How many seconds would it take to break your password?
-
I used to do something like that. Now I use KeePass. It's too much trouble to remember hundreds of passwords.
I use LastPass's random password generation for most websites. I can't think of a more secure password - nobody knows it, not even me! :laugh: And of course I use my longest most secure password (that I can remember) is on my LastPass account so I don't have an obvious weak point there.
-
By then I would think 'passwords' as we know them will be obsolete. We can already have systems process your face agaisnt 250 mil in under a second, we can even combine that with IR imaging. Honestly who knows what some crazy genologist/crytpologist/biologist.../ist will come up with. My theory is someday the system will just know you are you. The only way to fake it would be to knock you out and have you sit in front of it strung up like pinochio. And heck even then the system may dedect you are under durress and call the goon squad for ya. Keep in mind there is always other technology that is advancing due to Moore's law right along side of computation. They are not advancing directly because of it which creates a crazy exponential growth of tech because of the indirect connects between the fields.
Computers have been intelligent for a long time now. It just so happens that the program writers are about as effective as a room full of monkeys trying to crank out a copy of Hamlet.
Collin Jasnoch wrote:
Honestly who knows what some crazy genologist/crytpologist/biologist.../ist will come up with.
I think I'm going to go invent cryptobiology now. Nevermind, a Google search gave me about 60,000 results for that word...I need to think of something even more obscure...
-
Want to know how strong your password is? Count the number of characters and the type and calculate it yourself. Or check the list below and see who big a difference between a few billion possible combinations a few sextillion possibilities really is. [ITworld]
It occurred to me that an organization could have a system constantly trying to break everyone's passwords -- anyone whose password is broken gets some sort of punishment (along with having to change the password).
-
Want to know how strong your password is? Count the number of characters and the type and calculate it yourself. Or check the list below and see who big a difference between a few billion possible combinations a few sextillion possibilities really is. [ITworld]
Now, that is a good question. My cat has a Codeproject account, and as is my norm these days, his password is a Guid. (Because I can paste it from my encrypted password store on the PC) How long to break it?
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 5.10 million trillion trillion trillion centuriesMy password is not a Guid (because I have to enter it from the keyboard on my phone occasionally) How long to break it?
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 0.000202 secondsMaybe I should find a way to remember Guids? :laugh:
Ideological Purity is no substitute for being able to stick your thumb down a pipe to stop the water
-
Now, that is a good question. My cat has a Codeproject account, and as is my norm these days, his password is a Guid. (Because I can paste it from my encrypted password store on the PC) How long to break it?
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 5.10 million trillion trillion trillion centuriesMy password is not a Guid (because I have to enter it from the keyboard on my phone occasionally) How long to break it?
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 0.000202 secondsMaybe I should find a way to remember Guids? :laugh:
Ideological Purity is no substitute for being able to stick your thumb down a pipe to stop the water
But it's the policy that matters, not the actual password. You and your cat both have passwords within the same policy (CP's policy) so an attacker has exactly the same difficulty in breaking either.
-
Now, that is a good question. My cat has a Codeproject account, and as is my norm these days, his password is a Guid. (Because I can paste it from my encrypted password store on the PC) How long to break it?
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 5.10 million trillion trillion trillion centuriesMy password is not a Guid (because I have to enter it from the keyboard on my phone occasionally) How long to break it?
Massive Cracking Array Scenario:
(Assuming one hundred trillion guesses per second) 0.000202 secondsMaybe I should find a way to remember Guids? :laugh:
Ideological Purity is no substitute for being able to stick your thumb down a pipe to stop the water
OriginalGriff wrote:
My cat has a Codeproject account
I have wondered about this for some time, and I want to know WHY? I am sure it is a LOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOONG Story!
public class SysAdmin : Employee
{public override void DoWork(IWorkItem workItem) { if (workItem.User.Type == UserType.NoLearn){ throw new NoIWillNotFixYourComputerException(new Luser(workItem.User)); }else{ base.DoWork(workItem); } }}
-
Want to know how strong your password is? Count the number of characters and the type and calculate it yourself. Or check the list below and see who big a difference between a few billion possible combinations a few sextillion possibilities really is. [ITworld]
There is no truly secure password that will remain as such "until you die".
//{Unless, of course, you change your password and then get struck by a bus (many will wonder why you chose to change your password in the middle of the street ... but I digress), get hit by lightening, or instantly win the bazillion dollar lottery and have a fatal heart attack.}
Sure, "brute force" will take 11.15 thousand trillion trillion centuries to figure out the password AStup1dL0usyP#ssw_rd, but that's if the computer doesn't have any heuristics. Yes, most password systems now-a-days have a 3 or 5 try limit. A majority of people associate their password with things related to them. Google a person's name and/or find them on Facebook and you'll learn the things associated to them. There's one starting point heuristics will gain a trillion trillion centuries on alone. Plant a keylogger virus on a system and you're only gonna wait a day or two, if that, for a password. In all, passwords can be and are cracked 100% of the time. Yes, certainly changing the password often and of "randomness" is a good deterrent. And, no, I don't use the password AStup1dL0usyP#ssw_rd. I'm smarter than that. I use A$martP#55w_rd2Guess. :laugh:
The best way to improve Windows is run it on a Mac. The best way to bring a Mac to its knees is to run Windows on it. ~ my brother Jeff
-
Want to know how strong your password is? Count the number of characters and the type and calculate it yourself. Or check the list below and see who big a difference between a few billion possible combinations a few sextillion possibilities really is. [ITworld]
-
It occurred to me that an organization could have a system constantly trying to break everyone's passwords -- anyone whose password is broken gets some sort of punishment (along with having to change the password).
-
the link says, that using a bigger alphabet is more secure, but this is just plain wrong it is better to increase the number of characters, even, if they are simple (lowercase letters) simple math: say 'k' is the size of your alphabet and 'n' shall be the size of your password. then there are k^n possibilities. increasing n is much more valueble than increasing k. just try it out: f = @(n,k) k^n; f(6,40) = 4.0960e+09 f(6,41) = 4.7501e+09 f(7,40) = 1.6384e+11 f(10,60) = 6.0466e+17 f(10,61) = 7.1334e+17 f(11,60) = 3.6280e+19 f(20,60) = 3.6562e+35 f(20,61) = 5.0886e+35 f(21,60) = 2.1937e+37 as you see, increasing the first parameter (length) makes like 100 times more possibilites, while adding one more symbol is like not even doubling. so, a good password is a passphrase, take 3-5 random (and easy to remember) words and stick them together. the idea to use passphrases came from http://xkcd.com/936/[^]
Text from Gibson Research: https://www.grc.com/haystack.htm[^] "... Which of the following two passwords is stronger, more secure, and more difficult to crack? D0g..................... PrXyc.N(n4k77#L!eVdAfp9 You probably know this is a trick question, but the answer is: Despite the fact that the first password is HUGELY easier to use and more memorable, it is also the stronger of the two! In fact, since it is one character longer and contains uppercase, lowercase, a number and special characters, that first password would take an attacker approximately 95 times longer to find by searching than the second impossible-to-remember-or-type password!..."
