How good is your password?
-
- Administrator
- Posts: 7262
- Joined: 15 Jan 2010, 22:52
- Location: Middle of England
How good is your password?
(From https://www.hivesystems.io/blog/are-you ... -the-green)
To give you an idea how much hackers have improved their techniques, in 2022 the most complex 8-character password took 39 minutes - this year it is rated as 5 minutes...
You do not have the required permissions to view the files attached to this post.
Leif
-
- Administrator
- Posts: 12758
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
-
- PlutoniumLounger
- Posts: 16070
- Joined: 24 Jan 2010, 23:23
- Location: brings.slot.perky
Re: How good is your password?
Assuredly, if the hackers have unlimited access to my login screens.
But isn't this why the bank et al. Allow only three attempts and then lock you out for ten minutes?
(I optimistically beleive that after three lockouts in thirty minutes, some technician's pager beeps ... )
Too, I suppose that Brute Force means computing resources, so whether determining my password is parsed out amongst all computers on the UniHackers system ("Instant") or not, the hackers still have a limited (but phenomenal) computing resource at their disposal.
To that end, I would gain more Information from a table that told me how long would be taken to hack the passwords of, say, all customers who make use of online banking of the Canada-wide Bank of MOntreal, than me alone. The number of online customers of Newfoundland Power must be significantly less than the number from BMO, so my perceived risk (NL Power) is greater than my perceived risk (BMO), but there again, NL Power does not have any of my money in their cash-boxes, since I pay my bills to the cent at the start of each month.
Which means, since I examine my NL Power account but once a month, but my BMO account several nail-biting times a month peaking as pension-day arrives, I am more likely to spot errant behaviour in the BMO account than in NL Power.
@Stuart: I bet not a single hacker knows the name of the teacher who accompanied us on the public double-decker to and from Sunnybank school in Burnley 1952-56.
Cheers, Chris
The most expensive thing a man can own is ignorance.
-
- Administrator
- Posts: 12758
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: How good is your password?
MANY security breaches end up with the hackers gaining access to encrypted password details of thousands of users. These brute force techniques are used to extract the unencrypted passwords so they can be used. So can you guarantee that your encrypted password will never be breached on the bank's (or any other) web site?
StuartR
-
- Administrator
- Posts: 7262
- Joined: 15 Jan 2010, 22:52
- Location: Middle of England
Re: How good is your password?
A quick question in the hope that someone has a quick answer -
If someone has (e.g.) an 8-character password and simply repeats it so that it becomes a 16-character password, would that infer that it would take 5bn years to crack instead of 5 minutes?
If someone has (e.g.) an 8-character password and simply repeats it so that it becomes a 16-character password, would that infer that it would take 5bn years to crack instead of 5 minutes?
Leif
-
- Administrator
- Posts: 12758
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: How good is your password?
No, the newer password cracking algorithms know about all these tricks
StuartR
-
- Administrator
- Posts: 12758
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: How good is your password?
I suspect that the figures in that chart are for passwords made up of random strings, not dictionary words, and not common repeating patterns. If your password is ABC12345678910 it will take seconds to crack
StuartR
-
- Administrator
- Posts: 7262
- Joined: 15 Jan 2010, 22:52
- Location: Middle of England
-
- Administrator
- Posts: 12758
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: How good is your password?
I have also noticed that passwords made of one or two words are cracked very fast. Even if you replace a with @, e with 3, o with 0, and other common substitutions. And even if you add a couple of extra digits and a ! to the end
StuartR
-
- PlutoniumLounger
- Posts: 16070
- Joined: 24 Jan 2010, 23:23
- Location: brings.slot.perky
Re: How good is your password?
I imagine this to be because personal names (self, family etc.) make up a disproportionate percentage of all passwords, whereas random strings of characters make up a much larger percentage of all possible strings.
From the hacker's point of view, cracking facsimiles of combinations of names is a much smaller population than the population of all possible strings of the same length.
Cheers, 2b63(^4wohl of the planet 2r;/qvpnl35ssa15quvjvp
The most expensive thing a man can own is ignorance.
-
- UraniumLounger
- Posts: 9474
- Joined: 13 Feb 2010, 01:27
- Location: Deep in the Heart of Texas
Re: How good is your password?
I use a pw generator that makes 12 character values that include numbers, symbols and upper and lower case letters. It can generate even longer ones, but I found that 12 characters was about as many as I wanted to have to type. It's reassuring to know that it would take 226 years to hack them; however, if computers get faster won't that time shrink?
