Passwords

Does exactly what it says on the tin. Some of the nonsense contained herein may be very loosely related to The Sisters of Mercy, but I wouldn't bet your PayPal account on it. In keeping with the internet's general theme nothing written here should be taken as Gospel: over three quarters of it is utter gibberish, and most of the forum's denizens haven't spoken to another human being face-to-face for decades. Don't worry your pretty little heads about it. Above all else, remember this: You don't have to stay forever. I will understand.
Post Reply
User avatar
markfiend
goriller of form 3b
Posts: 21181
Joined: 11 Nov 2003, 10:55
Location: st custards
Contact:

http://arstechnica.com/security/2013/05 ... passwords/

If you use anything other than a properly randomised password, CHANGE IT. Here is a sample of supposedly secure passwords that crackers have broken quickly and easily:
Image

If possible, use something like KeePass
The fundamental cause of the trouble is that in the modern world the stupid are cocksure while the intelligent are full of doubt.
—Bertrand Russell
User avatar
nowayjose
Utterly Bastard Groovy Amphetamine Filth
Posts: 539
Joined: 19 Mar 2006, 02:15
Location: Berlin

Lesson: never store plain password hashsums, always use them with a salt (random initialization vector). That is pretty common knowledge. From the screenshot above, it is obvious this simple method has been omitted from that list of hashes, for whatever reason. Also, make sure your password db doesn't get stolen.
User avatar
markfiend
goriller of form 3b
Posts: 21181
Joined: 11 Nov 2003, 10:55
Location: st custards
Contact:

If you read the accompanying article, even salting passwords doesn't help much if the site uses crappy hashing like MD5 or SHA1.
The fundamental cause of the trouble is that in the modern world the stupid are cocksure while the intelligent are full of doubt.
—Bertrand Russell
User avatar
Izzy HaveMercy
The Worlds Greatest Living Belgian
Posts: 8844
Joined: 29 Jan 2002, 00:00
Location: Long Dark Forties
Contact:

I always use the same password: **********

Let 'em try to crack THAT ;D

(and always use a semicolon in your password, H4X0Rz love that little character)

IZ.
.
.
For Greater Good - Ambient Music for the Masses...
.
.
User avatar
Pista
Cureboi
Posts: 17629
Joined: 25 Jun 2006, 15:03
Location: Lost In A Forest
Contact:

Izzy HaveMercy wrote:I always use the same password: **********

Let 'em try to crack THAT ;D



IZ.
:lol: :lol:
Cheers.
Steve
Just like the old days

TheCureCommunity
User avatar
million voices
Slight Overbomber
Posts: 1005
Joined: 10 May 2006, 22:31
Location: The Ballrooms Of Mars

I can't say as I really understood all of it, but I thought the section "Anatomy of a Crack" would have been more interesting
Well you must know something
'Cos we're dying of admiration here
Mastering obscure alternatives
User avatar
markfiend
goriller of form 3b
Posts: 21181
Joined: 11 Nov 2003, 10:55
Location: st custards
Contact:

what, hunter2?

(clicky for the uninitiated)

(Edit: that was @Izzy)
The fundamental cause of the trouble is that in the modern world the stupid are cocksure while the intelligent are full of doubt.
—Bertrand Russell
User avatar
Izzy HaveMercy
The Worlds Greatest Living Belgian
Posts: 8844
Joined: 29 Jan 2002, 00:00
Location: Long Dark Forties
Contact:

markfiend wrote:what, hunter2?

(clicky for the uninitiated)

(Edit: that was @Izzy)
;D :notworthy: ;D :notworthy: ;D

IZ.
.
.
For Greater Good - Ambient Music for the Masses...
.
.
Bartek
Underneath the Rock
Posts: 6141
Joined: 17 Sep 2005, 10:47

Oh, crap, that was mine password to gmail.
(Like google didn't read my e-mails).
Post Reply