Edward Snowden on Passwords: Last Week Tonight with John Oliver (HBO)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Password managers people, password managers.

Memorise one long complicated password, follow these guidelines, for your password and make that the password for your password manager.

Then use your password manager to generate 256 bit hex keys for every other thing you need a password for.

Most of my passwords look something like this:

692d59442bb694842cbc8d2f7cda01bf9a6004bb5f23cbaf60035737e1ef409c

My password manager password looks something like this:

Iliketexting.Shoptillyoudrop.Dadadadadada.Charge it.

Password!

I like obscure references that stick in your head, but would be unlikely to be in any sort of hacking-tool dictionary (until this one, now, obviously). The above is from one of my favorite SNL sketches. The way Vanessa Bayer almost sings I like texting. Shop till you drop. Da da da dada da. Charge it. is both hilarious and very easy to remember (really sticks in your head), but would take a long time to brute force. Try and go for something like that.

Here's the sketch

👍︎︎ 43 👤︎︎ u/jmkni 📅︎︎ Apr 09 2015 🗫︎ replies

Man his voice is so COMFORTABLE TO LISTEN TO

👍︎︎ 36 👤︎︎ u/[deleted] 📅︎︎ Apr 09 2015 🗫︎ replies

Edward Snowden looks like a guy I'd hang out with. He probably wouldn't hang out with me, though.

👍︎︎ 48 👤︎︎ u/SupremeBuffalo 📅︎︎ Apr 09 2015 🗫︎ replies

Some people use the same answer for every secret question. For example:

Q: Who was your first grade teacher?

A: biscuits

Q: Where were you born?

A: biscuits

👍︎︎ 20 👤︎︎ u/5_sec_rule 📅︎︎ Apr 09 2015 🗫︎ replies

Even with passphrases, be careful. If you choose a passphrase that has existed anywhere – a book, a song lyric, or anywhere on the internet – you risk the possibility of being brute forced. It seems crazy, but consider this guy whose Bitcoin brain wallet was cracked because his passphrase was from some obscure poem written in Afrikaans.

Basically, if you think there is even the possibility that Googling your passphrase might return "1 or more results", do not use it.

And with that being said, here's a shameless plug for useapassphrase.com, which is an entirely client-side generator for randomized four-word passphrases. Generally the passphrases it creates should be completely unique and most of them will take hundreds of centuries to brute force.

👍︎︎ 49 👤︎︎ u/mikehearn 📅︎︎ Apr 09 2015 🗫︎ replies

This is his best episode yet in my opinion.

Dick pics might be our only hope for americans to start being pissed off at being spied upon by their own government...

👍︎︎ 17 👤︎︎ u/Toledu 📅︎︎ Apr 09 2015 🗫︎ replies

Before we get people to use quality passwords we need some semblance of a standard.

👍︎︎ 7 👤︎︎ u/PopWhatMagnitude 📅︎︎ Apr 09 2015 🗫︎ replies

Is it Monday?

👍︎︎ 15 👤︎︎ u/[deleted] 📅︎︎ Apr 09 2015 🗫︎ replies

ELI5 why can't we just have short passwords and servers that block access after several attempts have been made?

👍︎︎ 3 👤︎︎ u/john4564 📅︎︎ Apr 09 2015 🗫︎ replies

Captions

why are passwords so important or why is it important that we have better ones than the ones that we do have because the ones that we do have are embarrassingly bad bad passwords are one of the easiest ways to compromise a system for somebody who has a very common eight character password uh it can literally take less than a second for a computer to go through the possibilities and pull that password out for an eight character password right right right my password is five characters that's not a joke that's bad right that's really bad okay so which of these seem like good options password but spelt w-e-r-d this is a joke right uh-huh no uh yes that would be within uh normal password dictionaries permutations of common words but it's misspelt though so that was the kind of tripwire on it right it's still eight characters even if it's not uh within your password dictionary which would mean okay okay okay it was about it's about it's bad ones it's a bad one that's why i got some more um one two three four but spelt out that's not gonna help you okay um limp bizkit forever with limp bizkit spelled properly but forever not that's also not gonna help you okay really i think the best the best advice here is to shift your thinking from past words to past phrases think about a common phrase that works for you that's too long to brute force and also make them unlikely to be in the dictionary admiral alonso ghost penis 420 yolo that's pretty good right it's memorable too right it's memorable it's got all the other things you like like characters and numbers yolo capital letters obviously i shouldn't say now i can't use it it can actually be a lot harder to remember a password that they tell you has to be 13 characters long or something like that it has to have exclamation points it has to have numbers it has to have uppercase and lowercase letters and things like that than it is to remember a simple phrase like margaret thatcher is 110 sexy wow that is a password that not even a computer would guess now you're right okay i get it i get how important it is i i fully understand that the problem is i'm not gonna do it because it seems hard even though i know it isn't you're killing me sorry you

Info

Channel: LastWeekTonight

Views: 5,072,071

Rating: 4.9369335 out of 5

Keywords: edward snowden, john oliver, password, surveillance, nsa

Id: yzGzB-yYKcc

Channel Id: undefined

Length: 2min 58sec (178 seconds)

Published: Thu Apr 09 2015