How secure is your password? [Forum Game]
Post Reply
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
09-12-2012, 06:34 PM
RE: How secure is your password? [Forum Game]
Erx, no. I don't think so.

For here:
It would take a desktop PC about 7 hours to crack your password

I want to add to that:
It doesn't really matter what password you use, if it's a real hacker, it will take like 5 minutes tops to crack that one. Like once I talked to a friend of mine who is working with bigger companies, checking their network safety and such things. I told her that once my account in a game was hacked and I had changed my password to the following: ic3p5-?
She smiled at me and told me that it would take her under 5 minutes to crack that.
So whatever such websites tell you, you are not safe no matter what frigging password you use unless you have another step of security. Like gmail has a 2 step verification > pw + phone. Or I at my last employer, we had to log in on the computer with a fixed pw + otp. Many banks are doing that for internetbanking and phonebanking now, they give you an otp or a device that has an otp-function.

[Image: 69p7qx.gif]
Visit this user's website Find all posts by this user
Like Post Quote this message in a reply
09-12-2012, 07:19 PM
RE: How secure is your password? [Forum Game]
(09-12-2012 05:16 PM)Tartarus Sauce Wrote:  
(09-12-2012 05:07 PM)Vera Wrote:  Of course it is! It's on the Internet. Hence - it must be Undecided
The last time I was told that was when a friend coaxed me into clicking a link to lemonparty.
NNNOOOOOOOO!!!!!!!

See here they are, the bruises, some were self-inflicted and some showed up along the way. - JF
Find all posts by this user
Like Post Quote this message in a reply
[+] 1 user Likes Anjele's post
09-12-2012, 07:30 PM
RE: How secure is your password? [Forum Game]
Huh... I just typed A b c d e f g h i j k l m n o p q r s t u v w x y Z 0 1 2 3 4 5 6 7 8 9

And it came out to:

It would take a desktop PC about2 noventrigintillion yearsto crack your password
HIDE DETAILS
  • Length: 72 characters
  • Character Combinations: 81
  • Calculations Per Second: 4 billion
  • Possible Combinations: 257 trillion quadragintillion
That's not my password, of course but I figured it would be interesting to try out.

A single action is worth more than the words it takes to describe it.
Find all posts by this user
Like Post Quote this message in a reply
09-12-2012, 08:03 PM (This post was last modified: 09-12-2012 08:23 PM by Vosur.)
RE: How secure is your password? [Forum Game]
(09-12-2012 06:34 PM)Leela Wrote:  For here:
It would take a desktop PC about 7 hours to crack your password

I want to add to that:
It doesn't really matter what password you use, if it's a real hacker, it will take like 5 minutes tops to crack that one. Like once I talked to a friend of mine who is working with bigger companies, checking their network safety and such things. I told her that once my account in a game was hacked and I had changed my password to the following: ic3p5-?
She smiled at me and told me that it would take her under 5 minutes to crack that.
So whatever such websites tell you, you are not safe no matter what frigging password you use unless you have another step of security. Like gmail has a 2 step verification > pw + phone. Or I at my last employer, we had to log in on the computer with a fixed pw + otp. Many banks are doing that for internetbanking and phonebanking now, they give you an otp or a device that has an otp-function.
I beg to differ. Using a complex password contributes greatly to the security of your account. There are essentially two methods a hacker can use to find out your password.
  • Dictionary attack
    A dictionary attack uses a targeted technique of successively trying all the words in an exhaustive list called a dictionary (from a pre-arranged list of values). In contrast with a brute force attack, where a large proportion key space is searched systematically, a dictionary attack tries only those possibilities which are most likely to succeed, typically derived from a list of words for example a dictionary (hence the phrase dictionary attack). Generally, dictionary attacks succeed because many people have a tendency to choose passwords which are short (7 characters or fewer), single words found in dictionaries or simple, easily predicted variations on words, such as appending a digit. However these are easy to defeat. Adding a single random character in the middle can make dictionary attacks untenable.
  • Brute-force attack
    In cryptography, a brute-force attack, or exhaustive key search, is a cryptanalytic attack that can, in theory, be used against any encrypted data (except for data encrypted in an information-theoretically secure manner). Such an attack might be utilized when it is not possible to take advantage of other weaknesses in an encryption system (if any exist) that would make the task easier. It consists of systematically checking all possible keys until the correct key is found. In the worst case, this would involve traversing the entire search space.