Bob's yer Uncle
Dell Intel Core i5 Laptop, 3570K,1.60 GHz, 8 GB RAM, Windows 11 64-bit, LibreOffice,and other bits and bobs
(1/2)(1+√5) |
-
- Administrator
- Posts: 7262
- Joined: 15 Jan 2010, 22:52
- Location: Middle of England
Re: How good is your password?
As per my first post, a factor of 8 between this tear and last...
Leif
-
- PlutoniumLounger
- Posts: 16070
- Joined: 24 Jan 2010, 23:23
- Location: brings.slot.perky
Re: How good is your password?
What on earth did we do before we had online passwords?
Before computers were involved, even before unit-record equipment (yes IBM-407, we're talking about you) to deposit or withdraw money i went to my local bank, filled out a form, stood in line, and when my turn came the bank teller asked me how my sister was faring after her emergency appendix operation.
My father opened my chequing account in Perth when I started at university.
Years later when my wife and I moved from Newcastle NSW to Adelaide SA, we had with us a letter from the bank manager in Newcastle that said we were good people to have on board.
We were known personally to every local member of staff OR we carried a letter signed by a bank manager on bank letterhead. This is before laser printer days, of course.
We have passwords today because we have yielded personal contact for the convenience of world-wide cash withdrawals, and with the same piece of plastic, car and room rentals wherever we choose to go.
Does anyone still use Travelers Cheques?
Cheers, Chris
Before computers were involved, even before unit-record equipment (yes IBM-407, we're talking about you) to deposit or withdraw money i went to my local bank, filled out a form, stood in line, and when my turn came the bank teller asked me how my sister was faring after her emergency appendix operation.
My father opened my chequing account in Perth when I started at university.
Years later when my wife and I moved from Newcastle NSW to Adelaide SA, we had with us a letter from the bank manager in Newcastle that said we were good people to have on board.
We were known personally to every local member of staff OR we carried a letter signed by a bank manager on bank letterhead. This is before laser printer days, of course.
We have passwords today because we have yielded personal contact for the convenience of world-wide cash withdrawals, and with the same piece of plastic, car and room rentals wherever we choose to go.
Does anyone still use Travelers Cheques?
Cheers, Chris
The most expensive thing a man can own is ignorance.
-
- 4StarLounger
- Posts: 533
- Joined: 30 Oct 2010, 02:12
- Location: England UK
Re: How good is your password?
A very interesting thread, but no one has posted where they test their passwords. I use https://www.security.org/how-secure-is-my-password/
If it wasn't for bad luck I'd have NO luck at all.
Windows 11 Home 23H2 Laptop
-
- 5StarLounger
- Posts: 785
- Joined: 29 Jan 2010, 13:30
Re: How good is your password?
If we're to believe what we read, the advent of quantum computers is going to be the end of security - as long as the hackers have a quantum computer.
Silverback
Silverback
-
- Administrator
- Posts: 79287
- Joined: 16 Jan 2010, 00:14
- Status: Microsoft MVP
- Location: Wageningen, The Netherlands
Re: How good is your password?
Use MFA (multi-factor authentication) whenever possible.
Best wishes,
Hans
Hans
-
- SilverLounger
- Posts: 2124
- Joined: 02 Mar 2010, 16:53
- Location: An Aussie in Norway
Re: How good is your password?
Have they introduced yet more 'cheques on travellers' ... I was hoping the days of mountains of paperwork were over
CYa Ron
W11 pc, Android toys.
The only reason we have the 4th dimension of Time is so that everything does not happen at once.
W11 pc, Android toys.
The only reason we have the 4th dimension of Time is so that everything does not happen at once.
-
- Panoramic Lounger
- Posts: 8381
- Joined: 25 Jan 2010, 09:09
- Location: retirement
-
- Administrator
- Posts: 12758
- Joined: 16 Jan 2010, 15:49
- Location: London, Europe
Re: How good is your password?
You should never put a real password on one of these sitesTed Myers wrote: ↑20 Apr 2023, 12:15A very interesting thread, but no one has posted where they test their passwords. I use https://www.security.org/how-secure-is-my-password/
StuartR
-
- 5StarLounger
- Posts: 1137
- Joined: 21 Jan 2011, 16:51
- Location: Florida
Re: How good is your password?
And when past time viewing a.k.a "The Light of Other Days" by A. C. Clarke, becomes a reality, the bad guys will just watch as you type.
PJ in (usually sunny) FL