Page 2 of 2 FirstFirst 1 2
Results 11 to 15 of 15

Thread: Those password strength meters are actually useless

  1. #11

    Default

    Quote Originally Posted by mottamort View Post
    And unless you work the for CIA, NSA or some other sort of secret illuminati group, noone is going to break into your house and steal the gibberish you've written down on a notepad shoved in a drawer somewhere

    Writing it down is actually not as "vulnerable" as people think. I'd say its more secure than using lastpass, seeing as lastpass is a target...my house isn't
    Exactly, I cringe every time someone recommends lastpass. Its only a matter of time until it gets broken into and everyone's passwords go public. Don't trust others with your security.

    Also, put your written passwords in a sealed envelope, so you know if its been tampered with. Keep two copies in seperate secure locations, so if one gets stolen, you can still get in to change all of them.

  2. #12
    PsychoFish's Avatar
    Join Date
    Aug 2011
    Location
    Under da sea
    Posts
    4,100

    Default

    The problem is two-fold. While a password like 1ChickenPie500Coke&[email protected] is in theory a good password it becomes useless if (1) you use it in more than one location (2) a location saves it using reversible encryption or uses a weak cipher.

    Plenty of recent "hacks" have been due to passwords being hashed using MD5 (which is cool, but you can decrypt MD5 hashes in about 2 seconds these days), the other culprit is SHA-1 which is very breakable.

  3. #13
    Check my new Avatar Hagan's Avatar
    Join Date
    Apr 2013
    Posts
    11,248

    Default

    I think I may have changed all passwords from LastPass. So even if it's leaked, I ought to be safe.
    What's more? I cannot remember my master password and as such cannot even log in anymore.


  4. #14
    DarthRiven's Avatar
    Join Date
    Dec 2011
    Location
    Centurion, Gauteng
    Posts
    240

    Default

    Quote Originally Posted by Avatar View Post
    Well, gfycat essentially uses this system to generate unique URLs and it seems to be working brilliantly for them
    "It's not worth doing something unless you were doing something that someone, somewere, would much rather you weren't doing." - Sir Terry Pratchett

  5. #15
    Avatar's Avatar
    Join Date
    Sep 2009
    Location
    Witbank, land of the mullet.
    Posts
    3,401

    Default

    Quote Originally Posted by Blazzok View Post
    This is an Ars article from 2013. It shows how using random word combo passwords like "bananastaplehorse" (even with symbols and numbers thrown in) can be cracked without too much effort.

    http://arstechnica.com/security/2013...r-passwords/3/
    Ja, this is where the xkcd example I posted falls over a bit. The comic assumes that a brute force attack will guess each letter, which leads to the high entropy bit count, where in reality dictionary attacks will mean that each word (or major syllable) would be a bit of entropy. It's still my preferred starting point, since it's all relative anyway, as [MENTION=6600]PsychoFish[/MENTION] was alluding to.

    Quote Originally Posted by DarthRiven View Post
    Well, gfycat essentially uses this system to generate unique URLs and it seems to be working brilliantly for them
    Not quite the same. gfyCat has a very specific URL generation format that goes <adjective><adjective><animal>. The reason comes down to easier reproduction for humans, rather than the added benefit of easier memorization.

Similar Threads

  1. Zip Password Recovery
    By Spek in forum Off Topic
    Replies: 15
    Last Post: 17-11-2012, 09:03 AM
  2. Anyone using ACT? (DPS meters)
    By Necuno in forum Gaming Discussions
    Replies: 0
    Last Post: 22-08-2012, 09:04 PM
  3. Help MyGaming grow from strength to strength
    By James in forum Announcements and Giveaways
    Replies: 23
    Last Post: 29-06-2012, 04:28 PM
  4. Help MyGaming grow from strength to strength
    By James in forum Gaming News Articles
    Replies: 23
    Last Post: 29-06-2012, 04:28 PM
  5. PSN restored - How to reset your PSN password
    By James in forum Gaming Discussions
    Replies: 4
    Last Post: 25-05-2011, 09:58 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •