eovnu87435ds Posted October 2, 2010 Share Posted October 2, 2010 (edited) And not to leave the linux users behind, open up a terminal, and enter these commands: $ aptitude moo $ aptitude -v moo $ aptitude -vv moo Keep adding v's until you beat the system! SPOILER: click this link:Picture of result Edited October 2, 2010 by eovnu87435ds Quote Link to comment Share on other sites More sharing options...
Guest Deleted_Account Posted October 3, 2010 Share Posted October 3, 2010 Enter the following into OpenOffice Calc =ANTWORT("Das Leben, das Universum und der ganze Rest") for a reference from the hitch hikers guide to the galaxy Quote Link to comment Share on other sites More sharing options...
Trip Posted October 3, 2010 Share Posted October 3, 2010 not a fact (well probably) but it made me laugh ... "Why Linux Viruses are fairly uncommon" from Charlie Harvey evilmalware 0.6 (beta) Copyright 2000, 2001, 2003, 2005 E\/17 |-|4><0|2z Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY, COMPLETE DESTRUCTION OF IMPORTANT DATA or FITNESS FOR A PARTICULAR PURPOSE (eg. sending thousands of ****** spams to people accross the world). Basic Installation ================== Before attempting to compile this virus make sure you have the correct version of glibc installed, and that your firewall rules are set to `allow everything'. 1. Put the attachment into the appropriate directory eg. /usr/src 2. Type `tar xvzf evilmalware.tar.gz' to extract the source files for this virus. 3. `cd' to the directory containing the virus's source code and type `./configure' to configure the virus for your system. If you're using `csh' on an old version of System V, you might need to type `sh ./configure' instead to prevent `csh' from trying to execute `configure' itself. 4. Type `make' to compile the package. You may need to be logged in as root to do this. 5. Optionally, type `make check_payable' to run any self-tests that come with the virus, and send a large donation to an unnumbered Swiss bank account. 6. Type `make install' to install the virus and any spyware, trojans pornography, ***** enlargement adverts and DDoS attacks that come with it. 7. You may now configure your preferred malware behaviour in /etc/evilmalware.conf . SEE ALSO evilmalware(1), evilmalware.conf(5), please_delete_all_my_files(1) Quote Link to comment Share on other sites More sharing options...
okiwan Posted October 3, 2010 Author Share Posted October 3, 2010 ^^ LMAO! thats good! Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 3, 2010 Share Posted October 3, 2010 fact ... you cant make a folder in windows name 'con' you try it .... wtf is that all about ? You are very correct about it, I was like what the hell? But when I re-named the folder to Con2 it worked. Now thats a fact. Quote Link to comment Share on other sites More sharing options...
Trip Posted October 3, 2010 Share Posted October 3, 2010 (edited) lol here's a few for you ... A normal human being blinks 20 times in a minute, where as a computer user blinks only 7 times a minute! One of the best interesting computer facts. The house of Bill Gates was designed using a Macintosh computer. Sweden is a country with the highest percentage of Internet users (75%). 'Mosaic' was the first popular web browser released in the year 1993. I am sure most of us must have played the game Tetris. Since the time it was created in early eighties, it has sold more than 40 million copies worldwide, which made it's creator richer by $8m. Almost all computer users must know how destructive a virus can be. But then, it would be interesting to know that the a virus cannot corrupt your PC on its own. It corrupts your system only when you activate it by either downloading infected files from the Internet or by sharing these infected files. (I DISAGREE LOL BUT IT MUST BE TRUE IF ITS ON THE INTERWEB) Computer circuitry can be destroyed by static electricity, it is so mild for humans that they don't even feel it. (I KNOW THIS IS TRUE BUT A FRIEND OF MINE COMBED HIS HAIR WITH AN OLD 686 CHIP AND IT STILL WORKED AFTERWARDS :D) The Nvidia GeFore 6800 Ultra chip has maximum numbers of transistors on it, approx. 222 million of them. Konrad Zuse, has the credit of creating world's first computer known as the Z1 in 1936. Three years later in the year 1939, was when the first fully functioning electro-mechanical computer, known as Z2 was developed. 'Stewardesses' is the longest word which can be typed with only the left hand. Bill Gates, the founder of Microsoft was a college drop out. On one of the world's most popular shopping website eBay, there are transactions of approx. $680 per second. There are approx. 6,000 new computer viruses released every month. Of all the pictures available over the internet, 80 percent of these pictures are of naked women. 'Crash Course' is another name for Microsoft Windows tutorials. The E-mail is older than the World Wide Web. There are about five porn pages for every 'normal' web-page. Doug Engelbart, invented the first computer mouse in the year 1964 and was made up of wood! One of the world's leading computer and computer peripheral manufacturer Hewlett Packard was first started in a garage at Palo Alto in the year 1939. If you open up the case of the original Macintosh, you will find 47 signatures, which is of each member of Apple's Macintosh division of 1982. Amongst the most interesting computer facts is, when the first Apple computer which was built by Steve Jobs and Steve Wozniak, it was made by using parts they got for free from their employers. The were made to scrounge spare parts from work. If you want to get a computer aquarium, then you must get the Macquariums which are aquariums made from old Macintosh computers. It is believed that the first computer virus released in the world was a boot sector virus, which was created in the year 1986 by Farooq Alvi brothers. It was designed by them to protect their research work. The group of 12 engineers who designed IBM PC were called as "The Dirty Dozen". The quintessential command 'Ctrl+Alt+Delete' was written by David Bradley. Edited October 3, 2010 by Trip Quote Link to comment Share on other sites More sharing options...
okiwan Posted October 3, 2010 Author Share Posted October 3, 2010 nice list. and lol @ "The house of Bill Gates was designed using a Macintosh computer." fact: the largest bank heist in history is listed in the guinnes book of world records as the "biggest computer fraud" in history and it was done with out even touching a computer. done by stanley mark rifkin and his social engineering skills he stole ten million two hundred thousand dollars, over a pay phone from inside the same bank. Quote Link to comment Share on other sites More sharing options...
Trip Posted October 4, 2010 Share Posted October 4, 2010 Quote Link to comment Share on other sites More sharing options...
charm_quark Posted October 6, 2010 Share Posted October 6, 2010 damn, the indian sure get the sucky pay! Quote Link to comment Share on other sites More sharing options...
okiwan Posted October 6, 2010 Author Share Posted October 6, 2010 (edited) lmao! not if he was in america though. indians excel past americans here. Edited October 6, 2010 by okiwan Quote Link to comment Share on other sites More sharing options...
charm_quark Posted October 8, 2010 Share Posted October 8, 2010 i guess it only the lucky ones, but otherwise here local get the general price hike! Quote Link to comment Share on other sites More sharing options...
Trip Posted October 9, 2010 Share Posted October 9, 2010 Google got its name from the mathematical figure googol, which denotes the number 'one followed by a hundred zeros'. Yahoo! derived its name from the word Yahoo coined by Jonathan Swift in Gulliver's Travels. A Yahoo is a person who is repulsive in appearance and action and is barely human! Researchers consider that the first search engine was Archie, created in 1990 by Alan Emtage, a student at McGill University in Montreal, Canada. Marc Andreessen founded Netscape. In 1993, he had already developed Mosaic, the first Web browser with a GUI. It was once considered a letter in the English language. The Chinese call it a little mouse, Danes and Swedes call it 'elephant's trunk', Germans a spider monkey, and Italians a snail. Israelis pronounce it 'strudels' and the Czechs say 'rollmops's...What is it? The @ sign. In the Deep Web, the part of the Web not currently catalogued by search engines, public information said to be 500 times larger than on the WWW. The first search engine for Gopher files was called Veronica, created by the University of Nevada System Computing Services group Tim Berners-Lee predicted in 2002 that the Semantic Web would "foster global collaborations among people with diverse cultural perspectives", but the project never seems to have really taken off. In February 2004, Sweden led the world in Internet penetration, with 76.9 percent of people connected to the Internet. The world average is 11.1 per cent. The top visited websites in February2004, including affiliated sites, were Yahoo!, MSN, the Warner Network, EBay, Google, Lycos and About.com. The search engine "Lycos" is named for Lycosidae, the Latin name for the wolf spider family. The US International Broadcasting Bureau created a proxy service to allow Chinese, Iraians and other 'oppressed' people to circumvent their national firewalls, relaying forbidden pages behind silicon curtains. Lurking is to read through mailing lists or news groups and get a feel of the topic before posting one's own messages. SRS stands for Shared Registry Server. The central system for all accredited registrars to access, register and control domain names. WAIS stands for 'Wide Area Information Servers' - a commercial software package that allow the indexing of huge quantities of information, the makes those indices searchable across the Internet. An anonymiser is a privacy service that allows a user to visit Web sites without allowing anyone to gather information about which sites they visit. Archie is an information system offering an electronic directory service for locating information residing on anonymous FTP sites. On the Internet, a 'bastion host' is the only host computer that a company allows to be addressed directly from the public network. 'Carnivore' is the Internet surveillance system developed by the US Federal Bureau of Investigation (FBI), who developed it to monitor the electronic transmissions of criminal suspects. Did you know that the original URL of Yahoo! was http://akebono.stanford.edu/ ? Developed at the University of Nevada, Veronica is a constantly updated database of teh names of almost every menu item on thousands of gopher servers. The Electrohippies Collective is an international group of 'hacktivists' based in Oxfordshire, England. UIML (User Interface Markup Language) is a descriptive language that lets you create a Web page that can be sent to any kind of interface device. In Internet terminology, a demo is a non-interactive multimedia presentation, the computer world's equivalent of a music video. Did you know that the name of the famous search engine AltaVista came into existence when someone accidentally read and suggested the word 'Vista' on an unclean whiteboard as 'Alta Vista'? Boeing was the first airline to discover the Y2K problem, way back in 1993. Did you know that Domain registration was free until an announcement by the NAtional Science Foundation on 14th September, 1995, changed it? The Internet was initially called the 'Galactic network' in memos written by MIT's J C R Licklider in 1962. Shokyu Ishiko, a doctorate in agriculture and chief priest of Daioh Temple in Kyoto has created an online virtual temple which will perform memorial services for lost information. A 55 kg laddu was made for Lord Venkateswara at Trumala as a Y2K prayer offering. The morning after Internet Explorer 4 was released, certain mischievous Microsoft workers left a 10 by 12 foot letter 'e' and a balloon with the message, "We love you", on Netscape front lawn. If you were a resident of Tongo, a monarchy in the southwest Pacific, you could own domains as cool as 'mail.to' and 'head.to'. The American Registry for Internet Numbers (ARIN) began the administration of Internet IP address in North and South America in MArch 1998. The testbed for the Internet's new addressing system, IPv6, is called the 6bone. The first Internet worm was created by Robert T.Morris, Jr, and attacked more than 6000 Internet hosts. According to The Economist magazine, the first truly electronic bank on the Internet, called First Virtual Holdings, was opened by Lee Stein in 1994. The French Culture Ministry has banned the word 'e-mail' in all government ministries, documents, publications and Web sites, because 'e-mail' is an English word. They prefer to use the term 'courriel'. The German police sell used patrol cars over the Internet, because earlier auctions fetched low prices and only a few people ever showed up. Rob Glasser's company, Progressive Networks, launched the RealAudio system on April 10, 1995. 'Broswer safe colours' refer to the 216 colours that are rendered the same way in both the PC and Mac operating systems. Though the world Wide Web was born in 1989 at CERN in Switzerland, CERN is mainly involved in research for particle physics. The first computer company to register for a domain name was Digital Equipment Corporation. The 'Dilbert Zone' Web site was the first syndicated comic strip site available on the Internet. Butler Jeeves of the Internet site AskJeeves.com made its debut as a large helium balloon in the Macy's Thanksgiving Day parade in 2000. Sun Microsystems sponsors NetDay, an effort to wire American public schools to the Internet, with help from the US government. In Beijing, the Internet community has coined the word 'Chortal' as a shortened version of 'Chinese portal'. Telnet is one of the oldest forms of Internet connections. Today, it is used primarily to access online databases. Domain names can be really sell at high prices! The most expensive domain name was 'business.com', which was bought by eCompanies for $7.5 million in 1999. The first ever ISP was CompuServe. It still exists, under AOL Time Warner. On an average, each person receives 26.4 e-mails a day. Ray Tomlinson, a scientist from Cambrige, introduced electronic mail in 1972. He used the @ to distinguish between the sender's name and network name in the e-mail address. Transmission Control Protocol/Internet Protocol (TCP/IP) was designed in 1973. The Apple iTunes music store was introduced in the spring of 2003. It allows people to download songs for an affordable 99 cents each. Satyam Online become the first private ISP in December 1998 to offer Internet connections in India. The number of UK Internet users increase by an estimated 75 percent each year. The Internet is the third-most used advertising medium in the world, closely catching up with traditional local newspapers and Yellow Pages. It took 13 years for television to reach 50 million users- it took the Internet less than 4 years. As of now, there are over 260 million people with Internet access worldwide. 1 out of 6 people used the Internet in North America and Europe, as per a 1999 survey. The average computer user blinks 7 times a minute. In 1946, the Merriam Webster Dictionary defined computer as 'a person who tabulates numbers; accountant; actuary; bookkeeper.' An estimated 2.5 billion hours were wasted online last year as people waited for pages to download, according to a study sponsored by Nortel Networks. AOL says spam is the number one complaint of its customers, and that it has to block over one billion unsolicited e-mails every day. In 2002, the average Internet user received 3.7 spam messages per day. The total rose to 6.2 spam messages per day in 2002. By 2007, it is expected to reach 830 messages per day. A terminology industry research firm called Basex says that unsolicited e-mail cost $ 20 billion in lost time and expenses worldwide in 2000. In 2003 an Atlanta- base ISP called Earthlink won a lawsuit worth $16.4 million (US) against a spammer in Buffalo NY, and a $25 million (US) lawsuit against a spammer in Tennessee. Quote Link to comment Share on other sites More sharing options...