    The key length used in the cipher determines the practical feasibility of performing a brute-force attack, with longer keys exponentially more difficult to crack than shorter ones. A cipher with a key length of N bits can be broken in a worst-case time proportional to 2N and an average time of half that. Brute-force attacks can be made less effective by obfuscating the data to be encoded, something that makes it more difficult for an attacker to recognize when he/she has cracked the code. One of the measures of the strength of an encryption system is how long it would theoretically take an attacker to mount a successful brute-force attack against it.
By generating your password using a complicated algorithm, you can render the first method null and void and the second one ineffective. Considering that it would only take seven hours to figure out your password using the brute-force method, I can safely assume that yours is neither complex, nor very uncommon. In contrast to that, it would take an average Desktop PC three sextillion (that's a three followed by 36 zeros) years to find out mine. The validity of your friend's claim depends on the password you use. If it's something like "honeybear", you can be sure that it'll take a hacker only a couple of minutes to crack your password.

To give you an example, here's a password generated using the open source program KeePass: (q(1R5aI&OYXO^'0UT_F

The reason why this doesn't guarantee you absolute safety is because a hacker has the possibility of accessing a server's database in which all passwords are stored. This does, however, only occur rarely because most popular websites have airtight security systems in place to prevent this. Absolute security is unattainable, since there is always a way to potentially bypass a safety system. And yes, this even applies if you have one consisting of two steps. It simply becomes more and more complex and time-consuming for the hacker to be successful.

More information:
http://en.wikipedia.org/wiki/Password_strength
http://en.wikipedia.org/wiki/Password_cracking
http://en.wikipedia.org/wiki/Random_password_generator

[Image: IcJnQOT.gif]
Find all posts by this user
Like Post Quote this message in a reply
[+] 3 users Like Vosur's post
09-12-2012, 10:55 PM
RE: How secure is your password? [Forum Game]
[Image: 2145svb.jpg]

Drinking Beverage

I don't talk gay, I don't walk gay, it's like people don't even know I'm gay unless I'm blowing them.
[Image: 10h27hu.jpg]
Find all posts by this user
Like Post Quote this message in a reply
10-12-2012, 04:29 AM
RE: How secure is your password? [Forum Game]
wow, k thanks vosur!

And just to play around I just tried a few things:
bottle of water = 49 Million years
mydogiscool = 10 days
longlivegeorgecarlin = 157 billion years
iam1tree,look@me = 2 trillion years

[Image: 69p7qx.gif]
Visit this user's website Find all posts by this user
Like Post Quote this message in a reply
10-12-2012, 04:31 AM
RE: How secure is your password? [Forum Game]
I think a really good password isn't so much about length and complexity as it is about obscurity. My password is short, and yet so obscure that it's not something anyone would think to type. It's just a one-word colloquialism, and yet it's not even a colloquialism native to my country. It's not something that would be obvious to even those who know me. I doubt even those in its home-region would think to try it (it wouldn't make sense to).

Through profound pain comes profound knowledge.
Ridi, Pagliaccio, sul tuo amore infranto! Ridi del duol, che t'avvelena il cor!
Visit this user's website Find all posts by this user
Like Post Quote this message in a reply
10-12-2012, 06:01 AM
RE: How secure is your password? [Forum Game]
Leela, your friend is exaggerating a bit and it all depends on the type of encryption a certain site uses. The same password can be stronger or easier to break if the system has some extra flaws, or extra protections. Vosur, good,simple info, thanx.

My password is 7 hours from breaking, but if I put only one symbol ( ? for example) on the end, it jumps to 2 years.

[Image: a6505fe8.jpg]
I have a theory that the truth is never told during the nine-to-five hours.
-Hunter S. Thompson
Find all posts by this user
Like Post Quote this message in a reply
10-12-2012, 08:52 AM
RE: How secure is your password? [Forum Game]
(10-12-2012 04:31 AM)Misanthropik Wrote:  I think a really good password isn't so much about length and complexity as it is about obscurity. My password is short, and yet so obscure that it's not something anyone would think to type.
Considering that the vast majority of hackers use the brute-force method, obscurity has little to no impact on the safety of your password. The only scenario in which your password would be more secure that way is if a hacker would try out different passwords manually.

(10-12-2012 04:29 AM)Leela Wrote:  wow, k thanks vosur!
(10-12-2012 06:01 AM)Filox Wrote:  Vosur, good,simple info, thanx.
You're welcome. Yes

[Image: IcJnQOT.gif]
Find all posts by this user
Like Post Quote this message in a reply
[+] 1 user Likes Vosur's post
Post Reply
Forum Jump: