Comments on: Chocolate Owns Your Passwords

By: backbone

backbone — Tue, 29 Apr 2008 15:08:00 +0000

I have some chocolate leftovers from last years christmas… anybody interested?

By: ZaD MoFo

ZaD MoFo — Sun, 27 Apr 2008 04:37:48 +0000

This is my password: $Fogo.-%qBBRallOpe-n

Do those folks are idiots? No.

Here is spontaneous honesty but viewed at distance by pals who know the importance of restricting access to computers.

Passwords are bothersome to remember. One password is ok but when you must remember ten or twenty (bank, social number, computer, access code for your house, your alarm system, your blog access, your social network page and so on, and many more if youre a sysop, it may appear to be a valuable technique to conglomerate thoses numbers, to simplify by having five passwords or less. But you know youre in trouble when a single password is the root access for your bank account, your computer, your house. On the other hand, if you think as criminal do like us we do (remember: to protect our stuff we must know all the tricks), it’s nonsense to give such a thing so “precious” for candy that we forgot: “all are not criminals”.

Sure, times have changed over the years. Computers & IT stuff is serious busyness now. Money and data fly all over the wires but like the guy who let the motor run the time to fetch a pack of cigs, simplicity = speed = smart.
Bad luck or shit happend anyway.

By the way, it’s impressive what you could learn from someone unknow to you before, just by asking, even if you are not a blond girl.

So, this was my password: $F0g0.-%`97BRallOpe-n
Here is the > CHOCOLATE <.

By: BlueRaja

BlueRaja — Sat, 26 Apr 2008 21:47:55 +0000

This story is tiring. As Bruce Schneier put it, “I would certainly give up a fake password for a bar of chocolate.”

I know I would.

By: fever

fever — Fri, 25 Apr 2008 19:52:19 +0000

to think that someone would give out a password in exchange for a chocolate bar is hilarious. hopfully the were smart enough to change the pass immediatley or give a false one, if not than they are stupid people. but a very interesting bit of social engineering. i wonder how big the chocolate bar was? was the lady a blonde or a brunette?

too much fun.

By: zupakomputer

zupakomputer — Fri, 25 Apr 2008 15:34:00 +0000

Let’s hope you guys are right & they were just making them up.

I would think the personal info has long been one of those moot points; just about anybody these days has access to databases that can look up postcodes, phone numbers, names, and house numbers. For example in the UK these are based on electoral registers, and they can and have been used to list people on the likes of automated phonecall lists (where you’re offered prizes and so forth).

I’ve lost count of the amount of times on the phone I’ve had to give out personal details as routine (even say, checking up an insurance quote - or they won’t tell you anything); usually they only need your postcode and they’re able to look up the other details from there.

By: Bogwitch

Bogwitch — Fri, 25 Apr 2008 14:13:41 +0000

Abolutely. Hell, if a pretty girl asks me WITHOUT chocolate, I’d be sure to tell her my password is ‘password’ That way, I can skew the results of any survey to show that password security is still weak and needs infosec professionals like me to fix it!

By: David

David — Fri, 25 Apr 2008 12:51:20 +0000

Hey, if you’re a pretty girl and you’re offering me chocolate, I, too, will be delighted make up a password and give it to you to write on your clipboard.

Did they test even one of those passwords to see if it was good for anything?