Trip Posted October 11, 2010 Share Posted October 11, 2010 With all of our advances in security technology, one aspect remains constant: passwords still play a central role in system security. The difficulty with passwords is that all too often they are the easiest security mechanism to defeat. Although we can use technology and policy to make passwords stronger, we are still fighting the weakest point in any system: the human element. Ultimately the goal is to get users to choose better passwords. However, it is not always clear how to achieve that goal. The problem is that as creative as humans are, we are way too predictable. If I asked you to make a list of totally random words, inevitably some sort of pattern will emerge in your list. Selecting good passwords requires education. System administrators need to be educated and that education needs to be passed on to end users. This article is meant to bring you closer to understanding passwords in Windows 2000 and XP by addressing common password myths. Myth #1: My Password Hashes Are Safe When Using NTLMv2 Many readers will be familiar with the weaknesses in LanManager (LM) password hashes that made L0phtcrack so popular. NTLM made hashes somewhat stronger by using a longer hash and allowing both upper and lower-case letters. NTLMv2 made even more advances by computing a 128-bit key space and using separate keys for message integrity and confidentiality. It also uses the HMAC-MD5 algorithm for further message integrity. However, Windows 2000 still often sends LM or NTLM hashes over the network and NTLMv2 is also vulnerable to in-transit (also known as replay) attacks. And since LM and NTLM password hashes are still stored in the registry, you will still be vulnerable to attacks against the SAM. It will still be some time until we are completely free from the grips of LanManager. Until then, do not assume that your password hashes are safe. Myth #2. Dj#wP3M$c is a Great Password A common myth is that totally random passwords spit out by password generators are the best passwords. This is not true. While they may in fact be strong passwords, they are usually difficult to remember, slow to type, and sometimes vulnerable to attacks against the password generating algorithm. It is easy to create passwords that are just as strong but much easier to remember by using a few simple techniques. For example, consider the password "Makeit20@password.com". This password utilizes upper and lower-case letters, two numbers, and two symbols. The password is 20 characters long and can be memorized with very little effort; perhaps even by the time you finish this article. Moreover, this password can be typed very fast. The portion "Makeit20" alternates between left and right-handed keys on the keyboard, improving speed, decreasing typos, and decreasing the chances of someone being able to discover your password by watching you (for a list of nearly eight thousand English words that alternate between left and right-handed keys, see http://www.xato.net/downloads/lrwords.txt.) The best technique for creating complex passwords that are easier to remember is to use data structures that we are accustomed to remembering. Such structures also make it easy to include punctuation characters in the password, as in the e-mail address example used above. Other data structures that are easy to remember are phone numbers, addresses, names, file paths, etc. Consider also that certain elements make things more memorable for us. For example, patterns, repetition, rhymes, humor, and even offensive words all make passwords that we will never forget. Myth #3. 14 Characters is the Optimal Password Length With LM, password hashes were split into two separate 7-character hashes. This actually made passwords more vulnerable because a brute-force attack could be performed on each half of the password at the same time. So passwords that were 9 characters long were broken into one 7-character hash and one 2-character hash. Obviously, cracking a 2-character hash did not take long, and the 7-character portion could usually be cracked within hours. Often, the smaller portion could actually be used to assist in the cracking of the longer portion. Because of this, many security professionals determined that optimal password lengths were 7 or 14 characters, corresponding to the two 7-character hashes. NTLM improved the situation some by using all 14 characters to store the password hash. While this did make things better, NT dialog boxes still limited passwords to a maximum of 14 characters; thus the determination that passwords of exactly 14 characters are the optimal length for the best security. But things are different with newer versions of Windows. Windows 2000 and XP passwords can now be up to 127 characters in length and so 14 characters is no longer a limit. Furthermore, one little known fact discovered by Urity of SecurityFriday.com is that if a password is fifteen characters or longer, Windows does not even store the LanMan hash correctly. This actually protects you from brute-force attacks against the weak algorithm used in those hashes. If your password is 15 characters or longer, Windows stores the constant AAD3B435B51404EEAAD3B435B51404EE as your LM hash, which is equivalent to a null password. And since your password is obviously not null, attempts to crack that hash will fail. With this in mind, going longer than 14 characters may be good advice. But if you want to enforce very long passwords using group policy or security templates, don't bother - neither will allow you to set