as in at least a combination of letters and numbers then you are probably OK. The most important thing is as mentioned in the video: do not re-use passwords across different sites - in order to protect from password stuffing attacks.
Thanks Leo for making this video X had a notification on my phone and went onto secure my account and theres hundreds loads of contries, just opened a website recently was worried someone trying to get into my paypal, is hundreds every 5 mins should i be worried?
Thank you so much i was worrried.
Thank you thats whats happening to my account trying to sign in all over the worl
They really need to have a delay. You enter password wrong 3 times and it makes you wait 10 minutes before you can try again.
Who is "they"? Many websites have logic such as 3, 4, 5, 6 wrong passwords and the account is locked. The lock may be until you contact them by phone, or the lock may have a lockout period. Some advance the lockout period in series each time you are locked out (e.g., First lockout is 30 minutes; second lockout is 4 hours; third lockout is a day; fourth lockout is a month). Thing is, there is no standard and so each company (or even different apps at a company) will deploy different solutions. And, yes, companies with poor security hygiene do not apply lockouts.
Really appreciate your contents.
You're a good trainer.
It's funny that this video just came up for me. I recently changed a hotmail password and noticed the exact same thing.....dozens of login attempts from across the world. I never would have imagined that was happening.
Amazing with all the technology we have we still can’t identify bots and stop them at ISP level.
Thank you for this one. I discovered this about my account three weeks ago and thought I was under attack, but I didn't know what to do about it. I've lost sleep from worry. So, it's not just me. I have since taken every step possible to secure my accounts. It was a wake up call.
You got this resolved?
@JamesCarl-v3m no, I just have lots more protection. I took all sensitive material off my laptop like password document in Word. I have Norton 360, removed my I fo from the internet and update and scan everyday.
Thank-you for this! But, why does Microsoft Outlook scare and Gmail does not? They scared the crap outa me about a year ago with, "Secure your account by logging in and clicking on each failed attempt to let them know it's not you." Hint Microsoft, if it's not in the USA, it's not me! Why won't Microsoft create a permantly checkmarked user selection that says, "If outside the USA, it will never be me" and then just take care of it for me? BL, I'd rather not know of all the attempts (it's unnerving), so I switched all my important accounts from Outlook over to another email provider.
Why is this not happening on Gmail or it is but google filter it out?
I don't worry too much about email, etc. Besides my day job I have an LLC that I do development and web hosting for clients. 3 Linux cloud servers. I don't allow regular username/password on them. You need a private key to get access to anything. As soon as you try to login via SSH if your machine doesn't have private key on it you'll be disconnected.
Thanks Leo I have been so stressed about these passwords because of this cyberphobia or whatever u call it been aching giveing me headaches but non the less thanks leo