AndroidTutor2018- Conventional wisdom has it that passwords should be long, alphanumeric and, most importantly, need to be changed on a regular basis. In fact, as many of you already know, companies require their employees to change their passwords at regular intervals for security purposes. As it turns out, much of what we believe in when it comes to password security isn't necessarily true, as several researchers and studies have recently pointed out. The science may be complex, but we've boiled it down so that you can find out how to generate an “uncrackable” password.
It has become a common practice for websites to evaluate your passwords on a scale from weak to strong. Based on the algorithms used by websites such as Facebook and Twitter, alphanumeric passwords get the highest “security” rating. As developer Cameron Morris managed to discover, however, a lot of these supposedly safe passwords can be hacked by an amateur in less than one day. If you take an alphanumeric password such as “34Lakers56” named after your favorite basketball, it may pass the Facebook strength test, but leaves you totally exposed to outside attacks.
Solution?
Morris completely redefines the concept of password strength. Instead of judging the value of a password on a relative scale, Morris developed an analytical tool that could determine how much time it would hypothetically take to crack your password.
Using his Passfault Analyzer (a tool which I rurge all of you to try out), you'll encounter some surprising results. Turns out my favorite password (which I use to guard my WiFi connection) could be cracked in just 3 days, whereas it would take several months to decode my childhood password which is a made-up word (apparently, baby words work great as passwords!). Obviously, we would all like to have passwords that would take at least a billion years to crack.
You may not like to hear this, but truly secure passwords need to be long, really, long, like anything from 20 to 30 symbols. More importantly, your password should not include any words that can be found in the dictionary. Generating a cryptic alphanumeric password devoid of words may be a difficult endeavor, especially when you have to memorize the bloody thing.
So as a recent Carnegie-Mellon study suggests, once you've found a password that would take lightyears to crack – stick to it. Changing your password actually undermines your security and you can't be expected to memorize a random set of characters every three months. Then we start writing these passwords down on bits of paper– and it's a downward slope from there on in terms of security. That's why it's essential to memorize one or two bulletproof passwords and test them with the Passfault Analyzer tool. Can't think of a good “uncrackable” password? Here's a good tutorial video on how to come up with the perfect password and leave the hackers biting their nails:
How did you fare in the Passfault test? Did your passwords turn out to be as safe as you thought? Share your thoughts in the comments!
Source: Naked Security
Share on Facebook Tweet on Twitter Share on Google+
More from the web
These 8 Supplements Will Strengthen And Grow Your PhysiqueBodybuilding.com
New Law Allows You To Be Certified To Carry Concealed Online!National Concealed
Can Amazing Home Décor Be Affordable? Check This OutWayfair
Here’s Why Guys Are Obsessed With This Underwear…The Weekly Brief | Mack Weldon
by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links More from the web
These 8 Supplements Will Strengthen And Grow Your PhysiqueBodybuilding.com
New Law Allows You To Be Certified To Carry Concealed Online!National Concealed
Can Amazing Home Décor Be Affordable? Check This OutWayfair
Here’s Why Guys Are Obsessed With This Underwear…The Weekly Brief | Mack Weldon
by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links
11 comments
Write a comment!
Write new comment:
SubmitCancel
7 Sean Foster May 28, 2012 Link to comment
How to miss the point!
They aren't attempting to predicted computing power of the future or how big evil hackers bot net is, but provide a useful security diagnostic tool by providing a quantifiable value to the strength of your password.
Yes it's for a given strength of attack and encryption, but so are any of these assessments. This does highlight the flaws of some "strong " passwords that rely on dictionary words and numbers.
I for one found it useful and will use it to guage the RELATIVE strength of future passwords. My new wifi password being 25 centuries :-)
0
Reply
3 Guest Account May 27, 2012 Link to comment
Wow... this tool can tell how many years it would take to crack my password?
It's knows exactly how much computing power we will have 10 years from now???
It's also knows if I'm use 100 networked computers... or 25,000... to do the cracking????
0
Reply
3 Guest Account May 27, 2012 Link to comment
> They basically use these programs to guess the password by completing thousands of combinations per second.
That's pretty impressive. My account only allows 1 guess every 30 secs (at most).
To do even 100,000 guesses would take far longer than 100 seconds.
0
Reply
3 Guest Account May 27, 2012 Link to comment
> once you've found a password that would take lightyears to crack
Huh? No one at androidpit knows what a "light-year" is? It's a measurement of *DISTANCE*... not of time.
Ugh.
0
Reply
20 Jeremiah May 26, 2012 Link to comment
Their method of trying thousands of combinayions per second will not work for most websites like google who suspend your login after a few failed attempts. Your wifi connection on the other hand I can see someone hacking at it for a few days.
I use an app called mSecure to keep track of my passwords.
0
Reply
15 Ti Mo May 25, 2012 Link to comment
Or is it you who is the hacker... You made the website and now know every password we typed in there :O
:P
0
Reply
17 Yan Matusevich May 25, 2012 Link to comment
Here is a good overview on how they do it: http://en.wikipedia.org/wiki/Brute-force_attack
They basically use these programs to guess the password by completing thousands of combinations per second.
0
Reply
15 Ti Mo May 25, 2012 Link to comment
Like how do you hack a password anyways? I mean I don't wanna have a detailed explanation but rather a quick overview cause I have like no idea how they'd do it lol
0
Reply
17 Yan Matusevich May 25, 2012 Link to comment
It is definitely a sobering test. Just changed all my passwords to be on the safe side so that hackers can spend quatrillion years trying to hack it.
0
Reply
15 Ti Mo May 25, 2012 Link to comment
Yeah made a new one. Time: 1 year and ten months. And good memorable for me :D
0
Reply
15 Ti Mo May 25, 2012 Link to comment
Lol my fb and WLAN access password is cracked in 2 days, my Google password in less than a day Oo
0
Reply
Write a comment!
It has become a common practice for websites to evaluate your passwords on a scale from weak to strong. Based on the algorithms used by websites such as Facebook and Twitter, alphanumeric passwords get the highest “security” rating. As developer Cameron Morris managed to discover, however, a lot of these supposedly safe passwords can be hacked by an amateur in less than one day. If you take an alphanumeric password such as “34Lakers56” named after your favorite basketball, it may pass the Facebook strength test, but leaves you totally exposed to outside attacks.
Solution?
Morris completely redefines the concept of password strength. Instead of judging the value of a password on a relative scale, Morris developed an analytical tool that could determine how much time it would hypothetically take to crack your password.
Using his Passfault Analyzer (a tool which I rurge all of you to try out), you'll encounter some surprising results. Turns out my favorite password (which I use to guard my WiFi connection) could be cracked in just 3 days, whereas it would take several months to decode my childhood password which is a made-up word (apparently, baby words work great as passwords!). Obviously, we would all like to have passwords that would take at least a billion years to crack.
You may not like to hear this, but truly secure passwords need to be long, really, long, like anything from 20 to 30 symbols. More importantly, your password should not include any words that can be found in the dictionary. Generating a cryptic alphanumeric password devoid of words may be a difficult endeavor, especially when you have to memorize the bloody thing.
So as a recent Carnegie-Mellon study suggests, once you've found a password that would take lightyears to crack – stick to it. Changing your password actually undermines your security and you can't be expected to memorize a random set of characters every three months. Then we start writing these passwords down on bits of paper– and it's a downward slope from there on in terms of security. That's why it's essential to memorize one or two bulletproof passwords and test them with the Passfault Analyzer tool. Can't think of a good “uncrackable” password? Here's a good tutorial video on how to come up with the perfect password and leave the hackers biting their nails:
How did you fare in the Passfault test? Did your passwords turn out to be as safe as you thought? Share your thoughts in the comments!
Source: Naked Security
Share on Facebook Tweet on Twitter Share on Google+
More from the web
These 8 Supplements Will Strengthen And Grow Your PhysiqueBodybuilding.com
New Law Allows You To Be Certified To Carry Concealed Online!National Concealed
Can Amazing Home Décor Be Affordable? Check This OutWayfair
Here’s Why Guys Are Obsessed With This Underwear…The Weekly Brief | Mack Weldon
by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links More from the web
These 8 Supplements Will Strengthen And Grow Your PhysiqueBodybuilding.com
New Law Allows You To Be Certified To Carry Concealed Online!National Concealed
Can Amazing Home Décor Be Affordable? Check This OutWayfair
Here’s Why Guys Are Obsessed With This Underwear…The Weekly Brief | Mack Weldon
by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links
11 comments
Write a comment!
Write new comment:
SubmitCancel
7 Sean Foster May 28, 2012 Link to comment
How to miss the point!
They aren't attempting to predicted computing power of the future or how big evil hackers bot net is, but provide a useful security diagnostic tool by providing a quantifiable value to the strength of your password.
Yes it's for a given strength of attack and encryption, but so are any of these assessments. This does highlight the flaws of some "strong " passwords that rely on dictionary words and numbers.
I for one found it useful and will use it to guage the RELATIVE strength of future passwords. My new wifi password being 25 centuries :-)
0
Reply
3 Guest Account May 27, 2012 Link to comment
Wow... this tool can tell how many years it would take to crack my password?
It's knows exactly how much computing power we will have 10 years from now???
It's also knows if I'm use 100 networked computers... or 25,000... to do the cracking????
0
Reply
3 Guest Account May 27, 2012 Link to comment
> They basically use these programs to guess the password by completing thousands of combinations per second.
That's pretty impressive. My account only allows 1 guess every 30 secs (at most).
To do even 100,000 guesses would take far longer than 100 seconds.
0
Reply
3 Guest Account May 27, 2012 Link to comment
> once you've found a password that would take lightyears to crack
Huh? No one at androidpit knows what a "light-year" is? It's a measurement of *DISTANCE*... not of time.
Ugh.
0
Reply
20 Jeremiah May 26, 2012 Link to comment
Their method of trying thousands of combinayions per second will not work for most websites like google who suspend your login after a few failed attempts. Your wifi connection on the other hand I can see someone hacking at it for a few days.
I use an app called mSecure to keep track of my passwords.
0
Reply
15 Ti Mo May 25, 2012 Link to comment
Or is it you who is the hacker... You made the website and now know every password we typed in there :O
:P
0
Reply
17 Yan Matusevich May 25, 2012 Link to comment
Here is a good overview on how they do it: http://en.wikipedia.org/wiki/Brute-force_attack
They basically use these programs to guess the password by completing thousands of combinations per second.
0
Reply
15 Ti Mo May 25, 2012 Link to comment
Like how do you hack a password anyways? I mean I don't wanna have a detailed explanation but rather a quick overview cause I have like no idea how they'd do it lol
0
Reply
17 Yan Matusevich May 25, 2012 Link to comment
It is definitely a sobering test. Just changed all my passwords to be on the safe side so that hackers can spend quatrillion years trying to hack it.
0
Reply
15 Ti Mo May 25, 2012 Link to comment
Yeah made a new one. Time: 1 year and ten months. And good memorable for me :D
0
Reply
15 Ti Mo May 25, 2012 Link to comment
Lol my fb and WLAN access password is cracked in 2 days, my Google password in less than a day Oo
0
Reply
Write a comment!
0 Response to "How Safe Is Your Password, Really? -[AndroidTutor2018]"
Post a Comment