a minimum password length greater than 14 characters. Myth #4. J0hn99 is a Good Password While it does pass Windows 2000 complexity requirements, "J0hn99" is not as strong a password as it appears. Most password crackers have rules that can try millions of word variants per second. Replacing the letter "o" with the number "0" and adding a couple numbers is no big deal to a password cracker. Some password crackers have rulesets that can create password combinations well beyond the average user's creativity or patience. A better approach is to be less predictable. Rather than replacing "o" with "0", try replacing "o" with two characters such as "()" as in "j()hn". And of course, making your password longer will make it even stronger. Myth #5. Eventually Any Password Can Be Cracked Although a password may eventually be discovered through some means (such as through a keylogger or through social engineering), it is possible to create a password that cannot be cracked in any reasonable time. If a password is long enough, it will take so long or require so much processing power to crack it that it is essentially the same as being unbreakable (at least for most hackers). So yes, eventually any password can be cracked, but eventually may not fall in your lifetime. So unless you have the Government hacking away at your passwords, chances are you are pretty safe. Of course, advances in computing power may some day make this myth a reality. Myth #6. Passwords Should be Changed Every 30 Days Although this may be good advice for some high-risk passwords, it is not the best policy for the average user. Requiring frequent password changes often causes users to develop predictable patterns in their passwords or use other means that will actually decrease the effectiveness of their passwords. It is frustrating to a user to have to constantly think of and remember new passwords every 30 days. Rather than limiting password age, it may be better to focus on stronger passwords and better user awareness. A more realistic time for the average user may be 90-120 days. If you give users more time, you may find it easier to convince them to use better passwords. Myth #7. You Should Never Write Down Your Password Although this is often good advice, sometimes it is necessary to write down passwords. Users feel more comfortable creating complex passwords if they are able to write them down somewhere in case they forget. However, it is important to educate users on how to properly write down passwords. A sticky note on the monitor is not a good policy, but storing passwords in a safe or even a locked cabinet may be sufficient. And don't neglect security when it comes time to throw those passwords away, many passwords have been compromised after hitting the garbage dumpsters. You may want to consider allowing users to save passwords in software-based password storage utilities. These utilities allow a user to store many account passwords in one central location, locked with a master password. If you know the master password, you gain access to your entire list of passwords. But before allowing users to save passwords in such tools, consider the risks: first, it is software-based and therefore can itself become a target of attack, and, second, since it is all based on a single master password, that password becomes a single point of failure for all the user's passwords. The best technique is to combine technology, physical security, and company policy. Sometimes passwords need to be documented. It’s not uncommon to see a company in a panic because their admin just quit, and he's the only one who knows the server password. You should discourage writing down passwords in many situations, but if writing them down helps or is necessary, be smart about it. Myth #8: Passwords Cannot Include Spaces Although most users do not realize it, both Windows 2000 and Windows XP allow spaces in passwords. In fact, if you can view a character in Windows, you can use that character in a password. Therefore, spaces are perfectly valid password characters. However, due to how some applications trim spaces, it is often best not to begin or end your password with a space. Spaces can actually make it easier for users to come up with more complex passwords. A space is used between words therefore using spaces may encourage users to use more than one word in their passwords. An interesting fact I recently discovered in my research is that spaces do not fall into any of the categories for Windows password complexity requirements. It is not a number or letter yet does not count as a symbol either. So while it will make your password more complex, it does nothing to help you pass Windows complexity requirements. And finally, one drawback with spaces is that the spacebar makes a unique noise when tapped. It is not hard to hear when someone uses a space in their password. So use spaces, but don't overuse spaces. Myth #9: Always Use Passfilt.dll Passfilt.dll is a component that will enforce strong user passwords. In Windows 2000 and XP it is implemented through the "Passwords must meet complexity requirements" policy. While it is often a good policy to enforce, some users may find it frustrating when their passwords are rejected because they are not complex enough. Even experienced administrators have likely had to enter multiple passwords before finally getting one that does pass complexity requirements. Frustrated users certainly are not going to be giving you or your password policy much support. If you find users are frustrated with the complexity