techThoughts ::
Thoughts, ideas, code, speculation and news
about all things technology.
Full feed
Full feed Partial feed
Password Strength - Read, Learn, Download

Passwordsafe As I posted here and here, security is more than using a simple password. More than anything though, having a simple short password is like going out of town for a week with your front door unlocked. You may end up not being robbed but it is simply luck and sheer statistical odds your house was not broken into. Of course the opposite is also true, even if you have the best lock in the world, someone could decide to drive a bulldozer through your wall. In other words, while any account you have is likely to be cracked by a determined hacker, why make it a 5 second job?

To that end, check out this article I found via the splendid Lifehacker: How I'd Crack Your Weak Passwords. Within it, you will find a great explanation regarding the cracking process and tips about password security. Among the gems you will see the following stats:

Password table

As you will learn, Password1 is not a very good password, nor is 1111 etc. Further, tips such as the following will help you out:

Here are some password tips:

  1. Randomly substitute numbers for letters that look similar. The letter ‘o’ becomes the number ‘0', or even better an ‘@’ or ‘*’. (i.e. - m0d3ltf0rd… like modelTford)
  2. Randomly throw in capital letters (i.e. - Mod3lTF0rd)
  3. Think of something you were attached to when you were younger, but DON’T CHOOSE A PERSON’S NAME! Every name plus every word in the dictionary will fail under a simple brute force attack.
  4. Maybe a place you loved, or a specific car, an attraction from a vacation, or a favorite restaurant?
  5. You really need to have different username / password combinations for everything. Remember, the technique is to break into anything you access just to figure out your standard password, then compromise everything else. This doesn’t work if you don’t use the same password everywhere.
  6. Since it can be difficult to remember a ton of passwords, I recommend using Roboform. It will store all of your passwords in an encrypted format and allow you to use just one master password to access all of them. It will also automatically fill in forms on Web pages, and you can even get versions that allow you to take your password list with you on your PDA, phone or a USB key.
  7. Once you’ve thought of a password, try Microsoft’s password strength tester to find out how secure it is.

All in all, it is a great article and should be read. One free password storage/ creation that I highly recommend is Password Safe. After years of torturing myself, attempting to remember every increasing 10, 15, 20 character passwords – I have finally seen the light when it comes to software like this. It makes keeping track of and creating secure passwords easy. Further, it is open source and originally created by Bruce Schneier's Counterpane Labs.

Happy passwording.

_______________________
Benjamin Bach
techThoughts ::
Thoughts, ideas, code, speculation and news
about all things technology.

http://www.techthoughts.com

Technorati Tags: , , ,

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d834527ec269e200d83576fca369e2

Listed below are links to weblogs that reference Password Strength - Read, Learn, Download:

Comments

I found that Microsoft Password Checker's algorithm based primarly on words dictionary. Also, I know, algorithm of http://www.itsimpl.com based on words dictionary, too. Good Luck! Jetman.

The comments to this entry are closed.



Categories