how goods your passwords

I present another great opportunity for us all to expose our smugness or stupidity, but more importantly, this public service announcement and bit of fun might help stop a spotty geek lifting the contents of your Swiss bank account.

I came across this recently, it’s an uber-cool little website where you simply type in your commonly used passwords and it will tell you how long a geek with a PC will take to break it. This was reviewed on the Gadget Show by some guy in the security industry – and fyi here’s a few little tips to improve your password.

A good password (one that takes forever to crack)

Has at least 10 digits
Has letters + numbers + other non-letter non-number characters
Has the letters lower case and capitalised
Does not use words of any sort.

The Gadget Show gave a great easy to remember way of creating a hard password. You take a phrase, you use the first letter of each word, you bracket the whole ‘sentence’ in symbols and add a number.

type in your password and see how secure it is
http://howsecureismypassword.net/

i got 164 days

 

Being a suspicious old git, is this a scam to collect your password!!

 

Is this a sneaky way of finding out everybody's passwords? Sorry to be suspicious! While I'm curious as to how long might be the average cracking time, I noted the absence of any of the usual security symbols on the site, clicked onto their 'privacy policy' and learned that if I didn't believe them, I could turn off my internet connection and put in the password, thus 'proving' there was nothing to encrypt. Hence, no security. It's all Java applets, Guv'nor. Of course, their site wouldn't have put a little programme onto my computer to harvest such passwords, would it? And that programme wouldn't transmit the password when next I ventured onto the net..?

Anyway, I have two further thoughts:
1. My curiosity about the adequacy of my passwords isn't bigger than my fear of being hacked and
2. Just because I'm paranoid doesn't mean they aren't watching me!

 

depends on the methods used to aquire said password really. if you're talking about brute force cracking methods then any password around 8 digits with an upper case letter and some numbers will be almost uncrackable at a reasonable level. depends on processing resources and how intent someone is on getting in. the issue you have is most people dont want to remember multiple passwords so eithe ruse the same one or a slight variance, eg add a birthdate to the end or other number. easiest way of gaining passwords is via phishing ( email scam) and planting a keylogging trojan on the target pc . this records ALL keystrokes so doesnt matter how obscure your password is it will still be recorded down as a keypress. i have wrked in computer security since the early 90's ( on both sides of the coin) and i love the way ahckers are portrayed as remotely hacking in to computers and stealing all your data. its much more common for your details to be stolen from you rubbish via credit card , bank statements etc householdbills. then they will profile you, call you up pretending to be xyz , get you to tell them your secret word/location etc. from this they can then goto you email account and most people will use the same details as there security question so through mostly guesswork you can get the email password reset. once you have someones email account you can then goto any banks or fb accounts etc and most password resets send a confirmation to - you guessed , an email account so from there they can pretty much clone any details they want, pretend to be you etc...

 

also in the case of bank accounts there are usually multiple unique identifying codes you have to enter before you log in, thus making brute force attacks almost impossible. phishing and website scams asking you to "confirm" your details is much more likely

 

If someone else pretended to be me, does that mean I can stop going into work? Ha ha - more fool them. Let's see if they like commuting, eating naff sandwiches and moaning about not getting paid nearly enough. I'd love a clone I would.

 

edit/ I just changed it too

 

My password is;

nicepairoftits.com

... just like my Avatar.

 

Hmmm.... 19 letters? Is it PSEUDOHERMAPHRODITE?

 

not telling

 

21 thousand years... Not bad

 

shit, i got 6 hours, time for change me thinks lol !