Be Excellent To Each Other

And, you know, party on. Dude.

All times are UTC [ DST ]




Reply to topic  [ 66 posts ]  Go to page 1, 2  Next
Author Message
 Post subject: Passwords
PostPosted: Fri Apr 13, 2012 14:36 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69715
Location: Your Mum
We talked about passwords a bit the other day, but it was in the iPad thread so I didn't want to derail it further.

Anyway, this is by far the most accurate password strength tester I have ever seen: http://dl.dropbox.com/u/209/zxcvbn/test/index.html

If you're interested, this is how it works: http://tech.dropbox.com/?p=165

My hardcore password's crack times were all measured in "months", so that's good. My 'general' one that I use for things I don't really care about was 0.2 seconds so, er... That's not so good.

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 14:43 
User avatar
Comfortably Dumb

Joined: 30th Mar, 2008
Posts: 12034
Location: Sunny Stoke
Both your links are the same. Interesting stuff though - my 'strong' password is still only a 30-minute one.

_________________
Consolemad | Under Logic
Curse, the day is long
Realise you don't belong


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 14:51 
User avatar
Excellent Member

Joined: 25th Jul, 2010
Posts: 11128
Mine are predictably shite and piss easy to crack. The secret seems to be to avoid any words that appear in the English language (whether you use number swapping or not). Even just stripping the vowels from a known word seems to work wonders.

The real question is: how much does this site reflect the technqiues people really use to crack passwords? And how do we know the answer to that question?


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 14:56 
User avatar
Ticket to Ride World Champion

Joined: 18th Apr, 2008
Posts: 11897
Well, Grim... now knows half the forums' passwords for starters!

_________________
No, it was a giant robot castle!


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 14:58 
SupaMod
User avatar
"Praisebot"

Joined: 30th Mar, 2008
Posts: 17093
Location: Parts unknown
My hardcore password would take 5 months to crack apparently.

Why someone would want to spend 5 months just to read my emails is anyones guess, but still... Up to them isn't it?


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:00 
User avatar
Time Out for Fun

Joined: 30th Mar, 2008
Posts: 5039
Location: South Shields
One of my passwords has a crack time of 4 years, anyone beat that?


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:02 
User avatar
Excellent Member

Joined: 30th Mar, 2008
Posts: 5924
Location: Stockport - The Jewel in the Ring
Bobbyaro wrote:
Well, Grim... now knows half the forums' passwords for starters!


The one and only correct answer!

_________________
Mint To Be Stationery - Looking for a Secret Santa gift? Try our online shops at Mint To Be.

Book me in the Face | Tweet me. Tweet me like a British nanny.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:02 
User avatar
Time Out for Fun

Joined: 30th Mar, 2008
Posts: 5039
Location: South Shields
Runcle wrote:
One of my passwords has a crack time of 4 years, anyone beat that?


Ha I've just realised if I add a letter to the end of it, the crack time changes into centuries.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:02 
User avatar
UltraMod

Joined: 27th Mar, 2008
Posts: 55719
Location: California
That thing is great. I've generated a new password that's easy to remember that will take 97 years to crack.

_________________
I am currently under construction.
Thank you for your patience.


Image


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:02 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69715
Location: Your Mum
devilman wrote:
Both your links are the same. Interesting stuff though - my 'strong' password is still only a 30-minute one.

Oops! Fixed.

Bamba wrote:
The secret seems to be to avoid any words that appear in the English language (whether you use number swapping or not).

Nah, man. Try
Code:
My name is Bamba.

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:03 
User avatar
UltraMod

Joined: 27th Mar, 2008
Posts: 55719
Location: California
It seems to be the spaces that makes those hard to crack.

_________________
I am currently under construction.
Thank you for your patience.


Image


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:05 
User avatar

Joined: 30th Mar, 2008
Posts: 16636
Yeah, spaces or anything that isn't a letter or a number. Is it just that brute force attacks try combinations without those first or something?


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:12 
User avatar
Master of dodgy spelling....

Joined: 25th Sep, 2008
Posts: 22630
Location: shropshire, uk
my work one is measured in centuries!!

_________________
MetalAngel wrote:
Kovacs: From 'unresponsive' to 'kebab' in 3.5 seconds


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:13 
User avatar
Comfortably Dumb

Joined: 30th Mar, 2008
Posts: 12034
Location: Sunny Stoke
KovacsC wrote:
my work one is measured in centuries!!


'measured in centuries!!' was a good password, but you should probably change it now.

_________________
Consolemad | Under Logic
Curse, the day is long
Realise you don't belong


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:16 
User avatar
Excellent Member

Joined: 25th Jul, 2010
Posts: 11128
Grim... wrote:
Nah, man. Try
Code:
My name is Bamba.


As others have said, take the spaces out (and also remove 'Bamba' which isn't a real word) and the crack time drops massively. Alternatively, try flibbertygibbet.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:16 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69715
Location: Your Mum
markg wrote:
Yeah, spaces or anything that isn't a letter or a number. Is it just that brute force attacks try combinations without those first or something?

They may well do, as a load of things don't allow spaces in passwords (cunts).

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:17 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69715
Location: Your Mum
Bamba wrote:
Grim... wrote:
Nah, man. Try
Code:
My name is Bamba.


As others have said, take the spaces out (and also remove 'Bamba' which isn't a real word) and the crack time drops massively.

I, er... Well, yes. Or, to put it another way, "change the secure password to a non-secure one and it becomes less secure" ;)

Replacing the spaces and the word 'Bamba' to get something like
Code:
My.name.is.a.name
is still really good.

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:19 
User avatar
Sleepyhead

Joined: 30th Mar, 2008
Posts: 27354
Location: Kidbrooke
Mine is surprisingly good! 59 years!

Not pad considering it only has 8 characters, none of which are anything odd.

_________________
We are young despite the years
We are concern
We are hope, despite the times


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:20 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69715
Location: Your Mum
Curiosity wrote:
Not pad considering it only has 8 characters, none of which are anything odd.

Obv. pad is three characters.

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:20 
8-Bit Champion
User avatar
Two heads are better than one

Joined: 16th Apr, 2008
Posts: 14517
password: correcthorsebatterystaple
entropy: 45.212
crack time (seconds): 2037200406.475
crack time (display): 65 years

I wonder how many passwords in systems are now that :-)


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:21 
User avatar
Sleepyhead

Joined: 30th Mar, 2008
Posts: 27354
Location: Kidbrooke
Grim... wrote:
Curiosity wrote:
Not pad considering it only has 8 characters, none of which are anything odd.

Obv. pad is three characters.


Whatevs

_________________
We are young despite the years
We are concern
We are hope, despite the times


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:24 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69715
Location: Your Mum
zaphod79 wrote:
password: correcthorsebatterystaple
entropy: 45.212
crack time (seconds): 2037200406.475
crack time (display): 65 years

I wonder how many passwords in systems are now that :-)

Enough to assume it's a dictionary word by now.

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:34 
Filthy Junkie Bitch

Joined: 17th Dec, 2008
Posts: 8293
Centuries, motherfuckers. No Cap changes, no words, no spaces.

I fucking rock. Apple can go fuck themselves.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:34 
User avatar
Skillmeister

Joined: 27th Mar, 2008
Posts: 27023
Location: Felelagedge Wedgebarge, The River Tib
Passwords are things on a computer.

_________________
Washing Machine: Fine. Kettle: Needs De-scaling. Shower: Brand new. Boiler: Fine.
Archimedes Hotdog Rhubarb Niner Zero Niner.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:35 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69715
Location: Your Mum
Dimrill wrote:
Passwords are things on a computer.

4,329,143,000 years!

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:36 
User avatar
Beloved member

Joined: 23rd Nov, 2008
Posts: 674
password: boiledvimtoflattoptwopoundsamonth
entropy: 73.001
crack time (seconds): 472663088655908860
crack time (display): centuries

:attitude:


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:36 
8-Bit Champion
User avatar
Two heads are better than one

Joined: 16th Apr, 2008
Posts: 14517
Grim... wrote:
Dimrill wrote:
Passwords are things on a computer.

4,329,143,000 years!


password: 4,329,143,000 years!
entropy: 62.886
crack time (seconds): 426159280464937.9
crack time (display): centuries
score from 0 to 4: 4
calculation time (ms): 55


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:37 
User avatar

Joined: 30th Mar, 2008
Posts: 16636
p a s s w o r d

Is good for centuries too apparently.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:37 
User avatar
Hibernating Druid

Joined: 27th Mar, 2008
Posts: 49358
Location: Standing on your mother's Porsche
|-|0t35tc|-|1|1|/\†|-|\/\/0®|∂

_________________
SD&DG Illustrated! Behance Bleep Bloop

'Not without talent but dragged down by bass turgidity'


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:39 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69715
Location: Your Mum
Zardoz wrote:
|-|0t35tc|-|1|1|/\†|-|\/\/0®|∂

It's a great password from a security point of view, but you'd kill yourself trying to remember it.

