PDA

View Full Version : General bitch about Hotmail email programmes.


G-CPTN
19th Jun 2017, 12:12
I am a man of advanced years (beyond my three-score years plus ten) and starting to experience short-term memory loss - extremely short term, like minutes later - rather than genuine dementia.

Today I was denied access to my Hotmail account unless I entered the password.

Which password? I know that I had to reset my password some time ago (and sometime before that, too), and I have been instructed not to use the same password for multiple applications - and you cannot re-use passwords - so I have invented various versions of passwords that are specific to each 'app' that include the name of that service.


Having admitted that I had forgotten my password for my Hotmail account I was invited to reset it, and was offered a code to be sent to my mobile 'phone - which usually works quite well, but in this instance the code failed to arrive.

I tried an alternative method which invoked a Microsoft account of a higher level (I forget its title) which asked questions such as who had I recently e-mailed (I know their names but cannot remember if their account is .com or .co.uk - and the information is locked within the unavailable Hotmail account) so I got it wrong and was asked questions about Skype (which I haven't used for about 4 years - no chance of getting those questions right).

A repeat request for a code to my mobile was likewise ignored (even though I had a good signal). Eventually, several codes arrived to my mobile 'phone all at the same time.

No doubt my attempts seemed like someone trying to break-in to my account, but allowances should be made for old farts like me who cannot remember whether they have been to the toilet in the last five minutes.

It is so frustrating (for me) to be locked out of my Hotmail account.

yellowtriumph
19th Jun 2017, 12:38
I'm sure most of us have lots of different passwords and the like to use with our various email and www bits and pieces. Why not consider a password manager to hold all your passwords for you?

I use Nortons 'Identity Safe' and I can access it anywhere in the world 24hours a day. All you need to do is remember one password - to 'open the safe' and thence have access to all your other password information. I believe it's free.

Geordie_Expat
19th Jun 2017, 15:40
Avast do something similar.

dsc810
19th Jun 2017, 19:23
Additionally ensure you have listed alternative email addresses as recovery addresses in Hotmail.
Then they send the code to that other email address.

ExSp33db1rd
19th Jun 2017, 20:45
I have the same problem, living in the Hereafter - I.e. getting out to the garage and saying " what am I here after " ? and I agree with the alternative e-mail idea for Hotmail. ( and Gmail, neither one of which is my primary address) and have had to use it a few times when away from home where I have access to a 20 page A-4 file of passwords and memories - written down ? of course not, Sir - and I have also attached a so-called "coded" USB stick to my keychain, but that requires access to a computer with USB slots, not available on an iPad.

I have no faith in any so called "cloud" based Master password system, such as Ladtpass or similar, am I being paranoid ?

G0ULI
20th Jun 2017, 00:18
For those of a certain age, just use the account name and your service number, something you are never going to forget!

Anyone who knows you well enough to guess the system is probably someone you actually need to be able to access your accounts if the worst should happen.

Or incorporate your Social Security Number, or something else other than your date of birth. That is rather too easy for someone to obtain.

yellowtriumph
20th Jun 2017, 02:34
I have the same problem, living in the Hereafter - I.e. getting out to the garage and saying " what am I here after " ? and I agree with the alternative e-mail idea for Hotmail. ( and Gmail, neither one of which is my primary address) and have had to use it a few times when away from home where I have access to a 20 page A-4 file of passwords and memories - written down ? of course not, Sir - and I have also attached a so-called "coded" USB stick to my keychain, but that requires access to a computer with USB slots, not available on an iPad.

I have no faith in any so called "cloud" based Master password system, such as Ladtpass or similar, am I being paranoid ?

Paranoid? Difficult to answer that one. I suppose if it could be hacked then you might be in trouble. I use the Norton product because I like to think that Norton (of all people) would be very robust against hacking/scamming etc given their primary business.

There is another option - I only use two passwords, one is short and one is long. All I store on Norton's Identity safe are the words 'long one' or 'short one' - never the actual passwords themselves. Of course it does require you to remember two passwords which is sort of getting beyond the original brief of the question.

Why not write the passwords down and give them to a close relative or friend that you trust?

Tarq57
20th Jun 2017, 03:21
For a while I kept all (or most, anyway) passwords for accounts etc on an encrypted text file in a random folder in the second partition of the disk.

The master password is strong, and something I'm likely to remember. So far so good.

Anyway, it all became too much faffing around for me. I tend to be the 'make a strong password or two and use them across multiple accounts' type of person these days. Bad idea, I know. Only takes one site I'm subscribed to to be hacked.....

BEagle
20th Jun 2017, 06:55
Having once made the mistake of saving addresses in my Hotmail account, my Hotmail address book was hacked by some prick. So I had to change my Hotmail password to regain access to my account. That took AGES, despite the patronising Microsoft assurances.

