Hard to crack but easy to remember passwords
Problem
When you're using only small letters for your password with so called "reasonable" minimum length (8 chars) many sites force you to use your password can be guessed within 34 seconds on any machine with decent graphics card.
When you replace at least one char with digit then it will take little longer, like: 8 minutes
When you replace at least one char capital letter then it will take reasonably longer, like 10 hours.
Then you can replace another char with special character like " or # or ! you will get onto another level, hacking of your encrypted password will take 12 days on "decent machine". Some people consider this reasonable enough1...
..but you're ending up with hard to remember horror like
Th!spas1
Solution
Instead you could chose 4 common words, like verse from your favorite poem, book or even random words, like:
thispasscoversit
join them together, you'll get 4 EASY TO REMEMBER words and same "decent machine" it will take 230 thousand years!2
So really, stop beating yourself to death with stupid chars in passwords and start using pass phrases!
1 well it's 12days on slow machine, when hacker has small farm with about
20 machines with newest graphics cards it will take only 8 hours ;)
2 and almost 6 thousand years on small farm described above...
You don't have to believe me, but check for yourself:
Password hash brute force hacking estimator
WARNING: password will be displayed using clear text:Slow machine = something with power of 3 bilion checks per second.
Fast machine has power of 20 bilion checks per second.
Small farm is few machines with combined power of 120 bilion checks per second.
All calculations assume that attacker guesses/knows sets of chars used:
only digits, lowercase alphabet, uppercase alphabet, special chars or whole byte.
Take action!
So every time someone forces you to use 8 to 12 characters password with at least one digit, one caps and one "special" char try to educate! File a support ticket. Force them to rethink what they're doing.
Archiwum
- Luty 2016
- Październik 2015
- Wrzesień 2015
- Lipiec 2013
- Czerwiec 2013
- Kwiecień 2013
- Marzec 2013
- Grudzień 2011
- Listopad 2011
- Lipiec 2011
- Czerwiec 2011
- Luty 2010
- Wrzesień 2009
- Marzec 2009
- Luty 2009