Page 1 of 3 123 LastLast
Results 1 to 10 of 23

Thread: Choosing A Password

  1. #1
    Senior Member
    Join Date
    Jan 2003
    Posts
    1,499

    Choosing A Password

    Selecting A Strong Password

    A Password for a computer can be compared to a key to your house and should be treated with the same caution.

    You don’t want people coming into your house uninvited and going through your bank statements, personal letters, spouses underwear drawer, under mattress magazine collection (see Zonewalker) and other personal effects.

    You would not dream of securing the front door of your home with a paperclip and some string and yet many people opt to use weak passwords on there computers.
    Using a weak password can be compared to opening the front door for an intruder and letting them in with minimum fuss.

    One of the main key areas to computer security is selecting a good strong password which will be difficult to guess or obtain.

    A important note here is the “obtain” part. It is surprising how many people will give others there password. Never do this.

    When selecting a password it is easy to pick something familiar to you and use it. This is bad practice. A Golfer for example may use golf as his password or a football fan use his teams name.

    The object when choosing a password is to choose one which would be difficult to guess or brute force open.



    In order to select a good password it is important to understand the methods Crackers use when trying to guess or obtain this password.

    Methods used by crackers


    1. Commonly Used Passwords

    Any Cracker will have a list of commonly used passwords. This is a list of dictionary words which are used as peoples passwords.

    The 4 most common passwords (prior to the release of a film detailing this were)
    Love
    Secret
    Sex
    God

    Note : Never Use a common dictionary word as a password.


    2. Brute Force

    Another method commonly employed by hackers is brute force. This is trying every possible combination of words and numbers. An average 2.4ghz processor can try 300,000 passwords a second under normal circumstance.

    Note : It is important to select a long password and include uppercase, lowercase, numbers and symbols where available


    3. The Lucky Man

    Some Crackers employ what I will call the lucky man method. As an internet patron you will probably have several accounts with banks, ISPs, e-mail and other online services. If you use the same password for each of these its like having the same key for every door in a hotel. If the person can open one they can open them all.

    Crackers have been known to set up spoof websites or websites requiring logins to access content.

    These will sit harvesting the information you provide them with in the hope of access to some free mp3s or pron.

    With this list of usernames and passwords the Cracker can then begin checking these against commonly used services.

    Note : Try to vary passwords between different services.


    4. The Stalker

    If a Cracker is determined to find the password of one person the Stalker method can be employed. This is where they will follow you around and gather whatever information they can. e.g License Numbers, DOB, Social Security, Address, Childrens Names, Pets Names etc

    They will then try these and combinations of these as passwords for you.

    Note : Never use anything personal to you as a password


    5. The Watcher

    Another method that a Cracker after a particular persons password can employ is to watch them typing it in.

    Note : Make sure your password is something you can remember and type quickly to avoid it being seen by someone looking over your shoulder in an internet café or at work.


    6. The Stale Password

    This is a lead off from point 2 which I just remembered to add. If you don’t change your password regularly a brute force attack will eventually get it. (it may be days,weeks or months)

    Note : Change your password religiously to avoid it being brute force cracked


    I hope these notes are helpful in helping you determine a good and secure password for yourself and hope that to many of you aren’t logging out at the moment to change it.

  2. #2
    Banned
    Join Date
    Jun 2003
    Posts
    1,536
    Not bad mark_boyle2002...

    GREEN TO YOU


    Other common ones are your own name, a friend or family members name, pets names,things that directly relate to you, these are also not a good idea... and if you must use these combine it with other letters and nub=mbers and characters, other wise you make it to easy for any one to crack...


    Nightfalls_Girl

  3. #3

  4. #4
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    Dr_Evil, what are the links for?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  5. #5
    Senior Member
    Join Date
    Jan 2003
    Posts
    1,499
    I think they are just backing up what I said. Incase no one believed me. Also the final link he posted had some stuff I never thought off.

  6. #6
    Senior Member
    Join Date
    Dec 2002
    Posts
    309
    Yes, MsMitts,

    Exactly what Mark said,

    I think they are just backing up what I said. Incase no one believed me. Also the final link he posted had some stuff I never thought off.
    Dr_Evil

  7. #7
    Senior Member
    Join Date
    Jun 2003
    Posts
    219
    very good mail... a bit of advice from my end too... keep a password which is difficult to guess for others... n easy to remember by you...
    Now is the moment, or NEVER!!!

  8. #8
    Also, password length, mix cases, and numbers. I usually go with no less than 10. ^_^

    -Cheers-

    PS: It all depends on importance and how much you are willing to work to keep your stuff secure. If your password gets cracked it is your fault.

  9. #9
    Banned
    Join Date
    Jun 2003
    Posts
    1,536
    he, my current one for one of my school accounts is now 31 caracters long...
    well i had to do somthing, i have admin rights...
    keeps on getting changes, every 2 days... i think im a little paranoyed....



    Nightfalls_Girl

  10. #10
    Senior Member
    Join Date
    Jul 2003
    Posts
    114
    Just a thought:

    besides the usual UPPER/lower/number mix, i suggest adding 'ALT + something' characters to your passwords.
    I've wrote this before around here somewhere, but i can't find the post.

    ALT+ 0160 equals the space character. There are few pass crackers proggies that can decode this one (so i've read).

    greetz

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •