Jump to content
xisto Community
Sign in to follow this  
gladiator_us

Passwords pws

Recommended Posts

P@$$W0RD$Email addresses, messengers, network logins: they're all protected with passwords, but the fact that we have a password isn't enough to protect. It's the 'kind' of passwords that we choose which actually decides how protected our systems are.Here are the don'ts that you should keep in mind while creating a password:Don't use names of people, places, pets etc. These are the most obvious choices and are the first options someone will check to find a match and it often works. Also, don't use your phone number, birth date or any other obvious personal detail as your password.Don't use a word from the dictionary. The most common password cracking method is the 'dictionary attack' and involves trying the words from dictionaries, not only the English dictionary but from many other languages too, to see if any word is accepted as the password.Don't use a combination of words either. If, when cracking a password, words direct from the dictionary don't yield a results then combinations and hybrids of words are used next.Don't use popular names/titles/words/phrases from books/movies/songs.Don't make a password that consists of either all numbers or all alphabets. Passwords that consist of a word followed by a number are also very easy to crack. Instead of this approach, you should try using both alphabets and numbers and alternating between the two. Additionally, try to use both upper and lower case characters and try to use as many characters as possible.Here are some methods that you can try for making easy to remember but difficult to crack passwords:Pick a phrase that you can remember easily. It can be some lyrics from a song, a movie tagline, an idiom, something off a bumper sticker...absolutely anything as long as you can remember it easily. Let's use 'Polly wants a cracker' as an example. Now pick a number you can remember easily, like your date of birth, say '25/05'. Interlace the first character of the phrase with the number. In our example, if you're alternating after one character, the password becomes 'p2w5a0c5' and '2pw50ac5' if you start with a number and alternate after two characters.Pick a phrase and kick out some of the vowels. For instance, 'To kill a mockingbird' becomes 'tkllmockngbrd'. Now add some numbers. You can delete a character at the place where you insert the number, like 'tkl2mockn5brd'.Use net lingo. Everyone uses stuff like GR8 and 2morrow in emails and chat messages. You can simply use them in your password. Strings like 'GR8ness' and 'L8R2day' may be used as they contain both numbers and alphabets and also use both upper and lower case characters. Better still, get creative and make some of your own!Pick a word or a resulting phrase from any of the previous three methods. Now replace characters with substitutes like '@' or '$'. For example, 'password' becomes 'p@$$w0rd'. Or just add characters to a string (without the replacement). Taking 'popcorn' and adding different characters and numbers gives us 'p$Pc,r6n'.Choosing a password using any of these methods will make your password safer but every password can be cracked...eventually. So change your password frequently (say at least once a month) and try not to use the same password for more than one account."We proposed some solutions to stop receiving unwanted messages. In the next 18 months, spam will no longer be a serious problem," Gates told a forum of Arab government representatives in the Egyptian capital.Spam accounted for nearly two-thirds of all email traffic in December, a record high, US-British filter firm MessageLabs said earlier this month.

Share this post


Link to post
Share on other sites

It's all true about passwords, but it depends how much you care if somebody hacks your account or not. My passwords aren't usually complicated, but I've never yet had a problem. I might be just lucky of course, but unless you're running a huge project online I don't see that the chances of having a problem are very high. Maybe I'm just naive.

Share this post


Link to post
Share on other sites

The people who change their passwords every month are paranoid.Unless they work in a security-integral environment, in which case it's justified.But still, having a completely meaningless 13-character password that you change every month is just paranoid. >_> Plus, if you don't use the same password for a few accounts, eventually you'll end up forgetting them and having to write them down somewhere.Which is even more dangerous, if someone gets ahold of it.

Share this post


Link to post
Share on other sites

Then of course, there are the 'password holders' that themselves have a single password. This has its ups and downs, if someone is trying to break in, all the passwords are random. And its a bit better than writing them down, because even if the attacker gets a hold of the password holder they have to break into it. If its designed well, that can take some time, giving the defender time to change and re-issue passwords.

