Not completely true. The method is still great but you should just increase the sentence a bit. Around 10-12 words is a good length right now.

The most important part is still the use of unique and strong passwords for each site/service. Preferable with help of an password manager. But since I'm extra paranoid I don't keep my most important passwords in the password manager (working with IT-security).

I divided it like this:
Tier 1:
Email, Password manager, AppleID etc..

Tier 2:
Social media

Tier 3:
More important forums

Tier 4:
Shit sites

Tier 2-4 will be in the password manager.

The master password to your password manager will be the decryption key for unlocking the rest of the passwords.

 

This sentence is syntactically correct but meaningless. Strong opinions with little knowledge are dangerous, and scaring people away from solutions implemented by a large community of very experienced people who have been studying and working on the same problem for decades is actively harmful.

This is the start of what you are missing: https://en.wikipedia.org/wiki/Key_stretching

What is your better solution?

 

My dad is Satoshi Nakamoto, father of Bitcoin and blockchain. You owe me a 128-bit apology.

 

I'm no security expert, but work with some. Arguing against password managers because of the risk seems a bit like arguing against the use of seat belts because you might get trapped in the car. If you already keep your passwords carefully written down and keep the paper list in a safe, you're pretty damn secure and a password manager might not be an improvement for you. But for everyone else on the planet, use of unique and secure passwords is hard work that a password manager makes easier.

 

Very sad to read about this scam. I truly hope the OP can recover his funds.

 

I agree its not nice happened to me a few years ago

 

As I've just posted a FS post here, I can tell you that now you'll need a mod's approval for posting, meaning that someone trustworthy will scan the advert and look for anything off before it goes live...





...Or it might just be something @dsio put into place so he could snag all the good stuff before anyone else

 

It looks like the scam artist is at it on another site.

http://chronocentric.com/forums/chronotrader/index.cgi?page=1;md=read;id=86214

 

We love the Flyers here...

 

+1. This is a nice little community and this sort of thing is upsetting to read because of the inherent trust we have here.


Well, time to change the passwords....

 

For what it's worth given my limited exposure here, and while I tend to lurk -- which given the circumstances might mean nothing -- I do go by the same handle on a few other watch forums (Applicable MODs or vetted Omegaforums members, PM me if so desired to confirm), and trust Mike immensely. He's the type of guy I would feel comfortable accepting payment upon his in-hand trade inspection.

Although I've never met Mike in person over the years of reading his substantial posts, he's a eloquent writer who would come in conservative on a overall condition of a watch and NOT be hasty in order to strike a deal. Although the punctuation of the scammer is legit, it's a tad bit brazen, so let this be a lesson to all where multiple watch forum handle accounts (myself included) might exist in vetting for overall writing tone.

 

Looks like that thread has been deleted. The poster used the following email address, though probably has others: [email protected]. Watch out!

 

What makes it even worse is that the scammer is taunting me. I wrote him yesterday telling him I’ll be filing charges against him soon and that I’ll be talking a lawyer. He told me that he will be at his bank in 40 minutes and then ignored me for the whole day, Today after another few emails, he said that he reversed the wire at around 11am. I called the bank at 5pm and they said nothing is there. When the money didn’t show up, I wrote him and he ignored me again. I really think he’s having fun with me. What a loser!. I’m trying to forget it but $5000 hurts!. That’s a chunk of change no matter how much you make.

 

It could have happened to any of us. Don’t let that $hit head ruin your day or weekend. It would hurt for any of us to lose $5000.

 

looks like the scammer is a professional fraudster. never stop running after him.
if only we can help in your situation. this is an honest forum, what's why we post
comments, reviews and even valuable criticisms for the good of the members and
viewers.

 

Nice, you even lowballed his lowball

I hope that more people didn't get hurt by that creep. You dodged a bullet, because you were next...

 

This calculation is based on the ability to use something like hashcat, which requires you to have a cryptographic hash of the password. With something like an online login, the only way to test password correctness is to try a login. A forum site like this probably can't easily let you test more than 10 passwords per second or so, while with hashcat and multiple GPUs you can hack many thousands or millions of passwords per second. Bottom line is that you do not need high complexity to protect passwords for online services: instead just make sure you use a different password for each site. I would much much rather for you each to just use a single English word or two as a password, maybe with a digit, but with a different password for each site, than having a very complex password but using the same password for more than one site (or a very similar one such as putting the initials of the site at the end).

 

The price to me wasn’t really an indicator of anything as I have purchased watches before that were very good deals. The watch goes for $6000 and he was asking $5000 so it wasn’t too far off especially if the seller was desperate for money or trying to get another watch. Deals happen all the time. Does anyone know how I can get the bank to turnover his full information so I can file a case against him?.