Jump to content
xisto Community
Oxford

Passwords That Should Never Be Used How to create strong passwords and hacksafe passwords

Recommended Posts

Another hint is use some different passwords :Like the password for POP mail is sent over the network in plain text , so this one is easy to decode.You may use a strong password but if you are using everywhere the same, once you get one you get them all.And so you can make it so hard that you even can't remember your own passwords.There are even freeware programs to store all your passwords in 1 application.

Share this post


Link to post
Share on other sites

Quote Absolute: L@tS0fcH4r5_|v|4kE490oDPA5Svv0rD^?Actually, this is pretty easy to crack... it's made of dictionary words all with alternate representations - you can code a program to take that into account. Maybe you've even prompted a hacker to create a program that does that. :) Plus, you wouldn't remember the capitalization... I hope. :(Also, "CircLEsarEfun57ILIKETrainS" or the such is not a good password either because it is made of dictionary words... programs can get around this.A good way to make a short password is to make up a word:e.g.Aedapathat isn't in the dictionary...homevti is not a good pass because it is mostly a dictionary word...also, ylper (reply spelled backwards) is very easy to crack because programs check for words spelled backwards...Eventually any password is crackable, but if it is 15 letters or longer for a windows password, it takes months to crack. I mostly know about windows password, but the easy-to-hack hash type can only go up to 14 letters, after that it is much harder to crack.Hope this helps someone...

Share this post


Link to post
Share on other sites

They arn't the best examples of passwords that you should use...

 

You need Special characters like: @~{}]['#/()*"$%"^!

Lowercase Letters like: abcdefghi

Uppercase Letters like: ABCDEFGHI

Numbers like: 01234567

 

All this will create the best password for example:

 

L@tS0fcH4r5_|v|4kE490oDPA5Svv0rD^Ł

 


I agree!! You should use number, letters and symbols so that you password is not easy to guess. You want a password you can rememember but one that others can not guess.

Share this post


Link to post
Share on other sites

I think most of the more modern scripts nowadays, from FTP control php scripts to more complicated discussion boards, have built in functions to tell whether a password provided by the user is a strong or a weak one. I have come across such a discussion board. It informs me that the password I am using is a weak one and it does not allow me to proceed until I provide another one. I am not using something like my date of birth or a string similar to my user name as the password, it just turns out that since they are all alphabets, the security is still not good. I have to put in some numerals in my string to make it stronger to pass the security check. I think such built in functions are quite good.

Share this post


Link to post
Share on other sites

To make a decently secured password go to http://www.javascriptsource.com/. Make sure that the length of your password is at least 6 characters (although it really should be 10) and that all of the "character option" checkboxes are checked.

My password wasn't on the list :), although I didn't expect it to be.

Share this post


Link to post
Share on other sites

Yeah passwords are one of the things that one should be very careful with. It is easy to make a good password but it is much easier to make a bad one and risk loooots of your money, work and god know what more if hackers really get into you. So take all the advices that were said up there and use them so you'll be safe..

Share this post


Link to post
Share on other sites

I dont really have a use for things like that, because I try not to make enemies so no one really want's my passwords. I mean, I don't exactly have an easy password either, but still. I don't think that anyone should be all that worried unless they are a *BLEEP* of some sort.

Notice from Dooga:
Please watch the language. Even if it's censored, it would be much better to practice a good use of language instead of having a machine do it for you.

Share this post


Link to post
Share on other sites

One of the saddest things I've heard was alot of people use the word "password" as their password. Even for servers of corporations, the people who had setup their servers used the password "password", as the password for the servers. Which is stupid.

Share this post


Link to post
Share on other sites

Sometimes when I register for boring "register to view it all" types of sites, I just use usernames and passwords like "jenny" or "googleaaa" because I'm lazy :)

Share this post


Link to post
Share on other sites

It is the rule of the thumb not to use any word that is present in any dictionary as your password. Even if you combine them with numbers it will be easier to crack. The longer the word and the more complex it is it will become more secure.

Share this post


Link to post
Share on other sites

My mom tells me that at her workplace, they use Unix root passwords (or something called that, I only remember the word "Unix".)

 

These passwords have to be exactly 8 characters long, and must contain one of each of the following:

 

1. an uppercase letter

2. a lowercase letter

3. a number

4. a special character

 

So a password like "E==m*c^2" (Einstein's forumla in C++) would be valid, but a password like "abcdefgh" wouldn't.

 

Here's a very simple rating system that KDE uses to determine password strength:

 

1. Count how many uppercase letters there are (up to 4 are counted)

2. Count how many lowercase letters there are (up to 4 are counted)

3. Count how many numbers there are (up to 3 are counted)

4. Count how many special characters there are (up to 5 are counted)

 

5. Add these numbers up, and take a score out of 16. A score of 7 or 8 would take about 7 days to guess if the program cracking it tried at 40MHz (40,000,000 attempts per second).

 

Here's my own:

 

0. The score for any category is calculated with the following formula:

 

(<priority>) - (<priority>) / (<number of characters in category> + 1)

 

1. Count how many uppercase letters there are. The priority for category 1 is 5. (26 chars total)

2. Count how many lowercase letters there are. The priority for category 2 is 5. (26 chars total)

3. Count how many numbers there are. The priority for category 3 is 3. (10 chars total)

4. Count how many keyboard-accessible special characters there are. The priority for category 4 is 7. (32 chars total)

5. Count how many other special characters there are. The priority for category 5 is 15. (129 chars total)

 

The password "E==m*c^2" would get a base score of 12.933333333.

 

EDIT (2008-02-12 21:53:30): After this, the score is converted into a score out of 100. (I decided to do this to incorporate length into the score.)

 

The formula looks like this:

 

100 - 100 * (0.90 ^ <length>) * (0.90 ^ <base score> - 0.025)

 

So the final score for "E==m*c^2" would be 90.057142284048211935767242789242.

Edited by tricky77puzzle (see edit history)

Share this post


Link to post
Share on other sites

I usually am very careful when I create passwords for logins.. It actually depends on the account that it is being assigned for...Like for example, if it is for something personal like a personal email account or something.. I either randomly squash the keys or if at home, I get my cats to generate the password for me they do it by hitting the keys they like best :o .. But if it is related to work or of high priority, I follow an algorithm that is usually used for generating passwords :D

Share this post


Link to post
Share on other sites

Of course, when choosing a password, it is also a good idea to choose something that you can actually remember. Some password like sE9@&F1rt` is going to be hard to memorize.BTW, I'm making a random password generator right now. I'll be putting it into my experiments folder.

Share this post


Link to post
Share on other sites

Remember the movie "Hackers?"
What were the Plague's four most commonly used passwords?

Love, Sex, Secret, and God!


Wow! I can't believe someone just brought up the exact thing I thought of when I saw this topic! Great ideas everyone. My passwords tend to be somewhat secure... never terrible, but never great. Alas, such is the result of laziness. :o

Share this post


Link to post
Share on other sites

Since people are now tapping into the power of GPUs to run many millions of passwords through the system every second - I think they have a rate of roughly 200MHz, or 200,000,000 combinations per second.

 

However, a technique I quite like using to create a secure password is to use a line from a song. For example, Amarok is currently blasting out "Our House" by Madness :P I could take the following line:

 

Our house, in the middle of our street.

 

And make it a very secure password:

 

ourhouseinthemiddleofourstreet

Only lowercase letters! I hear you cry :P Well, it is actually incredibly secure:

 

2630 possible combinations of letters in a 30 character password, if you know it is all in lowercase.

 

At 200,000,000 attempts per second, that is 2630 divided by 200,000,000 = 1.41x1034 seconds to go through all the possibilities. That is only 4.5x1026 years to guess it.

 

If you look at the maths, length is far more important than the variation of characters that you use (although, obviously, that helps). Song lyrics are also a bit easier to remember than something like Tr4P17_RuL3Z! as a password.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.