UK says pawwwords too easy to crack
Results 1 to 8 of 8

Thread: UK says pawwwords too easy to crack

  1. #1
    The Lizard King SarinMage's Avatar
    Join Date
    Jan 2002
    Location
    California
    Posts
    561

    UK says pawwwords too easy to crack


  2. #2
    BS, EnCE, ACE, Cellebrite 11001001's Avatar
    Join Date
    Mar 2002
    Location
    Just West of Beantown, though nobody from Beantown actually calls it "Beantown."
    Posts
    1,229
    I have to agree with this article.
    After working as HelpDesk Support/ASA, I've found that to be the case more often than not. When people choose their passwords, they tend to choose something that is easy for them to remember without thinking about security issues. When their password expires, they only do something as simple as adding a character or two to the end of their old password. Even when you try to explain the importance of security and having a password people can't guess they choose not to listen. But, hey. What can you do to convince them otherwise without allowing your system to get hacked?
    That's Officer 11001001 to you...
    Now you see me | Now you don't
    "Relax, Bender; It was just a dream. There's no such thing as two." ~ Fry
    sometimes my computer goes down on me

  3. #3
    Senior Member
    Join Date
    Dec 2001
    Posts
    1,193
    I think this is why the trend toward token usage is growing. It forces more security upon users.
    Trappedagainbyperfectlogic.

  4. #4
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    The weakness in EVERY security system is always the user. I'll admit, there are always other weaknesses, but the user is always the greatest weakness. Thats why smart cards, fingerprint id's, etc etc are all being developed. I doubt it will ever be possible to come up with a truly secure password. With enough money, you could purchase enough hard drive space to store every possible password. Then its just a matter of running a dictionary password cracker, and.......It will just take some time.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    883
    I always recomend to the companies that I outsource to to require long password and the complexity policies. A few of them wont listen though. I have observed some of them with something typical such as their wifes name or they use there own name. I'll come back 6 months or a year later and they still have the same one. So I have to agree with most. The weakest link in IT security is the user.
    The COOKIE TUX lives!!!!
    Windows NT crashed,I am the Blue Screen of Death.
    No one hears your screams.


  6. #6
    Senior Member
    Join Date
    Dec 2001
    Posts
    1,193
    Maybe the only truly secure system is one that does not communicate with any other. Like Bruce Schnieir said.
    Trappedagainbyperfectlogic.

  7. #7
    Fastest Thing Alive s0nIc's Avatar
    Join Date
    Sep 2001
    Location
    Sydney
    Posts
    1,584
    hmm they way i deal with my passwords is that i have 4 levels of passwords..

    i use level 1 commonly, if someone crack it i wouldnt mind coz level 1 accounts are not that important.. levels 2 and 3 are a bit more personal and confidential... someone cracks either one of them would worry me... level 4 is a rare one.. its a 14 character alpha-numeric password. no one will guess.. lolz.. i only used level 4 three times.. one is for my bank accounts.. second would be my ISP and 3rd.. other confidential information about me..

    my point is.. i dont use only one password.. and neither do i use lots of passwords.. the trick is in the difficulty not in the number..

  8. #8
    Junior Member
    Join Date
    Feb 2002
    Posts
    15
    It's more than just a poorly chosen password people leave there
    passwords visible for others to discover them very openly
    under the desk on the desk. sticky on a monitor, sticking out of
    an open folder, in there purse, they send there suit
    or a pair of pants to the dry cleaners but they forget to remove
    all the papers when there in a rush oops, throw out old passwords
    rather than shredding them with a machine. If anyone need
    strong passwords here is a great tool:

    http://www.winguides.com/security/password.php


    suggestions/hints

    * choose the ssl option, check all the boxes

    * a good password is about 24-53 charecter

    * test your passwords

    * After you create passwords DO NOT repeat do NOT
    paste or save any passwords to text files, copy the passwords to paper
    then exit immediatly without hitting a back key on Netscape or IE
    clear your cache

    * Root or Admin Passwords should be changed every single day

    * Use Sudo and Pwconv commands if you use Unix or Linux

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •