Password Choosing and Password Cracking

The other thing about passwords is that EVERY site you go onto these days requires them, and generally insists on them being fairly complicated. (8 characters, mixed numbers and letters, special characters etc.)

Well there are lots of sites which I really couldn't give a damn whether people can sign in as me or not.
The chrons is one, for instance. A hacker who wants to be farntfar for a while will probably write better challenge entries than I do, so good luck to them.
Anyone who wants to book an airbnb under my name is really not doing me any harm, as long as they can't use my debit card, so I definitely don't select "save my card details" on anything.

On-line banking etc get careful password creation, but not the local DIY shop.
 
I just keep things simple: any time I need a new password, I grab a random book, open to a random page, and use the first five words on the page. Then I just append a randomly generated number at the end (I won’t say the number of digits, save that it’s more than one), and if I have to I’ll change one of the letters to a symbol and shorten the phrase if there’s an upper limit to password length. That’s random enough for humans to have trouble guessing, long enough for computers to have trouble guessing, and easy enough for me to remember, if it’s a password I use often.
 
There are dozens of sites that require a username and password to sign in. Not advisable to use one and the same sign-in data for all and impossible to remember all of them in combination with the correct website. Also, imho, it is unwise to use passwords you can remember (words or phrases), because they are more prone to be hacked than passwords that are basically nonsensical. Nonsensical like pB$26Yhhf98&do_ or similar.
Password generators usually produce passwords like that in any length you wish.
All you need to remember is how you perform a Copy & Paste.


PS
In fact though, I was shocked to see @Harpo is using my universal password... ;)
 
With my advanced age and retreating memory I save all my passwords with Keeper, a password generator and storage app that can be found on all my devices. Just today I forgot my computer password??!! So I found it by going to my phone and plugging in my 10+ symbol nonsense password and retrieving it. (Turns out it wasn't my memory but my typing which was bad.)

All of my "money handling" site are with double verification. Pretty safe, but nothing is completely safe if someone is motivated enough and has resources enough.
 
Harpo said:
I like announcing publically that my password for everything is gU11i8L3
Click to expand...
A dedicated and relentlessly persistent hacker could guess it in only three years.

7D899C74-8840-46FE-AD89-3B70DC8392F1.jpeg
 
Good to know my most-used password would take 11 billion years to brute-force crack...;)
 
What I most like is that the chart goes all the way up to nineteen quintillion years.
Such a password would be safe even if everybody in the world was an expert persistent hacker and all working simultaneously on the one password.
(19qn/8bn= about half the lifetime of planet earth)
 
But all of this is really almost beside the point. Almost all passwords are hacked through some human stupidity or other (keeping the passwords on a paper in your desk, using your birthday year, using your street address, etc.) . And, how fast is "instantly" anyway. Even 4 numbers means that there are 10,000 combinations. If you have to plug the numbers in and even if you are allowed unlimited mistakes I still can't see how the average hack would be less than about 5 minutes.
 
Parson said:
But all of this is really almost beside the point. Almost all passwords are hacked through some human stupidity or other (keeping the passwords on a paper in your desk, using your birthday year, using your street address, etc.) . And, how fast is "instantly" anyway. Even 4 numbers means that there are 10,000 combinations. If you have to plug the numbers in and even if you are allowed unlimited mistakes I still can't see how the average hack would be less than about 5 minutes.
Click to expand...
Perhaps there are that many hackers out there trying to access whatever they can at any time, that those 10,000 combinations would indeed all be guessed instantly. It doesn’t matter which particular hacker succeeds.
 
Harpo said:
Perhaps there are that many hackers out there trying to access whatever they can at any time, that those 10,000 combinations would indeed all be guessed instantly. It doesn’t matter which particular hacker succeeds.
Click to expand...
If that's what they mean than they should say something like "A password of four numbers provides no safety."
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
Astro Pen Password manager Technology 2
M Study on choosing trees for an urban environment Science & Nature 0
M Password Fishing Technology 14
G Short story about aliens invading earth & choosing a wayside drunk as a vehicle - Book Search 2
HanaBi Password Managers Technology 5

Similar threads


Back
Top