Hamumu Software Hamumu Software Hamumu Software
Name
Password Register
Latest Journal update: Oct 16, 2017
Old 11-10-2011, 07:35 PM   #1
fourwind
Lord of Blobs
 
fourwind's Avatar
 
Join Date: Apr 2008
Location: The Sunny meadows asylum.
Posts: 319
Default Password strength

Hey everyone, I'm here to clear up a couple things about password strength that have recently been brought up (Steam hack anyone?).

Lets take a look at password strength with this informative comic.



This person has grossly underestimated password strength. No matter how short and easy to remember your password is, if it takes at least 100 years to brute force you should be safe. Also he miscalculated password cracking time...

Granted, correcthorsebatterystaple takes 75,080,000,000,000,000,000,000 years to crack at 100,000 passwords a second, but do you REALLY NEED that kind of protection?

Here is an easy to remember password:
Monkeybread1
Now, this is two simple words that could easily be guess by a human. Except for the capital letter and number, which make that a mind numbing impossibility.
Now how long does it take a computer to brute force this password at 100,000 passwords a second?

155 million years.
How long does the average human live? 67 years.

I rest my case. No matter how long your password is, short passwords with a slight anomaly (Capital letter, number, symbol) are still far beyond safe.
It's also easier to type.
__________________
Fourwind


Last edited by fourwind; 11-10-2011 at 07:35 PM.
fourwind is offline   Reply With Quote
Old 11-10-2011, 08:05 PM   #2
SpaceManiac
Veteran Programmer
 
SpaceManiac's Avatar
 
Join Date: Oct 2007
Posts: 3,075
Default Re: Password strength

Except until you realize that brute force is worst-case. Clever password guessers check for combinations of dictionary words and numbers just like that kind of password.
SpaceManiac is offline   Reply With Quote
Old 11-10-2011, 09:46 PM   #3
Julian
Is a ninja
 
Julian's Avatar
 
Join Date: Aug 2005
Location: http://www.nationstates.net/dordinal
Posts: 3,077
Send a message via MSN to Julian
Default Re: Password strength

I use passwords like this:

Zh6py5j$RJgXgFCM

That's not an actual password I use, but it's a good example. It's completely random and long enough to not be worth cracking.

(I actually have 3 of these memorized, one for physical access to my computers, one for my Lastpass acount, and one for my flash drive that used to store my Sesame authenticator for Lastpass. Now I use Google Authenticator though, so that last one will leave my head soon Other than those 3 passwords, Lastpass has everything. A unique, random password for each site I use.)
Julian is offline   Reply With Quote
Old 11-11-2011, 12:42 AM   #4
OurEminentDoomsayer
Inanimate Carbon Rod
 
OurEminentDoomsayer's Avatar
 
Join Date: Oct 2010
Location: Alabama
Posts: 101
Default Re: Password strength

I use leet-speek and punctuation. It's the best of both worlds.
OurEminentDoomsayer is offline   Reply With Quote
Old 11-11-2011, 11:45 AM   #5
Pewskeepski
Peanut Gallery
 
Pewskeepski's Avatar
 
Join Date: Feb 2010
Location: A deep, dark, icy dungeon beneath Antarctica!
Posts: 1,269
Default Re: Password strength

I just use a weird sounding word that's not real. I did that with my username too
__________________
There is no such thing as a stupid idea.
Pewskeepski is offline   Reply With Quote
Old 11-11-2011, 01:58 PM   #6
Boneheads
King of the Boneheads
 
Boneheads's Avatar
 
Join Date: Apr 2009
Location: Utah, United States
Posts: 1,249
Default Re: Password strength

I have a password like:

gargle or gargle123 on all websites except Hamumu.

On hamumu, my password is just 2 commonly used words. Like:

danceextremely
__________________
Website
Boneheads is offline   Reply With Quote
Old 11-11-2011, 02:02 PM   #7
Megadog
The Demagogue
 
Megadog's Avatar
 
Join Date: Jun 2007
Location: At home duhhh!
Posts: 2,416
Default Re: Password strength

I don't care about password strength, I'm not worth hacking.
__________________
Back to the roots: Lets put the Hamumu back into Hamumu Forums!
Megadog is offline   Reply With Quote
Old 11-11-2011, 04:57 PM   #8
Mr.Onion
Evil, random-voting vegetable
 
Mr.Onion's Avatar
 
Join Date: Mar 2005
Location: Down at the shore where there's no-one vacationing.
Posts: 4,862
Default Re: Password strength

The weakest link is between the keyboard and the chair.
__________________
Mr.Onion is offline   Reply With Quote
Old 11-11-2011, 05:02 PM   #9
Pumpkineater
Sonic Rainboom!
 
Pumpkineater's Avatar
 
Join Date: Jan 2008
Location: Greece
Posts: 1,385
Default Re: Password strength

Quote:
Originally Posted by Mr.Onion View Post
The weakest link is between the keyboard and the chair.
Woah dude, that's deep.

Last edited by Pumpkineater; 11-11-2011 at 05:02 PM. Reason: garmmar
Pumpkineater is offline   Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Need help changing password HumanTurkey General Blabber 4 08-12-2010 12:19 AM


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2017, vBulletin Solutions Inc.
Site Map
Copyright 2017, Hamumu Games Inc.