When I finally regained control of Hotmail, instead of using the Hotmail website with all its wretched adverts, I added my Hotmail account to my normal Outlook Express e-mail application. But along came Windows 7 which some idiot at Microsoft had decided shouldn't include the simple and easy OE. But as I had Office, I was able to set up Outlook with Hotmail as an additional account. Normally it works fine, but quite often a failure is flagged up....:hmm:

FullOppositeRudder
20th Jun 2017, 10:18
Thank you gentlemen; yes I am wrestling with passwords, pins and other impediments to easy interaction with the wretched system. I speculate about using a password manager of some kind.

In the meantime I have an Excel sheet, printed out and password locked (and there was a time when I thought up a really good password to use - yes I forgot it and have been unable to get into that one ever since :confused:)

I've never counted them, but I estimate that I have about fifty different systems / sites /accounts which require a (unique) password. "Unique? you've got to be joking!"

Accordingly I'm watching with interest....

FOR

IBMJunkman
20th Jun 2017, 11:51
I have no faith in any so called "cloud" based Master password system, such as Ladtpass or similar, am I being paranoid ?

No.

https://krebsonsecurity.com/2017/06/onelogin-breach-exposed-ability-to-decrypt-data/

IBMJunkman
20th Jun 2017, 12:28
Most systems require the following:

Be at least 8 characters in length.
Contain at least 1 lowercase and 1 uppercase letter.
Contain at least 1 special character (!@#$%^&*)
Contain at least 1 number (0–9)

My scheme satisfies the above and is unique to each site and easy to remember.

Something related to the site
A special character
My first name (capitalized) or some word
The year (either current or a constant difference from current)

So, for my fictitious HSBC password:

HSBC$Nathan2021 (current year + 4)

For my fictitious Vodaphone account:

Voda$Nathan2021

The parts can be in any order the password system will accept but should be consistent across sites.

yellowtriumph
20th Jun 2017, 17:37
No.

https://krebsonsecurity.com/2017/06/onelogin-breach-exposed-ability-to-decrypt-data/

Thanks for that link. That's why I never use the 'autolog back in' facility on Norton Live update, and also why I never store the actual password. Just a hint of it.

Biggles78
22nd Jun 2017, 05:06
While this won't help you with your present Hotmail, it may in the future. I try and use the horse battery staple correct (I know but this way works for me) method. Remember if someone wants to hack (guess) your password, they have to get every letter in the correct order. Ergo the longer the password, the harder to hack using a brute force application.

https://www.grc.com/haystack.htm - See how long it would theoretically take to brute force your password. Yes there is a tad more involved but if you use Password1 as your magic word, it takes very little more time to brute force P@$$w0rd1 . Put it in the GRC link and test it out and see the extra time. (Remember though that password and all the permutations of it will have been entered into a dictionary and tried first which would have resulted in the word being brute forced in 1 or 2 seconds or less.) Then put in something that has 4 words with each word having 4 characters as a minimum (words can be longer) and dump that into GRC and note the time difference.

If you want to use random words, read the article here (http://hackaday.com/2017/02/09/correct-horse-battery-staple-the-book/) to create your own list to randomise or use an already made generator here (http://correcthorsebatterystaple.net/) to do the dirty work for you. Remember that you will need to save any passwords so you don't forget them. Do NOT put stick them to the bottom of the keyboard because that is too inconvenient having to turn the keyboard over when you are trying to type in that new password. :E Better to use a Postit note stuck to the front of the monitor. :eek: :=


Some people recommend a Password Manager/Password Vault. I tried some but didn't like the features or the ones that want to backup my passwords to the Cloud, not a real crash hot idea IMO so I keep my 185+ password in a unprotected spreadsheet. Bloody insecure and the passwords aren't that safe either but it works for me. The file is on 3 different USB keys and they get synced every week or so.


I used to use the C1imbM0unt@In$ type cleverness but I started to forget what letters and numbers that I transposed. Now it's a simple four words. climbpowerequalsperformance . If it requires a capital, Climbpowerequalsperformance or a capital and character, Climbpower=performance . The password can be populated with punctuation(s), hyphen(s), number(s), symbol(s) and a space(s). Numbers can go in between the words or at the end so it is easy to remember its' location. The brute force application still has to get every character, and a space is a character, and get them all in the correct order for hacker to be successful.


We all know KISS but learn a new one. KISSY, Keep It Simple Stupid for Yourself. When using the battery horse staple correct method, make sure your words don't relate to each other. In my example, climb power should not be next to each other. PowerTimesAttitude=Performance or PowerXattitude=performance would have been a much better example. :ugh: Personally I blame the medication. :O


Apologies for the short story but the medication is working for a change today :ok: and I tend to waffle when it does. :uhoh: