-
Join the MyBroadband community
South Africa’s biggest forum. Discuss, discover, and connect with thousands of members.
-
Question of the Day: Which is the most hair-raising South African mountain pass you've driven?
Most popular passwords
- Thread starter rpm
- Start date
+1
In the 21 years i've walked this planet and experimented as an amateur hacker, not once have I seen "sex" or "god" used as a password...
guest2013-1
guest
- Joined
- Aug 22, 2003
- Messages
- 19,800
- Reaction score
- 13
Me neither, and I've walked for a while longer than you have
most common password I came across was admin or password (or p@ssw0rd)
Heh, I remember "god" from Hackers. Man, that movie was bad.
What grinds my gears: when websites force you to include numbers in your password. I understand that it makes it far more secure, but I'd much rather be given the luxury of choice.
What grinds my gears: when websites force you to include numbers in your password. I understand that it makes it far more secure, but I'd much rather be given the luxury of choice.
WyldPhoenix
Active Member
- Joined
- May 13, 2007
- Messages
- 82
- Reaction score
- 0
I use the same password formula for every single website that I visit!
It's really quite simple, and you can do it as well.
1) Choose a strange word that you like, maybe a nickname or something. e.g. Mickey
2) Change all of the following letters in the chosen name. e.g. i --> 1; e --> 3; o --> 0
3) Add the first letter of the website that you are currently visiting. e.g. MyBroadband --> M
4) Capitalise the chosen nickname as well as the letters of the website.
5) Choose three random digits that you will always remember e.g. 007
6) Add the third letter of the website that you are currently visiting. e.g. MyBroadband --> B
7) Put a 1 at the end.
The final result would be : Mickey --> M1ck3y --> M1ck3yM007B1
It kinda looks very random, but if you remember your formula, you can generate a "unique" password for any website that *looks* unique ...
If somebody finds out your MyBroadband password, then they won't be able to use it to gain access to your GMail account, since they are different, and they probably won't figure out that the "M" and the "B" in your password identify the MyBroadband website.
www.gmail.com --> M1ck3yG007A1
www.standardbank.co.za --> M1ck3yS007A1
www.news24.com --> M1ck3yN007W1
Get the general idea?
P.S. You'll never forget another password either!
It's really quite simple, and you can do it as well.
1) Choose a strange word that you like, maybe a nickname or something. e.g. Mickey
2) Change all of the following letters in the chosen name. e.g. i --> 1; e --> 3; o --> 0
3) Add the first letter of the website that you are currently visiting. e.g. MyBroadband --> M
4) Capitalise the chosen nickname as well as the letters of the website.
5) Choose three random digits that you will always remember e.g. 007
6) Add the third letter of the website that you are currently visiting. e.g. MyBroadband --> B
7) Put a 1 at the end.
The final result would be : Mickey --> M1ck3y --> M1ck3yM007B1
It kinda looks very random, but if you remember your formula, you can generate a "unique" password for any website that *looks* unique ...
If somebody finds out your MyBroadband password, then they won't be able to use it to gain access to your GMail account, since they are different, and they probably won't figure out that the "M" and the "B" in your password identify the MyBroadband website.
www.gmail.com --> M1ck3yG007A1
www.standardbank.co.za --> M1ck3yS007A1
www.news24.com --> M1ck3yN007W1
Get the general idea?
P.S. You'll never forget another password either!
Well done good sir, did you create that little method all by yourself?
Gekco
Expert Member
'password' FTW!
Me neither, and I've walked for a while longer than you have
+1
That article is a load of crap, the most commonly used password by admins is 'password' or a variation thereof, such as 'Password', 'p@ssw0rd', 'P@55w0rd', etc...
Alot of admins (I'm guilty too) often also use the username of the user being setup, BIG security risk.
the best way is to use no less than 8 characters and to change it every month, upper and lower case with numbers.
i made a mental list one day of various passwords i have to remember lengths ranging from 6 to 30 characters after about 20 odd things.
i made a mental list one day of various passwords i have to remember lengths ranging from 6 to 30 characters after about 20 odd things.
gregmcc
Honorary Master
+1
Who comes up with this crud. In the real world passwords are password or a variation of, or something with the date in.
Pretty much all decent password crackers have a hybrid system built in so they substitute 1 to i and 3 to e etc etc, so its no longer secure to use them.
The best is to use pass phrases which you will never forget, like "IHateTelkom!!!" - although thats probably a pretty common pass phrase
Lazy
Senior Member
Another thing to remember about passwords is that more often than not, length is the most important factor. You can include all the random characters that you want, but if it's short you are at risk.
So, B@$#ie might seem nice and safe but in reality it is not. It is too short. Also, replacing e with 3 (for example) creates a false sense of security, but it's not the worst thing you could do either.
The best passwords are passphrazes, something like "I like mybroadband" is a much stronger password than B@$#ie for example, simply because of the mathematical permutation required to brute force 18 characters is tougher than the one to brute force 6 characters. It's that simple really.
The big problem with passphrazes is that some sites only allow limited length passwords.
My biggest concern with passwords is usually that I wonder how they are being stored in the background. In reality, I'd prefer LDAP to be used or at the VERY least a seeded hash. IE, my password should never be recoverable. Unfortunately, that is beyond my control and highlights the importance of not using the same password for multiple purposes.
So, B@$#ie might seem nice and safe but in reality it is not. It is too short. Also, replacing e with 3 (for example) creates a false sense of security, but it's not the worst thing you could do either.
The best passwords are passphrazes, something like "I like mybroadband" is a much stronger password than B@$#ie for example, simply because of the mathematical permutation required to brute force 18 characters is tougher than the one to brute force 6 characters. It's that simple really.
The big problem with passphrazes is that some sites only allow limited length passwords.
My biggest concern with passwords is usually that I wonder how they are being stored in the background. In reality, I'd prefer LDAP to be used or at the VERY least a seeded hash. IE, my password should never be recoverable. Unfortunately, that is beyond my control and highlights the importance of not using the same password for multiple purposes.
