Copyright © 1952-2024
Re-evaluation Counseling Community Resources, Inc.
all rights reserved.

• member log in

• home

• thought of the day

• contact

• For People New to RC
• The Origins of RC
• Articles and Publications
  • Translations and Language Liberation
    • Acholiluo
    • Afrikaans
    • Amharic
    • Arabic
    • Euskara (Basque)
    • Chinese
    • Hrvatskijezik (Croatian)
    • Dansk (Danish)
    • Nederlands (Dutch)
      • Nederlands Voorlopige Vertalingen
    • Esperanto
    • Farsi
    • Filipino
    • Suomea (Finnish)
    • Français (French)
    • Frisian
    • Deutsch (German)
    • Greek
    • Hebrew
    • Hindi
    • Magyar (Hungarian)
    • Bahasa Indonesia (Indonesian)
    • Italiano (Italian)
    • Japanese
    • Kannada
    • Kiswahili
    • Korean
    • Malayalam
    • Marathi
    • Norsk (Norwegian)
    • Polski (Polish)
    • Portuguès (Portuguese)
    • Limba Român (Romanian)
    • Russian
    • Sami
    • Shona
    • Slovensky (Slovak)
    • Español (Spanish)
    • Svenska (Swedish)
    • Tamil
    • Telugu
  • Subscriptions
  • Present Time & Other Journals
    • Present Time
    • For Subscribers to Digital Present Time
      • Contents 198
      • Contents 199
      • Contents 200
      • Contents 201
      • Contents 202
      • Contents 203
      • Contents 204
      • Contents 205
      • Contents 206
      • Contents 207
      • Contents 208
      • Contents 209
      • Contents 210
      • Contents 211
      • Contents 212
    • PDF Downloads
    • Recent Articles
    • RC Journals
  • Online/Downloadable Books, Pamphlets, and Audio Recordings
    • RC Theory
  • Publication Updates, Supplements, and Corrections
    • Fundamentals Teaching Guide Part II (Liberation) Readings
    • Fundamentals Teaching Guide Resources
      • Fundamentals Teaching Guide Part I
  • Resources for RC Editors
  • Rational Island Publications website help
  • Articles by category
    • Community Building
    • RC Liberation Theory
    • Ending Racism
    • Transformation of Society
    • Teaching RC
      • Articles About Teaching
      • Fundamentals Class Outlines
    • Care of the Environment
    • Other Important Categories
    • Articles from recent issues of Present Time
  • Important Articles by Harvey Jackins
• Human Liberation
  • Our Work to End Racism and Genocide
  • International Liberation and Commonality Reference People
  • Draft Liberation Policy Statements
    • Draft Program for Native Liberation
    • Care of the Environment Draft Policy and Draft Program on Climate Change
    • Women's Policy Statement
    • Draft Policy on Disability Liberation
    • Liberation of Basque People
    • Raised Poor Draft Policy Statement
    • "Mental Health" Oppression and Liberation
    • Older Draft Policy Statements
    • Drafts of drafts
  • Liberation theory articles
  • No Limits for Women
    • Mission Statement
    • NGO Forum CSW60 No Limits workshops
    • Publications
    • Photos of No Limits at Beijing Plus 20
    • Video excerpts of No Limits at Beijing Plus 20
    • Women's March
    • The Basics of RC Women’s Liberation
  • Language Liberation
  • Re-evaluation Foundation
    • About the Re-evaluation Foundation
    • Information for Contributors
    • Grant applicants
