How secure are your passwords ?

Reply Subscribe

Thread Tools

Search this Thread

Nov 11, 2008 | 03:31 PM

stevem2k

Thread Starter

Scooby Regular

Joined: Sep 2001

Posts: 4,670

Likes: 0

From: Kingston ( Surrey, not Jamaica )

How secure are your passwords ?

Interesting ..... change the 'normal' 8 char password length to 10 and it goes from 0.11 hours to 77 to brute force..

Hackosis | Brute Force Calculator=

Nov 11, 2008 | 11:16 PM

druddle

Scooby Regular

Joined: Mar 2001

Posts: 5,528

Likes: 0

From: Berkshire

It depends if people have changed them after installing things. You would be amazed at the amount of confidential systems and switches that still have things like "password" for superuser accounts, and the kit was installed 3 years ago....

Dave

Nov 11, 2008 | 11:34 PM

Boro

Scooby Regular

iTrader: (1)

Joined: Jul 2003

Posts: 7,222

Likes: 0

From: Cornwall

I input 8 characters and 10 and got much higher figures than that?

Nov 12, 2008 | 12:38 PM

SirFozzalot

Scooby Regular

Joined: May 2003

Posts: 19,633

Likes: 1

From: Essex

2415.48 days

Last edited by SirFozzalot; Nov 12, 2008 at 12:40 PM.

Nov 12, 2008 | 01:00 PM

Kieran_Burns

Scooby Regular

iTrader: (1)

Joined: Jul 2004

Posts: 10,208

Likes: 0

From: There on the stair

What you should do when defining passwords is to not use passwords at all.

Use passPHRASES

One guy here uses "mypasswordis" (in mixed case) and THEN has a unique last word

Something like MyPasswordIsTh1s1smyp4ssw0rd

As it is made up of easy to remember words the whole thing is easy to remember but next to impossible to crack.

Nov 12, 2008 | 01:07 PM

NXG

Scooby Regular

Joined: Jul 2003

Posts: 923

Likes: 0

From: Northants

Minimum is 8, but 10 or more is best. People often use ! or 1 for an i or l, and 5 for an s, but many hack systems are aware of that ploy and it won't slow attacks down much. Any password based on a dictionary word, even with numeric substitution, is more vulnerable than a random string.

Use 10 or more characters, upper and lower case with numeric and special characters (i.e. !% &). If you can, use a pound sign, as most hacking programs expect a dollar sign!

It has to be easy to remember, or you won't use it, but don't make it something that someone could guess about you, i.e. if everyone knows you're a trekkie, Enterpr!5e is not a good password for you even though it meets other 'strong' password criteria.

Nov 12, 2008 | 02:31 PM

Boro

Scooby Regular

iTrader: (1)

Joined: Jul 2003

Posts: 7,222

Likes: 0

From: Cornwall

Wow, try this!

Turn your phone number into special characters, ie:-

01234 567890 turns into )!"£$ %^&*()

Thats 11 special characters including the £ sign and really easy to remember. Gives the following:-

36,028,797,018,963,968 combinations

It takes 131,072.00 hours or 5,461.33 days to crack your password on computer that tries 137,438,953,472 passwords per hour.

Last edited by Boro; Nov 12, 2008 at 02:36 PM.

Trending Topics

Paint or wrap roof

7

491
Flatspot on acceleration causes.

8

576

Nov 12, 2008 | 02:37 PM

Wurzel

Scooby Senior

iTrader: (1)

Joined: Nov 2000

Posts: 9,708

Likes: 73

From: Wildberg, Germany/Reading, UK

we have 12 character passwords which are forced to be in uper, lower case with at least 1 number and special character, we can not use a word that is in in the english or German dictionary of more than 3 letters and we can not use any part of the previous 6 passwords. It makes it feckin hard to find a password when it comes to changing it.

Nov 12, 2008 | 03:09 PM

davegtt

Scooby Senior

Joined: Mar 2003

Posts: 16,293

Likes: 0

From: Next door to the WiFi connection

It takes 1,335,263.55 hours or 55,635.98 days to crack your password on computer that tries 137,438,953,472 passwords per hour. This is based on a typical PC processor in 2008 and that the processor is under 10% load.

I like to think Im safe