Or write it down, rendering it fairly useless.

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:44 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69715
Location: Your Mum
TheVision wrote:
Why someone would want to spend 5 months just to read my emails is anyones guess, but still... Up to them isn't it?

Just saw this - the reason they'll spend a lot of time trying to get into your emails is because they can reset pretty much all your other passwords once they've done so.

Or because they're Sky news, and they think you've done something bad.

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:45 
User avatar
Beloved member

Joined: 23rd Nov, 2008
Posts: 674
Grim... wrote:
Zardoz wrote:
|-|0t35tc|-|1|1|/\†|-|\/\/0®|∂

It's a great password from a security point of view, but you'd kill yourself trying to remember it.

Or write it down, rendering it fairly useless.

Writing it down wouldn't be too bad in certain circumstances - most people wouldn't have the vaguest clue how to get those symbols from a computer keyboard.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:49 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69715
Location: Your Mum
Hero of Excellence wrote:
Grim... wrote:
Zardoz wrote:
|-|0t35tc|-|1|1|/\†|-|\/\/0®|∂

It's a great password from a security point of view, but you'd kill yourself trying to remember it.

Or write it down, rendering it fairly useless.

Writing it down wouldn't be too bad in certain circumstances - most people wouldn't have the vaguest clue how to get those symbols from a computer keyboard.

That's true - plus you could write it down in "English".

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:50 
8-Bit Champion
User avatar
Two heads are better than one

Joined: 16th Apr, 2008
Posts: 14517
Grim... wrote:
TheVision wrote:
Why someone would want to spend 5 months just to read my emails is anyones guess, but still... Up to them isn't it?

Just saw this - the reason they'll spend a lot of time trying to get into your emails is because they can reset pretty much all your other passwords once they've done so.

Or because they're Sky news, and they think your hot.


FTFY


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:53 
User avatar
Hibernating Druid

Joined: 27th Mar, 2008
Posts: 49358
Location: Standing on your mother's Porsche
Grim... wrote:
Zardoz wrote:
|-|0t35tc|-|1|1|/\†|-|\/\/0®|∂

It's a great password from a security point of view, but you'd kill yourself trying to remember it.

|-|/\/\/\/\ 1 ∂0/\† |</\0\/\/, 1 †3/\∂ †0 \/53 †|-|3 5/\/\/\3 ç|-|/\®5 \/\/|-|3/\ 13375P3/\|<1/\G.

_________________
SD&DG Illustrated! Behance Bleep Bloop

'Not without talent but dragged down by bass turgidity'


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 15:56 
User avatar
Excellently Membered

Joined: 30th Mar, 2008
Posts: 1268
Location: Behind you!
Try however using that password on something as simple as a US keyboard. Stupid \ in the wrong place *mummble grummble*


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 16:08 
SupaMod
User avatar
"Praisebot"

Joined: 30th Mar, 2008
Posts: 17093
Location: Parts unknown
zaphod79 wrote:
Grim... wrote:
TheVision wrote:
Why someone would want to spend 5 months just to read my emails is anyones guess, but still... Up to them isn't it?

Just saw this - the reason they'll spend a lot of time trying to get into your emails is because they can reset pretty much all your other passwords once they've done so.

Or because they're Sky news, and they think your hot.


FTFY


My hot what?


Top
 Profile  
 
 Post subject: Passwords
PostPosted: Fri Apr 13, 2012 16:11 
User avatar
Part physicist, part WARLORD

Joined: 2nd Apr, 2008
Posts: 13421
Location: Chester, UK
Grim... wrote:
TheVision wrote:
Why someone would want to spend 5 months just to read my emails is anyones guess, but still... Up to them isn't it?

Just saw this - the reason they'll spend a lot of time trying to get into your emails is because they can reset pretty much all your other passwords once they've done so.

Or because they're Sky news, and they think you've done something bad.


*Hugs Google’s two-step logins*

My standard-but-slightly-varying-depending-on-the-site thirteen-character password would take centuries, supposedly. That’ll do.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 17:19 
User avatar
Noob as of 6/8/10

Joined: 6th Aug, 2010
Posts: 5579
Location: , Location, Location.
:this:


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 19:49 
User avatar
Goth

Joined: 31st Mar, 2008
Posts: 3742
My passwords generally take months. Apart from my amazon one which takes centuries.