    • Selected projects
      • Overview
      • Leadership Global Majority
      • Global Initiatives
      • Development of Young People
      • Care of the Environment and Sustaining All Life
    • Foundation leadership
    • Foundation finances
    • Contact the Foundation
  • Articles by Tim on the Transformation of Society
• RC literature
• Three RC Websites
  • Three RC Websites
• Care of the Environment
  • Climate Change and the RC Communities
  • Unified Goal on the Climate
  • Care of the Environment
  • Sustaining All Life
  • Climate Change Resources (from outside the RC Community)
• Community Organization
  • Guidelines
    • 2022 Guidelines for the RC Community
    • Guidelines for Use of the Electronic Lists
    • Goals of the RC Community
    • Articles Supporting the Guidelines
  • Workshops
    • Web site Organizing Tools
      • Web site Organizing Tools Class 1
      • Web site Organizing Tools Class 2
      • Web site Organizing Tools Class 3
      • Web site Organizing Tools Class 4
  • Forms
    • Regional and International
    • Outside USA
    • Inside the USA
    • Order Forms
    • Teacher Applications
  • COVID-19 (coronavirus) and the RC Community
  • Community Goals
  • Electronic Mailing Lists
  • RC Webinars
    • Listing of webinars
  • Local
    • Norway
    • Victoria, Australia
    • NYC/NJ metropolitan area
    • Alameda
    • Seattle RC Community
    • Washington DC RC Community
• Counseling Practice
  • How to Begin
    • Online classes
      • Apply for Online Class
      • Lesson 1: Basic Human Nature/Listening
      • Lesson 2: Distress Recordings and Distress Patterns
      • Lesson 3: Discharge
      • Lesson 4: The Role of Counselor and Client
      • Lesson 5: Fundamental Counseling Techniques
      • Lesson 6: More on Contradictions
      • Lesson 7: And Even More on Techniques and Contradictions
      • Lesson 8: The Early Roots of Distress Recordings
      • Lesson 9: Co-counseling Session Reports
      • Lesson 10: Rational Human Needs and Addictions
      • Lesson 11: Oppression and Liberation: An Introduction
      • Lesson 12: The Counseling Relationship
      • Lesson 13: Thinking, Logic and Power
      • Lesson 14: Setting Goals
      • Lesson 15: Reality
      • Lesson 16: Our Goodness, Our Relationships, and Our Confidence and Hope
      • Lesson 17: More on Oppression and Liberation: The Basics and Ending Racism
      • Lesson 18: Overview of Other Major Forms of Oppression
      • Lesson 19: Counseling on Relationships, Closeness, and Sex
      • Lesson 20: Care of the Environment
      • Lesson 21: RC Learning Theory
      • Lesson 22: RC Literature - Reading and Writing
      • Lesson 23: The RC Community, Teaching, Leaading and Inviting
      • While You Wait
    • Classes near you
    • How to Begin RC
  • Counseling Techniques
    • Commitments
  • Welcome to RC
  • Basic Theory
  • Perspectives
    • IRP Perspectives
    • Taking a Needed Initiative (on the climate emergency)
    • On the Middle East
    • On the Middle East
    • Ending War
    • On 9 / 11
  • Harvey Jackins
  • Videos on Community Building, Counseling, and Liberation
  • Glossary of RC Terms
    • Comprehensive Glossary of RC Terms
    • Glossary of terms for people new to RC
• Search

