PSA on Passwords

**privacyxyz2** · 03-03-2024, 03:56 PM

Hya y'all, thought I'd share a 'pro tip' on passwords. If you're concerned about your credentials being compromised and bought/sold on the Dark Web, include a comma in your password. Why? These files of credentials are stored in what is called Comma Separated Value format (example.csv). These are organized in columns, with the information separated by commas. Example below:

Userid, password, date_stolen
JillydillyfromPhilly,Password1234,03/01/2024

This reads as the userid is JillydillyfromPhilly, her password is "Password1234", and the date stolen was March 1 of this year.

When you include a comma in your password, it screws up that record and the information becomes useless. Say that JillydillyfromPhilly changes her password to "Password1,234". If her credentials are hacked, the file would read

JillydillyfromPhilly,Password1,234,03/01/2024 and be interpreted as

Userid=JillydillyfromPhilly, password="Password1", and date stolen is now garbage.

See how that works?

You're welcome. Stay safe online!

-p

**Transylvania Count** · 03-04-2024, 10:38 AM

If only it were that simple.

Commas are easily stored in CSV files by using quotes. In your example above, that information would be stored like this:
JillydillyfromPhilly,"Password1,234",03/01/2024

**privacyxyz2** · 03-04-2024, 01:08 PM

Originally Posted by Transylvania Count

If only it were that simple.

Commas are easily stored in CSV files by using quotes. In your example above, that information would be stored like this:
JillydillyfromPhilly,"Password1,234",03/01/2024

Yes, true, but not everyone knows to do that. It's still a good practice, albeit not foolproof.

**PepsiCorp** · 03-04-2024, 06:25 PM

A better practice is to use different complex passwords for every site and change them often. If you use the same password and email everywhere, your accounts are only as secure as the least secure site. I'd recommend a password manager like 1password, last pass, bit warden, etc to manage a password list.

Using a special character in a password is a good idea, but I don't see a comma doing much since as mentioned text qualifiers are a pretty standard practice.

**Lovinglifeinaustin** · 03-04-2024, 06:37 PM

Use long pass phrases with special characters.

Check out this chart that shows how long it takes a computer program to crack passwords.

IMG_3863.png

We can buy password cracker apps off the interwebz. I bought one last year to recover a file whose password I had forgotten. Did not take long.

**baja22** · 03-05-2024, 09:27 AM

That's scary.

Thread: PSA on Passwords

Thread Tools

Display

Hybrid View

PSA on Passwords

Posting Permissions