Send News. Want a reply? Read this. More in the FAQ.   News Forum - All Forums - Mobile - PDA - RSS Headlines  RSS Headlines   Twitter  Twitter
Customize
User Settings
Styles:
LAN Parties
Upcoming one-time events:

Regularly scheduled events

Evening Safety Dance

View
13 Replies. 1 pages. Viewing page 1.
< Newer [ 1 ] Older >

13. Re: Evening Safety Dance Jun 29, 2013, 00:53 eRe4s3r
 
rist3903 wrote on Jun 29, 2013, 00:05:
Rhialto wrote on Jun 28, 2013, 22:15:
rist3903 wrote on Jun 28, 2013, 22:02:
https://xkcd.com/936/

The xkcd concerning password strength.
Excellent! Is that old? I see no date...
It is about 2 years old.


It's also only based on the assumption of a web based brute force attack. As opposed to a hash one (which is where the magic of billion+ of attempts per second happens ,p)
 
Avatar 54727
 
Reply Quote Edit Delete Report
 
12. Re: Evening Safety Dance Jun 29, 2013, 00:05 rist3903
 
Rhialto wrote on Jun 28, 2013, 22:15:
rist3903 wrote on Jun 28, 2013, 22:02:
https://xkcd.com/936/

The xkcd concerning password strength.
Excellent! Is that old? I see no date...
It is about 2 years old.

 
Reply Quote Edit Delete Report
 
11. Re: Evening Safety Dance Jun 28, 2013, 23:38 Frijoles
 
Cutter wrote on Jun 28, 2013, 22:31:
Your bank PW needs to be secure. Most other sites, not so much.

Sadly, my bank's password requirements are worse than most game websites. For a while (luckily they changed it), they REQUIRED it be a specific length.. something stupid like 6 - 10 chars. When asked about an authenticator, they gave a generic "Our site is super-secure, srsly" email.

I've decided that the more important a website is, the worse their password policy is.
 
Avatar 6700
 
Reply Quote Edit Delete Report
 
10. Re: Evening Safety Dance Jun 28, 2013, 23:13 dj LiTh
 
Cutter wrote on Jun 28, 2013, 22:31:
Your bank PW needs to be secure. Most other sites, not so much.

I'd add email to that list, as if you have a default email address you can more then likely pour through the info and reset the more complex secure passwords
 
Avatar 46370
 
Reply Quote Edit Delete Report
 
9. Re: Evening Safety Dance Jun 28, 2013, 23:08 Red
 
Biggest effing "duh" ever? I mean seriously. Every non-moron person I know in the technical field has considered password requirements a running joke for years.  
Avatar 8335
 
Reply Quote Edit Delete Report
 
8. Re: Evening Safety Dance Jun 28, 2013, 22:31 Cutter
 
Your bank PW needs to be secure. Most other sites, not so much.  
Avatar 25394
 
"Bye weeks? Bronko Nagurski didn't get no bye weeks, and now he's deadů Well, maybe they're a good thing." - Moe
Reply Quote Edit Delete Report
 
7. Re: Evening Safety Dance Jun 28, 2013, 22:21 eRe4s3r
 
I have the paranoid belief that crackers scrounge sites like these for ideas what safe password might be and then add that and ALL variations that an algo can find. Letter -> Number replacements mainly ;p

And yeah, your 2nd assumption is mainly what I thought. If you post it here, someone else, in some other forum must have had the same idea.

The password is obviously pretty safe if a website is up to snuff when it comes to securing the hashes.
 
Avatar 54727
 
Reply Quote Edit Delete Report
 
6. Re: Evening Safety Dance Jun 28, 2013, 22:15 Rhialto
 
rist3903 wrote on Jun 28, 2013, 22:02:
https://xkcd.com/936/

The xkcd concerning password strength.

Excellent! Is that old? I see no date...
 
Avatar 23064
 
Reply Quote Edit Delete Report
 
5. Re: Evening Safety Dance Jun 28, 2013, 22:12 Rhialto
 
eRe4s3r wrote on Jun 28, 2013, 21:48:
That particular password would be a really really bad choice

Why? You think it just got added to crack engines and all hackers have added it on their list as a password to try? Just add a single symbol anywhere and you're good to go.

But whatever, I wish I had some incredible power that would tell me the count of it being in use right now. If I thought of it while I composed the message, someone else in the world must have thought of it before me.
 
Avatar 23064
 
Reply Quote Edit Delete Report
 
4. Re: Evening Safety Dance Jun 28, 2013, 22:02 rist3903
 

https://xkcd.com/936/

The xkcd concerning password strength.

 
Reply Quote Edit Delete Report
 
3. Re: Evening Safety Dance Jun 28, 2013, 21:48 eRe4s3r
 
That particular password would be a really really bad choice  
Avatar 54727
 
Reply Quote Edit Delete Report
 
2. Re: Evening Safety Dance Jun 28, 2013, 20:50 Mashiki Amiketo
 
While the latter is not a word (a quick dictionnary attack would fail), it is still less secure knowing how crack engine works as of today. But will that change?
True, also according to the rules of entropy, a long word phrase of nonsensical things that make sense to you, but not to dictionary/pass-phrase attacks is just as equally strong if not stronger as random alpha-numeric's that a computer especially GPU crackers are good at running against.
 
--
"For every human problem,
there is a neat, simple solution;
and it is always wrong."
--H.L. Mencken
Reply Quote Edit Delete Report
 
1. Re: Evening Safety Dance Jun 28, 2013, 20:29 Rhialto
 
They had to do a study? I knew that for a long time...

Poeple usually want short password, beleiving they are easier to remember, so all password requirement were updated to enhance security on short passwords by requiring a symbol, number, etc.

So today some of you will realize that a password like ibetyouwillneverfindmypassword, while a bit longer to type, is as easy as remember as ibywnfmp!

While the latter is not a word (a quick dictionnary attack would fail), it is still less secure knowing how crack engine works as of today. But will that change?
 
Avatar 23064
 
Reply Quote Edit Delete Report
 
13 Replies. 1 pages. Viewing page 1.
< Newer [ 1 ] Older >


footer

Blue's News logo