2
At the moment I am concerned about the security of my Facebook account. I have taken advantage of Facebook's ability to accept very long passwords with special characters, and created a password that is very long and has such characters (such as ⊖, ⊒, ⋑, etc.) The idea is that anyone trying to hack my Facebook account would either be confused by the password, or would be unable to type, or copy and paste said password into Facebook with Windows. (The hackers I am concerned about run Windows.)
The password works when I copy and paste it into the Facebook home page, but the problem is, it doesn't work when I copy and paste it into programs like Telepathy, my desktop chat application that connects to Facebook, or Spotify, which I login to with my Facebook password. Is there a way that I can get these programs to read the password correctly? Maybe the programs (on an individual basis) have a file where the passwords themselves are kept, and I can put the password there.
The main point here is to keep my Facebook account secure from hackers that use paid, online programs to get my Facebook password. I would like to understand, too, what the issue actually is: does the GUI that asks me for the password only accept characters in an encoding that does not support the characters I use?
Thank you very much.
Guest
Posted 2013-06-13T22:23:14.440
Reputation: 21
+1 Good question! Not much in the way of evidence of research. But, it appears that you've put some good thought into the how and why of what you're asking. – killermist – 2013-06-13T22:46:28.947
What OS do you use, and what do you mean copy and paste this password? Are you keeping it in a text file? – cutrightjm – 2013-06-13T22:51:57.743
killermist, are there guidelines for questions? If so, where? Thanks! – Guest – 2013-06-13T23:14:33.623
ekaj, I am using Linux. The password itself is in a UTF-8 text file, I copy it from there. – Guest – 2013-06-13T23:15:42.267
killermist, in light of your comment, I will do some original research of my own on the guidelines. (searchfgold6789 = Guest) – Richard – 2013-06-13T23:59:19.883
The problem is many apps/sites filter problematic characters. For instance Paypal doesn't allow pasting which is a real suckout if you use supergenpass. Check this interesting page though http://www.codingthewheel.com/archives/radioactive-search-hardened-user-name-for-online-poker/
– osknows – 2013-06-14T00:08:54.873osknows, all right then. It looks like the solution, for now, is to just use Facebook online, and use the Spotify Web player. It would be great if these programs used the Facebook "login key" method, but alas they do not, instead they ask you to trust them with your password. I will continue my hunt for config files that contain the password. Perhaps I can put the password right in and then save it as UTF-8 or something. – Richard – 2013-06-14T01:27:42.707
For future reference users are called like on twitter, @ekaj for example, and I will be notified of a response. Although your "attackers" may be using Windows, it is still unwise to keep your password in a text file regardless of the circumstances. – cutrightjm – 2013-06-14T08:23:40.043
Have you considered enabling Facebook's two-factor authentication? You could use a strong password (without special characters) and even if a hacker discovered it written on the bottom of your keyboard, unless they also had your cell phone and could read your text messages, they couldn't get in from an untrusted device. – BillP3rd – 2013-06-18T21:49:31.790
@BillP3rd Unfortunately, I do not have a cell phone, and entering the cell phone number for a non-normal phone number (e.g. an online service such as Pinger) does not work. But thank you for your suggestion! – Richard – 2013-06-20T20:17:59.290
I have solved the issue with KDE Telepathy. I simply used the KWallet management tool to change the contents of the wallet for the Facebook password. After erasing the data already there, and pasting it in again, things worked. I examined the entire Spotify program thoroughly and there was no place in which the password itself was stored. I think a special authentication key is created, and the password itself is never mentioned except by the user to the login window. Spotify should really update this so that we really login with Facebook's key system, not Spotify. – Richard – 2013-06-20T20:20:56.130
(In the meantime, the Spotify web player is working excellently for me.) – Richard – 2013-06-20T20:22:03.433