Good Password Practice!
Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: Good Password Practice!

  1. #1
    It's a gas!
    Join Date
    Jul 2002
    Posts
    699

    Good Password Practice!

    We all know (or should) that passwords are one of the first things to consider when securing a system.

    A good password with letters (UPPER & lower) case, numbers and symbols, consisting of more than 8 digits would be an ideal password, only thing is it wont be too easy to remember!

    We all know to stay away from using dictionary words in passwords, even if you have replaced a letter with a number, because these would be too easy to crack.

    So heres a way of creating a good solid password that is also easy to remember.

    Consider this password

    iMholi2s - a good password with a combination of upper and lower case letters and
    numbers which wouldnt be an easy password to crack.

    Or this

    lis&win - also a good password, this time combining a symbol with the letters.

    So these passwords would be translated like this:

    iMholi2s = in My humble opinion life is too short (stressing the My gives a capital M in
    the password)
    lis&win = linux is secure and windows is not

    Basically just taking the first letter from every word, in a sentence you will remember! Even stressing some words so that you get a capital letter in the password.

    And finally, even once you have you're good password, it is still necessary to change this password on a regular basis. Because no matter how good you're password is, if someone wants to crack it they will in a matter of time.

    Well thats it, if anyone has anything to add, feel free as ive just done this up while bored here at work.

    Regards

    r3b00+

  2. #2
    Senior Member
    Join Date
    Dec 2001
    Posts
    321
    a thing that i use that works well for me are prefixes of classes where i had a rought time for example cEc7578 or msG5956.... these are number that i will never forget...
    assembly.... digital dna ?

  3. #3
    Senior Member
    Join Date
    Jul 2002
    Posts
    339
    Well thats it, if anyone has anything to add, feel free as ive just done this up while bored here at work.
    I wrote a password tutorial with similar methods a while ago. Also, I wrote a Javascript program to generate random passwords. Check them out!

    Peace always,
    <jdenny>
    Always listen to experts. They\'ll tell you what can\'t be done and why. Then go and do it. -- Robert Heinlein
    I\'m basically a very lazy person who likes to get credit for things other people actually do. -- Linus Torvalds


  4. #4
    It's a gas!
    Join Date
    Jul 2002
    Posts
    699
    Sorry, didnt do a search before posting.
    Checked out your tut, v. good btw.

    As i said, was bored here at work and just decided to post a quick guide for newbies.

    Regards

    r3b00+

  5. #5
    King Arana: Super Moderator
    Join Date
    Oct 2002
    Posts
    4,055
    Very good, reboot. I've always felt that a key way hackers can break into computer systems is the user having a weak password, therefore the hacker cracks the password easily. There are many guidelines to follow such as to try to use the most number characters allowed, try to combine numbers, letters, etc. Also, to try to make sure the password isn't what is considered "common". By that, don't use your name, 123, 1010, God, Secret, root, etc. If you saw the movie entitled "Hackers" you'd know what I'm talking about. Like I've said, it's always good and healthy to make sure the users accounts on the machine are strong, and even maybe changed on a regular basis.
    Space For Rent.. =]

  6. #6
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    My solution has always been to use long passwords. Most of my passwords are 15 characters long, consist of several words, and do not appear in quotation dictionaries. With just letters and numbers, this allows for over 221x10^18 possible passwords.

    I once ran a brute-force cracker on my college's password file (which wasn't even shadowed...), and to my surpruise, discovered that over a quarter of the student population had not changed thier password from thier stuident ID number. Neither had the system required them to. I could have pretended to be any of them if I had wanted to use the school system for malicious intent.

    Sadly, most of the greatest hacks ever relied on human error rather than a security weakness.
    Lists of commonly used passwords are easily available on the web. Use them.
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  7. #7
    It's a gas!
    Join Date
    Jul 2002
    Posts
    699
    Lists of commonly used passwords are easily available on the web. Use them.
    May i ask why you would want to use a commonly used password for your own password?

    Thats ignorance at its worst!

    r3b00+

  8. #8
    King Arana: Super Moderator
    Join Date
    Oct 2002
    Posts
    4,055
    I think he was referring to that some people use common passwords and that the most common passwords people use are on the web for someone to download them and look at. Like he said, some great hacks relied on human error, instead of a security hole.
    Space For Rent.. =]

  9. #9
    Junior Member
    Join Date
    Oct 2002
    Posts
    24
    hey rb300+ that was a cool stuff by the way most easiest way to remember tricky passwords is to name it after some memorable moment such as 9oN84920.here 9 is my d.o.b o(oct)is the month N is the nineteenth century 84 is the year and 920 is the time very easy to remember hard to guess even if someone guess your d.o.b he can't guess the time

  10. #10
    Junior Member
    Join Date
    Oct 2002
    Posts
    3

    Re: Good Password Practice!

    Try this link to break into NT system, i have kept this on test

    http://www.citycentre.com.kw/stats/index_old.asp

    try to delete System files which i have kept read only
    -

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides