|
How secure is your password?
|
|
The following comments relate to this news article:
article published on 7 February, 2011
BusinessWeek has posted a nice concise report on how secure most passwords are, and how long it takes even hackers to guess it.
As it has been for years, the most popular password is "123456," followed by "password," "12345678," "qwerty," and "abc123."
The following is how long it takes for a hacker to randomly guess your password:
Length: 6 characters
Lowercase: 10 minutes
... [ read the full article ]
Please read the original article before posting your comments.
|
Junior Member
|
8. February 2011 @ 00:03 |
Link to this message
|
|
oookaaay
|
|
Advertisement
|
|
|
|
Member
|
8. February 2011 @ 01:45 |
Link to this message
|
|
makes sense with all the website requiring one nowadays
|
|
NeoandGeo
Member
|
8. February 2011 @ 06:24 |
Link to this message
|
|
Although many wouldn't agree. All password systems need to be equipped with a 5 try limit, before locking the login.
|
|
Clam_Up
Junior Member
|
8. February 2011 @ 06:47 |
Link to this message
|
|
I've been using the same passwords for almost 30 years and have never had one guessed/hacked.
I certainly don't buy the 10 minutes for even a simple six character password. Sounds like somebody has used poor test passwords for their research.
|
Senior Member
|
8. February 2011 @ 07:44 |
Link to this message
|
Originally posted by Clam_Up:
I've been using the same passwords for almost 30 years and have never had one guessed/hacked.
I certainly don't buy the 10 minutes for even a simple six character password. Sounds like somebody has used poor test passwords for their research.
it would depend who is trying to crack the password.a professional hacker will crack a 9digit password in minutes.an average computer users might take longer than 10mins for 6digit passwords.I had a password on the schools computer network(years ago) that heaps of kids tryed to crack no one succeeded.my hotmails been hacked once but i kinda suspect i left myself logged in on a public library computer.
custom built gaming pc from early 2010,ps2 with 15 games all original,ps3 500gbs with 5 games all original,yamaha amp and 5.1channel surround sound speakers,46inch sony lcd smart tv.
|
Senior Member
2 product reviews
|
8. February 2011 @ 07:52 |
Link to this message
|
Quote:
As it has been for years, the most popular password is "123456,"
My first Password! wayy back in 1997! Good ole days...eagerly waiting to read cheap viagra spam e-mails!
:/
|
|
Mysttic
Senior Member
|
8. February 2011 @ 08:39 |
Link to this message
|
|
My password has always been 13 characters mixed Cap/small letters, numbers and symbols for important stuff, and 8 mixed the same way for stuff that is trivial.
If a hacker gets my password the way I see it, they deserve it; but most hackers don't even care. I have no information anyone would want, and there are bigger fish to target if they are looking for $.
Should people use a bigger password, not necessarily, but should they use a stronger password; definitely. Unfortunately they usually can't remember complicated stuff, not even if they leave it on paper to attempt memorizing it, thus there will always be "password, 1234..., qwerty," and other simple passwords.
|
Senior Member
|
8. February 2011 @ 14:46 |
Link to this message
|
|
What should be mentioned is how many people will use a good password at their bank... then have a crappy password on their email account.
Your email account is arguably the most important one in need of a good password since most places will let you reset a password if you know the email account.
Also, I think many people use the Easy password for one time or unimportant logins and hard password for important stuff, but will frequently use the same password at many places.
Oh, Im sorry... Did the middle of my sentence interrupt the beginning of yours?
|
|
lissenup2
Suspended permanently
|
8. February 2011 @ 16:00 |
Link to this message
|
|
And this is new news??????
Anyone not living under a rock with half a brain knows that most people are nincompoops when using passwords. Attention people................8 digits, alpha numeric at the very LEAST.
