|
While I tend to agree with you (Google the words in my above post),it this is not necessarily better, here a good read: http://arstechnica.com/security/2013/03/how-i-became-a-password-cracker/[^]
So you would need more than only putting more letters. For instance correctbatteryhorsestaple is easily found with a 4word rule in hashcat.
~RaGE();
I think words like 'destiny' are a way of trying to find order where none exists. - Christian Graus
Entropy isn't what it used to.
|
|
|
|
|
Not with my speling.
|
|
|
|
|
Korrekt whores battirie stapel
Seems legit
My plan is to live forever ... so far so good
|
|
|
|
|
This skcd[^] post mislead me then
To alcohol! The cause of, and solution to, all of life's problems - Homer Simpson
----
Our heads are round so our thoughts can change direction - Francis Picabia
|
|
|
|
|
|
Display Name Taken wrote: asdfgh Thanks a lot. Now I have to change my password.
There are only 10 types of people in the world, those who understand binary and those who don't.
|
|
|
|
|
What about zxcvbn? Don't whatever you do use qwerty its too insecure.
|
|
|
|
|
Display Name Taken wrote: zxcvbn
Great... now I have to change my password. Thanks a lot.
You can lead a developer to CodeProject, but you can't make them think.
The Theory of Gravity was invented for the sole purpose of distracting you from investigating the scientific fact that the Earth sucks.
|
|
|
|
|
change it to your dogs name or something on that lines, you can set your hint up to tell you what you used
oh and don't forget to put your dogs name(or what ever you choose) on facebook
You cant outrun the world, but there is no harm in getting a head start
Real stupidity beats artificial intelligence every time.
|
|
|
|
|
Bergholt Stuttley Johnson wrote: your dogs name
I was actually thinking that Duncan's solution below was a pretty good idea. The problem is, is I don't know the words to God Save the Queen so it would not work for me.
You can lead a developer to CodeProject, but you can't make them think.
The Theory of Gravity was invented for the sole purpose of distracting you from investigating the scientific fact that the Earth sucks.
|
|
|
|
|
Bergholt Stuttley Johnson wrote: change it to your dogs name or something on that lines, you can set your hint up to tell you what you used Since a pic is worth a thousand words - here's a copy of a pic I saw the other day.
https://www.yellloh.com/posts/i-changed-all-my-passwords-to-incorrect[^]
"When I was 5 years old, my mother always told me that happiness was the key to life. When I went to school, they asked me what I wanted to be when I grew up. I wrote down 'happy'. They told me I didn't understand the assignment, and I told them they didn't understand life." - John Lennon
|
|
|
|
|
|
what's wrong with "password" I have been using it for years
You cant outrun the world, but there is no harm in getting a head start
Real stupidity beats artificial intelligence every time.
|
|
|
|
|
Nothing really and you are not alone, its still the most common one in use.
|
|
|
|
|
Solution: Always use a random password generator. Then every time you want to access a website, click on 'forgot my password'.
|
|
|
|
|
You could do this without any maths by having a particular song in your head that you know all the words to (for example the national anthem) then for any given site, find the first instance of the first letter of the site name in the song (e.g. for codeproject it could be "God save our gracious queen" then take the number of letters after that letter that correspond to the number of letters in the site name (e.g. for codeproject this would give "cious queen", trim spaces and replace vowels with the ordinal of the vowel in aeiou.
So - after all that you get the uncrackable password: c345sq522n
Then don't forget not to reveal this method and password to the whole world.
|
|
|
|
|
"Can you just check if Bob sent you that mail ?"
"Hold my beer, I need to recompute my password"
~RaGE();
I think words like 'destiny' are a way of trying to find order where none exists. - Christian Graus
Entropy isn't what it used to.
|
|
|
|
|
Every one knows your suppose to keep your password on a sticky note attached to your monitor.
|
|
|
|
|
Duncan Edwards Jones wrote: So - after all that you get the uncrackable password: c345sq522n
Great... now I have to change my password. Thanks a lot.
|
|
|
|
|
Pro tip: Just add "1" at the end.
|
|
|
|
|
My tried and true Perfectly Automated Security System With Otherwise Randomizing Denotations, or P.A.S.S.W.O.R.D., works best for me.
Or was that Pathetically Absurd Silly Statement With Otherwise Rubbish Dialog?
|
|
|
|
|
Its good practice to use secure passwords that are a mixture of letters, numbers, and punctuation. Got that. Its good practice to not use familiar words. Got that. It is good practice to have different passwords for each site. Got that. It is good to make passwords as long a possible. Got that.
Great! I have 167 different passwords using random characters, each 20 bytes in length. Oh. Did I forget. You shouldn't write down your passwords, either. AWESOME!
At work I use the same 8 character password across all servers and mainframe so I only have to remember one. It comprises upper lower characters, numbers, and punctuation. Each character is typed switching hands, so right left right left, and so on. And it changes every 45 days.
At home, I use four or five variants of the same complex password that is 14 characters in length.
I think I'm good until some site is hacked and its all exposed.
|
|
|
|
|
An interesting idea, but seriously, when's the last time you heard about hackers getting into an account by brute force cracking the password? Its all about social engineering and vulnerabilities like bashbug.
I like his idea, I might even use it someday, but since the passwords are not really the weak link in the security equation anymore, it seems like a lot of effort to make yourself no more secure.
We can program with only 1's, but if all you've got are zeros, you've got nothing.
|
|
|
|
|
I use multi-factor authentication. My finances are on my Surface Pro. I always run Quicken on an external monitor, and Quicken isn't smart enough to reposition the launch location when the monitor isn't connected. As for my passwords, they're all in Norton on my old laptop.
|
|
|
|
|
I still prefer using Base64: CodeProject ==> Q29kZVByb2plY3Q= Done.
|
|
|
|