What type of accounts would benefit security wise from having a random user name?

What type of accounts would benefit security wise from having a random user name?

For accounts like Windows login, there would be no benefit. The user name is in a folder name visible to other users as well as on the login screen.
For website accounts like Wilders, the user name is visible to all.
For other websites, the user name is your email address which is somewhat public.

But some websites allow a username different from the email and the username is not publicly visible.
Also, router configuration pages are not publicly visible outside the LAN.

For these types of accounts (maybe others? sFTP? SSH? VPN?), would there be any security benefit from having a randomized user name like: 3E368665C3FE964E?
Would this not act like a double password making it more difficult to break into the account?
Why is this is totally unnecessary?

 

Hey D:

Thanks again.

I will reask Linksys and say the router limit must be specific numbers as you suggest.

For the record I'm on a wired not a wireless, but my question stands anyway.

I will post this reply in the new thread (if I can find it)

See you

 

Accounts mostly benefit from users changing default passwords. And of course WiFi warning stickers

 

Delvico:

Linksys has replied that the router user id and the password can be 5 characters minimum and 30 characters maximum. A/N no special characters:
Here is a 30 character bit strength = 171 from RoboForm2Go.

h2EuojAjpwT6jEVFOh0b9OjhmTYQ5GTg

Comments?

 

Hi diginsight,

Thank you for the answer.
That is quite a list.
So, as long as it is changed from the default, it doesn't need to be random.
I hope Schwarzenegger signs the bill.
It would be a simple solution with big security benefits.
Now if only people would read the labels!

 

That is a 32 character password.
Make one just like it 30 characters and I think that is plenty strong enough.
Of course use one different than you post here.

And the user names Delvico and Devinco have the same number of characters.

 

It's been 2 years since my 67 year old eyes were tested!

you have proven it is time....

it's a wonder I don't mix up with Da Vinci codes...

 

Your spelling is usually very good, so the reason was unclear.
Please do have a check up Celtic Friend.
And don't use any of the Da Vinci Codes as passwords.....they can all be broken just by typing Mary Magdalene.

 

Hi, Devinco

...... .

Take Care,
TheQuest

 

Devinco:

I failed grade 3 spelling! The invention of spell checkers was the greatest thing since John the Baptist (remember what happened to him!)

What I've never yet been able to do is spell check on my posts.

My thinking was this is like old email an informal tool where you didn't have to worry about spelling, grammer etc.

When you hit the abc spell check in IE 6 when on that browser you get this message "would you like to download ieSpell

http://www.iespell.com/download.php

Is this a good site/product?

 

No worries, Wilders is informal.
Intent is more important than spelling.
I wasn't sure, so I made the comment to bring out the clarification.
Now I understand, so no need for a spell checker, unless you want others to understand what you are saying.
For me maybe an intent checker would be good.

I have not tried it, but it was well received here at Wilders.

You might also consider tinySpell.
It was also well received.

For Firefox, there is SpellBound.
Be advised, for it to work with the newer versions of Firefox (1.5+), you need to use the Development version of Spellbound.

 

Hello,
Smart scanners rarely rely on strings for identification, so it's not that important.
Online name - what does it matter? What does your online name tell anyone about you? It's just a name.
As to email name - make one dedicated to public forums.
I have at least 3 emails I use for various forums - I even get confused sometimes.
Mrk

 

Devinco:

Had my eyes tested, seems the catarats have worsened, will see specialist next week re surgery. Fun eh?

I look forward to no glasses when all completed, (except reader for your posts)

your Celtic friend

PS I've had some fun stiring up the forum memember by challenging them to test there assumptions and systems, some don't like it at all! It's good for them.

 

Escalader,

I hope everything goes well for you.

Stirring things up now and then can be good if done in a way that people question their security procedures in order to improve them.

 

Random names could be very useful for preventing SSH attacks if you have remote root login disabled. Then, the attacker has to try to guess the correct username, then the correct password for that user. Pretty difficult to do in reality. However, this security plan fails if the attacker already knows the name of the user on the computer, or if remote root login is not disabled since the username is "root", so there is less guesswork. Other than that, I don't think it will help that much, since a strong password is pretty hard to break, and is the real key to the puzzle.

Cheers,

Alphalutra1

 

Thanks Alphalutra1.

 

Devinco:
Thanks, will get both eyes done within the next 2 months. Should be routine.

As to stiring the pot, yes, has to be done "right", a lot said why bother, these products are to old to be relavant others said they were proceeding to do more to test. IMHO What's the right way for one person is wrong for another.

Do you use prevx1 at all? If you have time take a look at Notok's post yesterday I think and my question to him post 11. He got ill in the middle of the discusion.

Looks real interesting if it truly captures parasites week ahead of standard scanners.

Your celtic friend