Share this post


Link to post
Share on other sites

AS far as password are concerned ... have any of you played with jtr (john the ripper). A couple of years ago I used jtr to check the integrity of passwords my staff were using on their accounts. If jtr could rip them within 5-10 mins ... I would ask them to change to something else - with a few pointed guidlines of course ;-). I don't know if jtr is still available, I still have an old version on my freebsd box. If so, run your passwords through it and see how you fare!cheers

Share this post


Link to post
Share on other sites

I have always used large password e.g. 75m4g558a6h2p but i never tend to change them often its just to much trouble. Its atualy suprising how many people dont use the guidlines that are said, most of the people in my college use names of pets and names of family.

Share this post


Link to post
Share on other sites

I typically use a leveling system for my passwords. For most sites where security is of little concern, I use a single password. This offers me the ease of being able to remember my password as well as provide a basic level of security (much like the air shield in SpaceBalls). Remember too that most websites/applications require a minimal amount of security, so this password is used in most cases.My next level is a more complex password where I need a higher level of security. As the number of places that require this level dramatically decreases, the chances of someone being able to crack and use that password elsewhere is acceptably small. I consider this site to require this level of security.Finally, for uber-important places that require top security, I have a random code-generated password that may be unique for a particular site. The complexity for this password ensures that the average hacker will have a fair amount of work ahead of him to obtain it, and it cannot be used on other sites. I'm sure you can guess which sites require these passwords.So, now that I've laid out my security system, don't go get any ideas. ^_^

Share this post


Link to post
Share on other sites

it all depends on the system, who is running it and how secure i feel it will be. I have several passwords that i rotate around each account that are not very secure then i also have far more secure ones for important information and things i fear loseing. for instance Ebay account password etc is not a simple dictionary word.

Share this post


Link to post
Share on other sites

Te sad thing is you would think this would be common sense, but its not, another ting is how everything is sposed to have a diffrent password, but maybe if you are paranoid and can rememebr them all and what they goto, lol, the adverge american person has 4 diffrent password which i think is enough, thats all I use but and one is really stong, a have a couple of short, simple ones for things that 1 i don't care much for security of and 2 i want a short password because i use it all the time, ie my im client uses one of these but even still someone would have to know me pretty well to guess it and my forurth one is like in between for things that need a bit more protection.

Share this post


Link to post
Share on other sites

i have actually read an interesting article regarding secure password creation that i think is quite clever, what happens is you take a word that is easy to remember such as your name, then cipher it using a form of simple encryption that is easily repeatable. Use the ciphered version as the secure password and then if you forget it you have the word and encryption technique to fall back on, so you can regenerate it.

Share this post


Link to post
Share on other sites

It's all true about passwords, but it depends how much you care if somebody hacks your account or not.  My passwords aren't usually complicated, but I've never yet had a problem.  I might be just lucky of course, but unless you're running a huge project online I don't see that the chances of having a problem are very high.  Maybe I'm just naive.

<{POST_SNAPBACK}>

Same here I might be just lucky too :) my password are just to easy for me <----but for ------> you they should be a challenge :P since i use passwords of my own language :) But all that ^^ is just to true :P:D but i wonder what will be the next "password" method :P

Share this post


Link to post
Share on other sites

As far as passwords go, mine probably aren't very secure; then again, I don't really need a high level of security, so I just pick passwords that are easy for me to remember.However, a couple of ideas that might be good regarding passwords. One, it is probably a very good idea to pick new passwords periodically. And two, when making the passwords, it might be a good idea to use various languages, if you know any.For example, you could use a mix of English and Spanish or Elvish and Klingon :) to make a more secure password.

Share this post


Link to post
Share on other sites

you could use a mix of English and Spanish or Elvish and Klingon

lol. my passwords aren't secure too but i don't think i can help it. i mean there are tons of things around me that need passwords and i'm not the kind of person that has a good memory so i use the same passwords for almost every thing and change them only maybe once every 6 months.
good idea about using another language though.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.