requirements, perhaps a better solution is to not enforce that policy but instead require long passwords. If you do the math you will see that a nine-character lower-case password is roughly as complex as a seven-character password that uses upper and lower-case letters and numbers. The only difference is how the password cracking software handles different character subsets; some brute-force password crackers may attempt all lower-case letters before trying numbers Another alternative is to take the Platform SDK sample in the \samples\winbase\Security\WinNT\PwdFilt\ directory and modify it to be a little more forgiving with password selection. Educating users on what makes a password complex and giving them some ideas for strong passwords will also help. Myth #10: Use ALT+255 for the Strongest Possible Password It common to see recommendations to use high-ASCII characters as the ultimate password tip. High-ASCII characters are those that cannot normally be typed on a keyboard but are entered by holding down the ALT key and typing the character's ASCII value on the numeric keypad. For example, the sequence ALT-0255 creates the character <ÿ>. Although they are useful in some situations, you should also consider the disadvantages. First of all, holding down the ALT key and typing on the numeric keypad is something that can easily be observed by others. Second, creating such a character requires five keystrokes that must be memorized and later typed every time the password is entered. Perhaps a more effective technique would be to make your password five characters longer, which would actually make your password much stronger for the same number of keystrokes. For example, a five-character password made up of high-ASCII characters will require 25 keystrokes to complete. With 255 possible codes for each character and five characters, the total possible combinations are 255^5 (or 1,078,203,909,375). However, a 25-character password made up of only lower-case letters has 26^25 (or 236,773,830,007,968,000,000,000,000,000,000,000) possible combinations. Clearly, you are better off just making longer passwords. Another thing to consider is that some laptop keyboards make numeric keypad input difficult and some command-line tools may not accept high-ASCII characters. For example, you can use the character ALT+0127 in Windows, but you cannot type that character at a command prompt. Conversely, I have found that some character codes such Tabs (ALT+0009), LineFeeds (ALT+0010), and ESC (ALT+0027) can be used when setting your password from a command prompt but cannot be used in any Windows dialog boxes (which may actually be a desirable side-effect in some rare cases). Nevertheless there are times where it is good advice to use extended characters codes. If you have sensitive service or local admin accounts that are rarely used, sometimes the extended character set will be worth the extra keystrokes. Since few password crackers are set up to handle extended characters, that may be enough to make your password very difficult to crack. But in that case, don't stop with high-ASCII, one little-known fact is that you can actually make use of the full Unicode character set which has 65,535 possible characters. Still, a character such as ALT+65206 is not as strong as the equivalent number of keystrokes using regular characters. One final note on extended characters is the use of the non-breaking space (ALT+0160). This character appears as a space and can often fool those who are somehow able to view the password. Say, for example, that an attacker is able to install a keylogger on your system. If you use a non-breaking space in your password, it will look like a regular space in the keylogger's logfile. But if the attacker is not aware of the non-breaking space, and without seeing the actual ASCII code, the password they think they have will fail. And many people simply are not aware that this character exists, although perhaps they do now. Conclusion Some may disagree with individual points I have presented here, but that is the whole purpose. A myth is a half-truth. Many of the myths that I have attacked here were once good advice or they still are good advice but only in specific scenarios. But to many this advice has become a set of solid rules that are generally applied to all scenarios. Password advice, including my own, is nothing more than advice. You must determine which rules work for you and which do not. Perhaps the biggest myth of all is that there are fixed rules when it comes to password security. Sometimes John99 is a good password and sometimes passwords must be changed in less than 30 days. Some passwords, such as administrator passwords, need more protection while others, such as user passwords, need less. You must take what you know as well as what I presented here to form a password policy that protects you best. A good password is more than just a complex password. A good password is one that is not easily guessed but still easy to remember. It should be long and should consist of letters, number, and symbols, but still easy to type quickly with few errors. It should have elements of randomness that only a computer can provide while still having familiarity that only a human can provide. But the best password of all is the one that the user chooses based on an educated understanding of passwords - a password that is hard to crack, but never forgotten. And the best password policy is one that helps users in creating these passwords. great read :D Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.