News flash

RECORDING UPDATE

Sustaining All Life:
World Social Forum

WEBINARS

Raised Poor &
Climate Emergency
April 20
Gwen Brown
Janet Kabue

 

Creating and Managing Passwords

Many people's e-mail and web accounts get hacked. You may have wondered how this is done.

1. A password can be stolen via hacking (or legal access) to other services.
2. Passwords can be engineered from available information and combinations can be tried endlessly.

One thing we can easily agree about is that improvement is possibly and even simple steps forward will make huge difference.

I like to explain a workable strategy to better secure access to your online services. But to do that I first tell you something about how passwords often fail to protect us.

First a note: This article is not about the passwords we use to encrypt documents. That is a whole different approach and analyses.

Stealing passwords

Many web sites are poorly protected. Sometimes we read in the news about big hacks where thousands or even millions of accounts are leaked, where people's passwords get compromised. The problem here is that most people use the same password(s) over and over again. Companies, and government agencies have access to many databases including passwords people use.

We simply have to conclude that a password that you use in any internet service can and will be compromised. So you will have to use many different passwords. Which makes it much harder for you to remember them. The only workable solution I know for this is to use a password manager.

Password engineering

The process of breaking someones password is actually very simple. Many, if not most, people make up passwords as combinations of things they can easily remember. Using names of their children, parents, pets, addresses, birth-dates, or combinations of those. And most people believe nobody will think of the specific combination they had in mind. But they don't count in how easily a combination of harvesting such information via social media, hacked web sites, and what we call social engineering¹ leads to engineering a password. With some programming code (we call it a script)  many combinations can be tried very fast to break a password. No rocket science involved.

Many Internet services (like email and web) try to force use of complex passwords. These attempts to determine password strength by length and complexity don't protect enough against the use of passwords engineered from known information. It has been tested and proved enough that these factors don't make stronger passwords.

To make stronger passwords that pose a better challenge to hackers, you can choose 2 paths:

1. Random strings. Random strings are much harder to guess. The longer they get the harder it becomes. This again has the drawback of being hard to remember, but a password manager can solve this.
2. Engineer a password from information you can remember but that no one else can easily retrieve from you or people around you. You can find many articles about password creation. It still won't be easy to create and remember many passwords this way. 

Using a password manager

There are many different password managers. This is not a technical or consumer test report. I will only introduce you to one. Others you can figure out yourself, if you want or need to.

✋You should not use a password manager on a device with a shared user account. Using shared accounts is a bad idea anyway. Do not even share an account with people that you trust with your life. Well intending people can unknowing and unwillingly be abused to carry malware into your device. Better to use separate user accounts.

A good password manager stores the passwords encrypted. Also a password manager helps you to fill in the account information when opening the login page of the web site. (for example 1password, is currently one of the best options).

Also you should realize that even though passwords managers are a much needed solution, also these programs can fail. So I advice a mixed strategy. Use a password manager for the bulk off websites and services, but not for the most vulnerable ones.

Password managers built in into browsers like Mozilla Firefox, can be a good idea. But they also have flaws like the one in Chrome stores you passwords with Google. USing a little book where you keep your passwords, may also work well, as long as your passwords are different and complex enough.

A good password manager automatically presents itself when it detects that you are filling in a user account and password in a web page. It offers to store the password for you. When you store the username and password it will automatically fill the fields when you return to that web page a next time. Allowing you to login without having to remember the complex password and username combination.

Now you can start using much longer and more random passwords, and a different password for every service.

Using much better passwords and a password manager is a huge improvement over the weak passwords most people use. When you have mastered this skill there are 3 optional additional improvements that you can do, but will need a little study.

1. Using a master password² allows it to better encrypt the passwords it stores, making it harder for someone to steal them. For a manual go here: https://support.mozilla.org/en-US/kb/use-master-password-protect-stored-logins
2. You can synchronize your profile between devices making your password list automatically available in all your devices. Using Firefox Sync is safe if you use a master password. For a manual go here: https://support.mozilla.org/en-US/kb/how-do-i-set-sync-my-computer

Other Internet browsers like Chrome, Safari, Opera, Explorer (probably) have their own build in password managers, that work similar to Firefox. And there are numerous independent password managers with different capabilities.

Independent password managers like Keepass2 also support the storage of passwords for password protected files.

I hope you will take some time to master these skills. It is not only for your protection. When your e-mail gets hacked, your friends and relatives are often the target for phishing, and scam's, and the next hacking attempts.

---

 

¹ Social engineering: simply ask a person for the information while impersonating someone else. For example: call someone saying you are the service manager of the bank and ask them their bank account number and birth date. Combined with other information this might allow you to withdraw cash from their account. That simple? Unfortunately, yes!

² A master password is a special case. You should create a password that you keep for this purpose only and is not to long (because you will need to enter it each time you open the password manager) and not to be engineered from available information about you. For example: create a funny sentence: 'When I was young, Chris Smith was my neighbor' to create a password with the first chars, replace 'I' with '1' and make every 2nd char uppercase: w1wYcSwMn.

---