Jump to content

Good Passwords


Arvee

Recommended Posts

No words you'd find in a dictionary, and no names. More than 6 or 8 characters of mixed upper- and lower-case letters, as well as numbers (and other printable characters if possible).

You can get essentially perfect passwords generated from www.grc.com/pass

You can find out more about it by listening to Security Now - specifically episodes 4 and 5, but all of them are great and many others touch on the subject.

Link to comment
Share on other sites

Use the £ symbol... I've read something on CNET that says since most keybreakers are written by americans, or targeted at americans, using symbols that don't appear in standard american english makes it harder to crack. Not sure how much money i'd risk on that though...

Link to comment
Share on other sites

Use the £ symbol... I've read something on CNET that says since most keybreakers are written by americans, or targeted at americans, using symbols that don't appear in standard american english makes it harder to crack. Not sure how much money i'd risk on that though...

Try it VaKo, set your acounts password to £ and see how long it takes to crack ^^

Link to comment
Share on other sites

Use the £ symbol... I've read something on CNET that says since most keybreakers are written by americans, or targeted at americans, using symbols that don't appear in standard american english makes it harder to crack. Not sure how much money i'd risk on that though...

Try it VaKo, set your acounts password to and see how long it takes to crack ^^

Hahaha than we come back to this thread 7 years later.... "Hey guys, well the cracking was unsuccessful. So put a £ in and you won't be cracked!"

I would really laugh if something happend like this.

Link to comment
Share on other sites

Use the £ symbol... I've read something on CNET that says since most keybreakers are written by americans, or targeted at americans, using symbols that don't appear in standard american english makes it harder to crack. Not sure how much money i'd risk on that though...

Try it VaKo, set your acounts password to £ and see how long it takes to crack ^^

I can't at the moment, using 3 computers to render and the other ones a linux machine (btw how do you crack an ubuntu password with physical access to the machine, i've forgotten the login).

Link to comment
Share on other sites

Thanks... I'll probably just try to remember one of those strings: Maybe like 6-10 Characters.

The reason I asked this was: When I saw the show I saw them punch in some long passwords and stuff.

Thanks again.

Link to comment
Share on other sites

btw how do you crack an ubuntu password with physical access to the machine, i've forgotten the login.

Boot off of a CD or something OTHER than the harddisk.

Mount the filesystem that has /etc on it.

Edit /etc/shadow (of /etc/passwd if you're still living in the dark ages) and edit out the contents of the password column for the user you forgot.

Reboot and log in as that user, who now has an empty password.

Alternatively, instead of blanking it, you can enter the character sequence from one of the other accounts whose password you do remember. Reboot and log in using that password for this account.

Link to comment
Share on other sites

I use a 21 character password on my workstation and a 44 character password on my server.

As others have said you want something random, not in a dictionary, and use lower case, upper case, symbols, and numbers. And don't just replace e for 3 since many cracking programs are smart enough to try that.

Also keep your password 15 characters or more since that will prevent it from being stored in the easy to crack LM hash on windows.

This is an example of a good password: 76bnGHtg-=¥ƒ1AWm,0*z~

It's not hard to type once you have to do it 10 times a day.

If that seems like too much work then it might be time to start thinking about passphrases. For example, this is an easy to remember and very secure password:

"My first PC was an IBM PC-XT that cost $2500"

Lowercase, check

Uppercase, check

Numbers, check

Symbols, check

15+ chars, check

Easy to remember? Well, if you paid $2500 for an IBM PC-XT back in the day, then yes.

Darren

Link to comment
Share on other sites

I use a 21 character password on my workstation and a 44 character password on my server.

Note that not all systems react well to such long passwords, and some actually chop them off when they're deemed too long.

Here at work I tried to use a 17-character password and only half the systems updated to the new one.

Link to comment
Share on other sites

I prefer to use words that are easy to remember. Like my first name, or my dogs name. Even better is my favorite movie, or my mom's maiden name. Examples of good passwords:

12345

password

harrison

isabella

five

smile

dictionary

Try those out and see how they work for you :) Make sure you set your passphrase to never expire

Link to comment
Share on other sites

I have a good memory so for any thing important I would use something like T2h598jM8ks5h4 and for the things that I’m not bothered about I use the first thing that pops into my head some thing like fuck666billgates.

Link to comment
Share on other sites

I have a good memory so for any thing important I would use something like T2h598jM8ks5h4 and for the things that I’m not bothered about I use the first thing that pops into my head some thing like fuck666billgates.

hehehehe you big kid :roll:

Link to comment
Share on other sites

personally i use ubr 1337 ( lol ) for passwords like

j0//ny

sc00bi3DOO/elm@

those are easy to remember and if you throw a few special characters in it will take a LOT longer to crack.

Link to comment
Share on other sites

For very important stuff (bank passwords, root accounts, etc) there are character sequences that would appear random to the layperson, but actually relate to stuff that's etched in my brain. One example was the license plate of a car my dad used to own combined with characters of the name of a street I used to live in as indexed by part of a phone number I used to have.

For stuff I don't want just anybody to have access to (local machine passwords) I tend to pick words on stuff I'm familiar with but will get an empty stare when you say them to people (obscure comic book characters, members of bands nobody knows about, characters or titles of B-movies practically nobody's seen) and apply a little leetspeek where needed.

And then the stuff for which I'm forced to pick a password but don't really care about, like online shop sites (like I give a shit that people can see what I bought), there's a couple of names and titles that I reuse.

I wonder how many of you change their passwords on a regular basis...?

Link to comment
Share on other sites

i change my password when my little shit brother uses some script kiddy app on me. locally. he gets me wen i go for a piss :twisted: bastard.

ne way my pass is only 3 char long atm for my windows box. i cant b arsed with it lol.

i did crack his sam files earlier with saminside cos i wanted on his pc to play music :P

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...