Talk:1820: Security Advice

Explain xkcd: It's 'cause you're dumb.
Revision as of 15:33, 5 April 2017 by 162.158.111.211 (talk)
Jump to: navigation, search


Secret questions are not 2-factor authentication (2FA). They are just a really shitty password, something that you know. --JakubNarebski (talk) 14:33, 5 April 2017 (UTC)

Secret questions are more like 0-factor authentication, since they typically ask for public data. Shirluban 141.101.88.106 14:39, 5 April 2017 (UTC)

Even when it isn't public it is often very unsecure - like: "your password has to have upper and lower case letters, numbers" and other requirements - if you forget it just enter the brand of your first car, there are about 20 likely answers (make it 40 if you need to additionally see wether or not it has been capitalized) 162.158.92.46 15:18, 5 April 2017 (UTC)


Use prime numbers in your password: this would only limit the number of possible passwords for a hacker to check.

Use special characters like & and % : this advice is thoroughly handled in https://xkcd.com/936/ Changing characters into a special one does adds just very little to the search space. However, a video from Computerphile suggests inserting a random character somewhere in the password which might actually be rather helpful

162.158.111.211 14:53, 5 April 2017 (UTC)

Maybe you really should use a secure font Font related bug 162.158.79.161 15:13, 5 April 2017 (UTC)

Should the blue check mark tip be noted as only being useful on Twitter? Usually, the advice doesn't apply to emails, which are significantly more likely to ask for your less-secret account details, but also significantly less likely to have a blue check mark. 162.158.2.10 15:15, 5 April 2017 (UTC)

"If a border guard asks to examine your laptop, you have a legal right to challenge them to a chess game for your soul.", do any of you know exactly what is the original advice here? This is probably different in different countries, but if I recall correctly you can't prevent them from seizing your device, but you are not required to provide them your passwords (but they may give you a hard time or deny your entry if you are not a citizen). Anyone can confirm this? 108.162.216.22 15:16, 5 April 2017 (UTC)


The rice trick doesn't even work for wet phones. http://www.gazelle.com/thehorn/wp-content/uploads/2014/05/Water-Damage-Prevention-and-Recovery.pdf 162.158.111.211 15:33, 5 April 2017 (UTC)