Real-World Passwords

Discussion in 'other security issues & news' started by ronjor, Dec 14, 2006.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,790
    Location:
    Texas
    Bruce Schneier
     
  2. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    Thanks for the link Ronjor, interesting read.

    On the subject of passwords, I was wondering how easy it is to create a secure password.

    I thought my windows XP account had a pretty good password. It was 12 characters long, containing letters, numbers and symbols.

    I then installed and ran Proactive Windows Security Explorer 1.10. It found my password in about 10 secs.

    I kept the same password but copied and pasted it twice to make 24 characters. Took about 10 secs to crack it.

    It was only when I copied and pasted it three times, to give 36 characters that the programme had difficulty finding it.

    So based on my little experiment, I would have to conclude that you need a password somewhere between 25 and 36 characters long.

    Does anyone know if my conclusion is anywhere near the truth?
     
  3. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    I tailor my passwords to what they protect and what they can unlock and who has access to what. For example my browser has a built in password manager, since that protects all the passwords that gets a long password 50 positions. I use the password generator in Keepass to generate a 50 position random password.
     
  4. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    That proactive password auditor was a scary little software :ouch:
    I didnt know it was so easy to retrieve my admin account password (brute force through registry):gack:
    It didnt get my user account password though (admin group). I wonder why. It actually has less letters and no numbers.
     
Loading...
Thread Status:
Not open for further replies.