A Public Service Announcement: Creating Strong Passwords

The first thing is to forget passwords and think pass phrases.

In terms of preventing your passphrase from being hacked by a computer, like when password files are stolen from steam or sega, the key is length, not random mashes of letters, numbers and symbols. It takes about as long for a computer to brute force the password "73*Hnk!" as it does the word "amazing".

The key is length, and to make long passwords easy to remember you want phrases made up of words. So string 3-4 medium length words together with some capitalization, throw in a couple numbers, several special characters ( ie. * ! @ ), and make it easy for you to remember and hard for someone machine to brute force.

Like " *Milksucks66HighwayRaincoat!! "

Of course, do NOT use that example. Never use an example password from anywhere.

A good resource:
https://www.grc.com/haystack.htm

In depth security geek discussion;
http://www.schneier.com/blog/archive...tary_on_s.html

CR

one verse from the bible, no not short one, a rather long one :grin:

Just go for 1960's psychedelic rock bands; Strawberry Subway, Marshmellow Overcoat.

Or you can get a program to randomly create and keep your passwords, like this.

Quote:

---

Originally Posted by Husar

Or you can get a program to randomly create and keep your passwords, like this.

---

Password safes are a good idea as well. Here's another safe program;

Quote:

---

Many computer users today have to keep track of dozens of passwords: for network accounts, online services, premium web sites. Some write their passwords on a piece of paper, leaving their accounts vulnerable to thieves or in-house snoops. Others choose the same password for different applications, which makes life easy for intruders of all kinds.
With Password Safe, a free Windows utility designed by Bruce Schneier, users can keep their passwords securely encrypted on their computers. A single Safe Combination--just one thing to remember--unlocks them all.

---

CR

EDIT: Not needed, feel free to delete.

Lemur's disease spreads to the frontroom! ~;p

CR

Quote:

---

Originally Posted by Crazed Rabbit

Lemur's disease spreads to the frontroom! ~;p

CR

---

Yep.

To illustrate CR's point (literally). The 12 character upper/lower/number/symbol mechanism is rubbish.

That's the second Lemur in this thread.

Maybe we need a telethon.

DO NOT SPEAK HIS NAME LEST HE BE SUMMONED!

Quote:

---

Originally Posted by Lemur

DO NOT SPEAK HIS NAME LEST HE BE SUMMONED!

---

Hah!

Quote:

---

Originally Posted by Crazed Rabbit

A good resource:
https://www.grc.com/haystack.htm

---

According to this a simple 8 character password with a capital a couple digits and a symbol would take 2000 centuries to guess by an online attack...

Quote:

---

Originally Posted by Sasaki Kojiro

According to this a simple 8 character password with a capital a couple digits and a symbol would take 2000 centuries to guess by an online attack...

---

You could set your password manager to remind you to change your password after 1999 centuries.

Quote:

---

Originally Posted by Sasaki Kojiro

According to this a simple 8 character password with a capital a couple digits and a symbol would take 2000 centuries to guess by an online attack...

---

Online attacks are slow - delayed by connection speeds and refresh rates. You'll notice the offline attack cuts 2000 centuries to about 18 hours.

CR

I don't know how strong that password can stop hackers,as i experienced,even if the password characters are long and complex,it will still be cracked with some 3rd party tools.
Learn more about them (They are professional password cracking tools).
https://www.windows10passwordreset.com/
https://ophcrack.sourceforge.io/