-
Join the MyBroadband community
South Africa’s biggest forum. Discuss, discover, and connect with thousands of members.
-
Question of the Day: What's the most interesting small town you've visited in South Africa?
Password complexity
- Thread starter viper2110
- Start date
Yup, that's how I understood it anyway. There was an in depth Ars Technica article (I think) that went into password cracking and one of the crackers recommended this. Have been using this plain word sentence/ combination technique ever since.
Last edited:
AlphaJohn
Honorary Master
Also saw the article, but if I remember they said random words where better than clear sentence structure. Using 5 words with space is better than say using "I love the rain today"
What I tend to do personally is repeat 4 random words and the site's name for example:
Facebook would be "house deodorant facebook entertainment"
Twitter would be "house deodorant twitter entertainment"
and so on.
Edit: Some interesting reading on security from Ars
Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331” : http://arstechnica.com/security/2013/05/how-crackers-make-minced-meat-out-of-your-passwords/
The secret to online safety: Lies, random characters, and a password manager: http://arstechnica.com/information-...ies-random-characters-and-a-password-manager/
Last edited:
The main strength of a sentence password is the length. With the addition of every character you exponentially increase the possible combinations. So its not that its so hard to crack but that it would take forever to do so due to the large number of possible combinations.
Just add a full stop '.' at the end of your sentence password and you increase the complexity tenfold.
Just add a full stop '.' at the end of your sentence password and you increase the complexity tenfold.
eCliPSe
Well-Known Member
So true! Also if you use something like an sentence use upper case and lower case as well ,end it with an "!" and in between the words use an "." and you are golden.
At the end its all up to computing power. If you perhaps have access to a number of supercomputers and a recently upgraded GPU cluster it makes it so much easier
md5 hashes are quick the sha256 slower and it gets slower as the bit length of the encryption increases due to the complexity. I am by no means a cryptologist but understand that the longer and the more complex anything it is the longer it takes to break. Nothing is uncrackable. Its about how much cycles and time you want to invest.
Last edited:
Nephew_
Senior Member
Compton_effect
Honorary Master
- Joined
- Sep 7, 2006
- Messages
- 12,287
- Reaction score
- 1,102
'It doesn't matter how complex your password is if they start cutting your fingers off' - Security Expert at Tech-ed 2010 on Cyber Crime.
Last edited:
AlphaJohn
Honorary Master
Talking about cutting fingers, when I was in Uni I was taught that Bio-metrics should never be used as a one time security measure, rather to use it as an identifier with second system like the normal password. I think Apple missed that class?
This is one of my favorite XKCDs.
I tweeted it to FNB a while back when I first registered for internet banking and they have their ridiculous password complexity enforcement (1 uppercase AND 1 number AND 1 special character)
EDIT: This isn't necessarily awful on my PC where any special character key is no harder to enter than a number or an upper case letter.
However, when you need to enter these in on a touch device, it becomes arduous
Last edited: