TID: FMail-lnx64 2.3.2.6-B20251227   
   RFC-X-No-Archive: Yes   
   TZUTC: 0100   
   CHRS: CP850 2   
   PID: GED+LNX 1.1.5-b20240604   
   MSGID: 2:280/464 69887de9   
   REPLY: 2:221/1.58@fidonet 293656f3   
   Hi August,   
      
   On 2026-02-07 18:27:00, you wrote to me:   
      
    AA>>> And length is not as critical as to avoid outright guessable.  I   
    AA>>> have a friend who simply uses her first name and 1234 for her   
    AA>>> hotmail account, and her name is in the email address itself!   
      
    WvV>> Hmmm... I'm surprised that is still allowed by hotmail...   
      
    AA> Well.. that was a number a years ago.  Since then, she has replaced her   
    AA> laptop at least twice. Maybe she used the "forgot password" process and   
   was   
    AA> forced to "upgrade"/change the password, dunno.   
      
   Most likely...   
      
    AA>>> Another fellow uses the layout of the keyboard to guide him to   
    AA>>> "remember" his passswords.  Eg. the leftmost keys on the kb =   
    AA>>> qweasdzxc, or qazwsxed, and then some numbers.  Personally, I would   
    AA>>> not use that scheme as the sole pw. Instead, maybe the qweasdzxc or   
    AA>>> qazwsxedc strings could be one of the parts in [A] [B] [C] as a   
    AA>>> minimum.   
      
    WvV>> I don't use such easy scheme's, but i sometimes use easy to type   
    WvV>> passwords (for me) when I can't use a password manager.   
      
    AA> What do you mean "easy to type"?  Everything is easy to type.   
      
   I'm a ten finger blind typer. Then some keys are closer to the starting   
   position for your fingers, and some order of keys are also easier/faster to   
   type.   
      
    WvV>> My financial accounts all use some kind of 2 factor authentication   
    WvV>> nowadays anyway...   
      
    AA> 2FA [sending an sms string to a phone] seems secure.  But my bank doesn't   
    AA> always go through that route when I need to relogin the same day from the   
    AA> same device a little while later.   
      
   Indeed, some make you only do that once in a X period of time...   
      
    AA> I could be held hostage and someone else could be forcing me to enter   
    AA> the 1st layer of login, and the perps could be in control of my phone.   
      
   When "attackers" have fysical access to you or your loved ones, and are   
   willing to do everything it takes, then no sceme works...   
      
    AA> I only started using FB for my business recently. It actually started   
    AA> to be handy to post a sale or a quick announcement. And, I only   
    AA> recently added a new image for my top "banner".   
    AA> https://facebook.com/AshliesBooks ..but ultimately, FB is still a   
    AA> walled-garden and only other FB members can see the full content   
    AA> anyway.   
      
   Does the account have followers/friends?   
      
      
   Bye, Wilfred.   
      
   --- FMail-lnx64 2.3.2.6-B20251227   
    * Origin: FMail development HQ (2:280/464)   
   SEEN-BY: 50/22 103/705 105/81 106/201 124/5016 128/187 153/757 7715   
   SEEN-BY: 154/10 30 110 203/0 218/700 221/0 226/30 227/114 229/110   
   SEEN-BY: 229/112 134 206 317 400 426 428 470 664 700 705 240/1120   
   SEEN-BY: 240/5832 266/512 280/464 5003 5006 291/111 292/854 8125 301/1   
   SEEN-BY: 310/31 320/219 322/757 341/66 234 342/200 396/45 423/120   
   SEEN-BY: 460/58 256 1124 633/280 712/848 770/1 902/26 5020/400 8912   
   SEEN-BY: 5054/30 5075/35   
   PATH: 280/464 460/58 229/426