Hamumu Forum

Hamumu Forum (http://hamumu.com/forum/index.php)
-   General Blabber (http://hamumu.com/forum/forumdisplay.php?f=36)
-   -   Password strength (http://hamumu.com/forum/showthread.php?t=23396)

fourwind 11-10-2011 07:35 PM

Password strength
 
Hey everyone, I'm here to clear up a couple things about password strength that have recently been brought up (Steam hack anyone?).

Lets take a look at password strength with this informative comic.



This person has grossly underestimated password strength. No matter how short and easy to remember your password is, if it takes at least 100 years to brute force you should be safe. Also he miscalculated password cracking time...

Granted, correcthorsebatterystaple takes 75,080,000,000,000,000,000,000 years to crack at 100,000 passwords a second, but do you REALLY NEED that kind of protection?

Here is an easy to remember password:
Monkeybread1
Now, this is two simple words that could easily be guess by a human. Except for the capital letter and number, which make that a mind numbing impossibility.
Now how long does it take a computer to brute force this password at 100,000 passwords a second?

155 million years.
How long does the average human live? 67 years.

I rest my case. No matter how long your password is, short passwords with a slight anomaly (Capital letter, number, symbol) are still far beyond safe.
It's also easier to type.

SpaceManiac 11-10-2011 08:05 PM

Re: Password strength
 
Except until you realize that brute force is worst-case. Clever password guessers check for combinations of dictionary words and numbers just like that kind of password.

Julian 11-10-2011 09:46 PM

Re: Password strength
 
I use passwords like this:

Zh6py5j$RJgXgFCM

That's not an actual password I use, but it's a good example. It's completely random and long enough to not be worth cracking.

(I actually have 3 of these memorized, one for physical access to my computers, one for my Lastpass acount, and one for my flash drive that used to store my Sesame authenticator for Lastpass. Now I use Google Authenticator though, so that last one will leave my head soon :p Other than those 3 passwords, Lastpass has everything. A unique, random password for each site I use.)

OurEminentDoomsayer 11-11-2011 12:42 AM

Re: Password strength
 
I use leet-speek and punctuation. It's the best of both worlds.

Pewskeepski 11-11-2011 11:45 AM

Re: Password strength
 
I just use a weird sounding word that's not real. I did that with my username too :)

Boneheads 11-11-2011 01:58 PM

Re: Password strength
 
I have a password like:

gargle or gargle123 on all websites except Hamumu.

On hamumu, my password is just 2 commonly used words. Like:

danceextremely

Megadog 11-11-2011 02:02 PM

Re: Password strength
 
I don't care about password strength, I'm not worth hacking.

Mr.Onion 11-11-2011 04:57 PM

Re: Password strength
 
The weakest link is between the keyboard and the chair.

Pumpkineater 11-11-2011 05:02 PM

Re: Password strength
 
Quote:

Originally Posted by Mr.Onion (Post 328567)
The weakest link is between the keyboard and the chair.

Woah dude, that's deep.


All times are GMT -7. The time now is 02:22 AM.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2017, vBulletin Solutions Inc.