_________________
Image


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Fri Apr 13, 2012 20:19 
User avatar
Rude Belittler

Joined: 30th Mar, 2008
Posts: 5016
It proves what XKCD said about passwords

"rowdy roddy piper at the gates of dawn"

is way more secure than

"3fg£cgh"

and is also easier to remember.

eta: https://xkcd.com/936/


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Sat Apr 14, 2012 7:50 
User avatar

Joined: 31st Mar, 2008
Posts: 8655
My work one would take centuries, but only because I stuck a 1 on the end when I had to change it. Before that it was only 38 years.

Some of my other passwords have crack times in seconds, or in some cases "instant" :'(


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Sat Apr 14, 2012 20:48 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69715
Location: Your Mum
Malabelm wrote:
*Hugs Google’s two-step logins*

Their what?

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Sat Apr 14, 2012 21:02 
Filthy Junkie Bitch

Joined: 17th Dec, 2008
Posts: 8293
Effectively, an rsa key app on your phone which runs alongside your password for any new login location.


Top
 Profile  
 
 Post subject: Passwords
PostPosted: Sun Apr 15, 2012 14:32 
User avatar
Part physicist, part WARLORD

Joined: 2nd Apr, 2008
Posts: 13421
Location: Chester, UK
Grim... wrote:
Malabelm wrote:
*Hugs Google’s two-step logins*

Their what?


You put your password in, they send a code to you via SMS to log in. If anything doesn’t support logging in that way, you can generate an app-specific password for it. It’s quite effective, but obviously more hassle.


Top
 Profile  
 
 Post subject: Passwords
PostPosted: Sun Apr 15, 2012 14:33 
User avatar
Part physicist, part WARLORD

Joined: 2nd Apr, 2008
Posts: 13421
Location: Chester, UK
http://support.google.com/accounts/bin/ ... wer=180744


Top
 Profile  
 
 Post subject: Passwords
PostPosted: Wed Apr 18, 2012 8:57 
User avatar
Part physicist, part WARLORD

Joined: 2nd Apr, 2008
Posts: 13421
Location: Chester, UK
Aha, Jeff Atwood has just blogged about this two-step lark: http://www.codinghorror.com/blog/2012/0 ... proof.html


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Wed Apr 18, 2012 9:06 
User avatar
Master of dodgy spelling....

Joined: 25th Sep, 2008
Posts: 22630
Location: shropshire, uk
I have started changing all my passwords..

_________________
MetalAngel wrote:
Kovacs: From 'unresponsive' to 'kebab' in 3.5 seconds


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Wed Apr 18, 2012 10:11 
User avatar
Legendary Boogeyman

Joined: 22nd Dec, 2010
Posts: 8175
My shit passwords for stuff I don't care about are instantly breakable. My better ones for important stuff are measured in tens of years. Interesting stuff to know though.

God help anyone that uses the same password for everything.

_________________
Mr Kissyfur wrote:
Pretty much everyone agrees with Gnomes, really, it's just some are too right on to admit it. :)


Top
 Profile  
 
 Post subject: Re: Passwords
PostPosted: Wed Apr 18, 2012 10:42 
User avatar
Excellent Member

Joined: 30th Mar, 2008
Posts: 5924
Location: Stockport - The Jewel in the Ring
ElephantBanjoGnome wrote:
God help anyone that uses the same password for everything.


This is why I get very twitchy when asked to sign in to some site using my Facebook, Twitter or Google account.

_________________
Mint To Be Stationery - Looking for a Secret Santa gift? Try our online shops at Mint To Be.

Book me in the Face | Tweet me. Tweet me like a British nanny.


Top
 Profile  
 
Display posts from previous:  Sort by  
Reply to topic  [ 66 posts ]  Go to page 1, 2  Next

All times are UTC [ DST ]


Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search within this thread:
You are using the 'Ted' forum. Bill doesn't really exist any more. Bogus!
Want to help out with the hosting / advertising costs? That's very nice of you.
Are you on a mobile phone? Try http://beex.co.uk/m/
RIP, Owen. RIP, MrC. RIP, Dimmers.

Powered by a very Grim... version of phpBB © 2000, 2002, 2005, 2007 phpBB Group.