When will humanity learn and wisen up?
|
|
lissenup2
Suspended permanently
|
8. February 2011 @ 16:04 |
Link to this message
|
Originally posted by Mysttic:
My password has always been 13 characters mixed Cap/small letters, numbers and symbols for important stuff, and 8 mixed the same way for stuff that is trivial.
If a hacker gets my password the way I see it, they deserve it; but most hackers don't even care. I have no information anyone would want, and there are bigger fish to target if they are looking for $.
Should people use a bigger password, not necessarily, but should they use a stronger password; definitely. Unfortunately they usually can't remember complicated stuff, not even if they leave it on paper to attempt memorizing it, thus there will always be "password, 1234..., qwerty," and other simple passwords.
And hence why hackers don't target people like you. Hackers target people they deem worth profiling. Maybe the CEO of a specific corp or the Pilot of certain planes to/from certain countries, philanthropists, etc.
So if you're so certain that no one cares about stealing your information, then why not just shorten your password and be done with it Hmmmmm?
|
|
lissenup2
Suspended permanently
|
8. February 2011 @ 16:06 |
Link to this message
|
Originally posted by Mysttic:
My password has always been 13 characters mixed Cap/small letters, numbers and symbols for important stuff, and 8 mixed the same way for stuff that is trivial.
If a hacker gets my password the way I see it, they deserve it; but most hackers don't even care. I have no information anyone would want, and there are bigger fish to target if they are looking for $.
Should people use a bigger password, not necessarily, but should they use a stronger password; definitely. Unfortunately they usually can't remember complicated stuff, not even if they leave it on paper to attempt memorizing it, thus there will always be "password, 1234..., qwerty," and other simple passwords.
And hence why hackers don't target people like you. Hackers target people they deem worth profiling. Maybe the CEO of a specific corp or the Pilot of certain planes to/from certain countries, philanthropists, etc.
So if you're so certain that no one cares about stealing your information, then why not just shorten your password and be done with it Hmmmmm?
|
|
wiimatrix
Junior Member
|
8. February 2011 @ 16:10 |
Link to this message
|
|
And yor password is the frist line of defence??.May have a "top password" but if that keylogger/trojan has not been picked up on........
Layered approach to security.
|
|
Xian
Senior Member
|
8. February 2011 @ 16:23 |
Link to this message
|
Quote:
As it has been for years, the most popular password is "123456,"
Wow! That's the same password that's on my luggage...
/Spaceballs
|
|
Mysttic
Senior Member
|
8. February 2011 @ 17:26 |
Link to this message
|
Quote:
So if you're so certain that no one cares about stealing your information, then why not just shorten your password and be done with it Hmmmmm?
Because these are passwords I created almost 20 years ago, they've all been memorized and they grow on me. Chances are if someone found out one of my accounts they nailed 3 - 5 others. To make a long answer short, it is called familiarity. Most people who use short passwords can't think of something familiar to them that no one else would guess.
|
|
Xian
Senior Member
|
8. February 2011 @ 19:20 |
Link to this message
|
|
I tend to make my passwords with a mnemonic. It would look like nonsense to most people, but if you know the phrase it's easy to remember.
Ilt$0nitm
I love the smell of napalm in the morning
Movie quotes, song lyrics, or other easily remembered phrases works for me.
I have several sets of passwords - one set for online banking and financial stuff that I NEVER use anywhere else. Another for online forums and stuff that if it gets hacked, nothing of value will be lost. A different one for email, and so on.
|
|
Mysttic
Senior Member
|
8. February 2011 @ 20:29 |
Link to this message
|
|
I love that man that was sweet. I love the smell of napalm in the morning, hell yea. lol.
|
|
baglobal
Newbie
|
9. February 2011 @ 07:14 |
Link to this message
|
To create a secure password that is easy for you to remember, follow these simple steps: ... Mix different character types. You can make a password much more secure by mixing different types of characters. Use some uppercase letters along with lowercase letters, numbers and even special characters such as '&' or '%'. I am definitely sure that will be help you.
-------------------------------------------------------------
accounting service
register a company UK
setting up a limited company
|
Senior Member
2 product reviews
|
9. February 2011 @ 11:11 |
Link to this message
|
Originally posted by baglobal:
To create a secure password that is easy for you to remember, follow these simple steps: ... Mix different character types. You can make a password much more secure by mixing different types of characters. Use some uppercase letters along with lowercase letters, numbers and even special characters such as '&' or '%'. I am definitely sure that will be help you.
-------------------------------------------------------------
accounting service
register a company UK
setting up a limited company
And what a PAIN IN A** would it be to keep typing that over and over!
:/
|
Senior Member
2 product reviews
|
10. February 2011 @ 02:28 |
Link to this message
|
You could just use KeyPass:
http://keepass.info/
I use it and my primary password (the one on the account) is over ten characters with symbols, numbers and mixed upper-and-lower case letters.
Sure, if you crack it you have all my other passwords/logins but since it generates unique passwords for each service you use it with one compromised account means almost nothing.
"The only people who should buy Monster cable are people who light cigars with Benjamins." - Gizmodo
|
|
alewis
Junior Member
|
11. February 2011 @ 07:59 |
Link to this message
|
|
For years, the most common password in the Corps of Royal Engineers was "house*magnet". I taught infosec, and most of the "students" were Officers (graduate level education then two years at Sandhurst). I would highlight the requirement for easily memorable but difficult-to-guess passwords, using two common words separated by a character, and use 'house*magnet' as an example - but cautioning them to use something else. Students would diligently take notes, writing down the example.. and then using it in "real life. Later, when we engaged in "difficult data retrieval", you can guess the first pwd I would try, and more often than not succeed with. Officers.. like lighthouses in the desert... bright, but f***ing useless ;-)
What really made me laugh was that I had snitched that example from a book I'd read *years* earlier, in the mid-80's!
A historical perspective. See if you can find Hugo Cornwall's "Hackers Handbook" 4th Ed. read the preface. He talks about not overtly worrying about putting passwords in the book, as "they were bound to be changed by publication". Nope. Nor by the 2nd edition, nor the 3rd... even by the 4th Edition most of the passwords were *still* unchanged. And this was back in 1985-1990, when "hacking" was a hot subject.
PiLGRi/\/\
|
|
ps355528
Senior Member
|
4. March 2011 @ 06:36 |
Link to this message
|
|
Senior Member
|
17. March 2011 @ 07:20 |
Link to this message
|
|
LOL, that was a good cartoon, saw many today this one stood out.
|
|
alewis
Junior Member
|
29. June 2011 @ 06:41 |
Link to this message
|
Originally posted by Unidentified:
Originally posted by Clam_Up:
I've been using the same passwords for almost 30 years and have never had one guessed/hacked.
I certainly don't buy the 10 minutes for even a simple six character password. Sounds like somebody has used poor test passwords for their research.
As a hacker myself, cracking a 6 digit pass will probably take a lot less then 10 minutes. Maybe 5 at max if it's simple. Using a known brute-force tool or one I made myself, I can easily crack a 6 digit pass.
Think of it like this...I can test about 103,000 password combinations per second. In a minute, that's approximately 6.1 million passes. Add in some symbols and it will take longer, but not more then a few days or so. It's also based on the experience of the hacker. I'll make short work of you 6 digit pass ;)
Go on then.. you have three attempts to guess/crack my 6 digit password... then you get locked out, and require a password reset.
So, please.. be my guest. whats my password?
|
|
Advertisement
|
|
|
|
Jeffrey_P
Senior Member
|
29. June 2011 @ 09:43 |
Link to this message
|
|
Took a class when I was an Engineer at Stanford.
It took seconds to generate 100,000 passwords. That was in the early 1990's.
So to the guy who has 30 years under his belt, maybe nobody has wanted your password in the first place. If somebody does and they have the skills you are dead meat.
Jeff
|
