Logging in to everything, suddenly

A few days ago for reasons totally beyond me I was required to log in to my Google Calendar, always my first port of call for the day, so I had to go and search for my password. Then it happened with the BBC exchange rate site, Orange , and worst of all Facebook. The only reason I am on FB is to keep in touch with my son (he prefers that to Skype) and one person who never responds any other way but I thankfully rarely want to speak to. But it refused to accept any form of username, email address or password. Then suddenly it called me by my real name and I was in. :astonished:

What is going on? What have I done? I always shutdown at night in the approved manner and start the day with History/Restore Previous Session. No change. Even just now I got into SF but when I tried to make a reply it suddenly asked for a password but, by the time I had found it and turned back, I was in anyway. :astonished:

Please don’t go on about clouds and single passwords, clouds are for rain, anything else I don’t trust, and I have done without them up to now, so what has changed? :slightly_frowning_face:

Sounds like a load of cookies expired in your browser.

And, no, I don’t mean the ones that you bake :slight_smile:

Possibly a browser update - I often find an update of Firefox requires me to log in to some sites freshly.

David, does your browser store your passwords? That can make life easier.

Not as far as I know, but doesn’t that destroy the point of a password? I have had Firefox updates before but never this has happened and the last update was not just before all this started.

It started one night after I had shut down then remembered something I wanted to do so logged on again. That was a few days ago and every day since it has happened.

My computers are all password protected and for automatic entry where the site ‘forgets’ I have to enter the computer password first.

Pretty much all do, unless disabled.

1 Like

So what is the remedy if it continues? We have just had a 90 minute power cut and I thought I would have to go through the whole lot again, but not here it appears.

I am sure Billy is the expert here but …

I am wondering if the age of the operating platform in David’s phone may be the issue? Programs and company servers are being constantly updated, especially regarding security. If a mobile phone is not also getting current tech updates, doesn’t it start to ‘stutter’ a bit?

Being required to re-enter passwords may also happen if the cookies and cache have been deleted or are no longer automatically recognised.

I am currently drawing out the final breathe of life of my old faithful iPhone 7, so can relate. :sweat:

I do not have such a phone @Susannah it is on the computer that this happens, does that make a difference?

Sorry, how old is the computer? Sadly, in tech five years is ‘old’. Your operating platform (IOS if it is Mac) or a Microsoft program will no longer receive updating after a certain time. The hard drive is usually is pretty filled up by then anyway, so that can mean the end of life. All sorts of weird things (technical term) start happening as the poor thing is on its last leg

IIRC it’s not an old pc/laptop.

I have an extremely old PC amongst a number of other machines (Windows XP!!!) and the browser works fine with no password requests apart from the sites I deliberately enter each time. Last time everything was cleared was when I cleared out the caches and the time before was one of the periodic “security” resets done by the site in question. Losing all of them at ones has never happened to me except when I had deliberately cleared everything out.

EDIT We also have a habit of clearing out really old machines, archiving any data, and then installing an appropriate version of Linux on them. I don’t believe in coninuously getting new kit unless it really is essential for what I want to do…


If you use a password manager it can auto fill your credentials for you. It also means you can have massively complex passwords because you don’t need to remember them. It also helps against password reuse.


@Griffin36 is right I only bought it last year so age can’t have anything to do with it.

@Gareth That is just what I don’t want to do, how much worse would it be if I did not have this list of passwords alongside me if this ‘password manager’ went belly up for some reason.

In any case not having a password manager did not effect it before a few days ago, something changed and I can’t pin it down. It did it on Trucknet an hour or so ago but I ignored the request and, like here on SF, it let me in anyway. PAD, the Dobermann rescue forum often, but not always, asks for a password but again I ignore it and go straight in.

A commercial offering is going to provide you with 24/7 support, resiliency and redundancy. Do you have an off-site backup of your written down passwords in case something happens to your handwritten list?

Otherwise storing credentials in your browser is another option, instead of typing them manually.

At the end of the day it’s your call though.

… for scammers logging in to your system and stealing you data.
Best using a secure password manager like Bitwarden rather than commit them to the browser to store :wink:

This is a great article about storing passwords in browsers vs using a password manager, written by someone who works at Google’s Project Zero Initiative


Edit to add: personally I still prefer using a password manager myself :slightly_smiling_face:

To me that is the same as entrusting your passwords to someone else, something I am not prepared to do, who knows what is going to happen to the best run orgaisations in the future, or who can get hold of whatever they have?

So yes, the written down ones alongside me now are just temporary until I can get past this nuisance, otherwise they are only on 2 separate external hard drives.

Not really. You’re putting your trust in cryptography, not someone or some company.

Password Managers encrypt your passwords using a key that is made up of 2 parts: the password to your account (which the company knows) and a secret key (which they don’t know).
This prevents an employee or an attacker who compromises their network from being able to decrypt your data.

The actual encrypting of your passwords is always performed locally on your machine because it’s the only place where both components of the key is known.

Even if a rogue employee or an attacker did get access to your encrypted data and your account password, they’d be unable to crack your secret key due to its entropy. 1Password, for example, uses a 25 character, alphanumeric secret key which produces more than 2^128 possible combinations (or roughly 340,282,366,920,938,463,463,374,607,431,768,211,456 potential secret keys).

It’s actually more complicated than that because often the secret key is what’s known as a ‘derivative key’ whereby the original value is passed multiple times to a function and the derived output is used. The recommendation these days is to use 600,000 iterations (for PBKDF2). This iterating doesn’t take a password manager long because it’s only doing it once, but it thwarts an attacker from brute forcing your secret key because they have to do 600,000 iterations of each 2^128 possible combination.


I know you mean well @Gareth and I have heard it all before but it is all way beyond my comprehension. What happens if the company which knows the password to my account, as you put it, simply disappears into the ether, goes bust, bought out, catastrophic failure? Not really a question because I know I wouldn’t understand the answer. :smiley:

All acedemic now though 'till the next time (when I might myself have disappeared into the ether) because when I logged on a few moments ago everybody knows me and no need for a single password. In any case we are not talking about sensitive information here, a couple of forums for chat, whether or not an aide is due to arrive in half an hour, if there is a hello from my son in Thailand. Nothing important to anyone else. If I want to deal with my bank accounts of course I expect to have to use the appropriate passwords. :smiley:

1 Like