Page 3 of 3 FirstFirst 123
Results 21 to 23 of 23

Thread: Creating strong passwords and keeping them secret.

  1. #21
    Senior Member JPnyc's Avatar
    Join Date
    Jan 2005
    Posts
    2,734
    I'm not sure. I mean every time you include a new character set you increase the possibilities exponentially. Just for argument's sake, we'll say the first character set contains five characters, as does the second. If you use only the first, the number of possible combinations would be 5x4x3x2. If you use both of them, the possible combinations becomes 10x9x8x7x6x5x4x3x2

  2. #22
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Yes, but if your password is only one character then there are 5 possibilities in the first instance and 10 in the second.

    I can't remember the math, but with a password you have replacement (the same character can be used more than once) and it is ordered (the characters have to be in the correct sequence).

    I would say that for any given character set, a longer password has to be be more difficult to brute force than a shorter one.

    http://www.infoworld.com/d/security-...r-531?page=0,0

    and:

    http://blogs.mcafee.com/mcafee-labs/...-vs-complexity

  3. #23
    Senior Member
    Join Date
    Apr 2005
    Location
    USA
    Posts
    422
    If you use only the first, the number of possible combinations would be 5x4x3x2. If you use both of them, the possible combinations becomes 10x9x8x7x6x5x4x3x2
    Where did you get this from?

    We are not calculating 'combinations' by definition, if I am not mistaken. Combinations and permutations imply that there is no repetition.

    Obviously when dealing with passwords repitition becomes possible, so we cannot use these standard methods of calculations. However, this doesn't make it any more complicated. Lets say you're just dealing with numbers to keep the calculations easier. 0-9 gives 10 possibilities, so for a one digit number, naturally you would have 10 possibilities. When you move to two decimal places it becomes 10*10+10, with the 10 additional digits including the one digit passwords, making 110 possibilities. So its:
    (NumCharacters)^(length)+(NumCharacters)^(length-1)...
    for those that haven't taken calc 2, or just plain aren't good at math, as N increases, it will have more effect than X increasing by the same amount, on the equation as a whole. This is because the N is an exponent and the X is a base.

    So mathematically speaking,
    This is quite interesting. As far as I am aware the length of a password takes precedent over its complexity, so I agree with the concept of packing a core.
    is correct. But remember, if you add a symbol, you're not adding one unit to complexity, because the cracking tables add either 14 or 28 characters to complexity, not 1 or 2. This skews the math. So it really depends on the situation. For example, say you have a password that is 3 numbers (1110 possibilities). You can either add another number or increase complexity by adding a letter. 4 numbers is (11110), but 3 letters and numbers is (47988). So ultimately, it depends on multiple things, like how you look at the math, what your definition of "increasing complexity" is (whether it be one more possibility, or a whole new character set), and what length you are adding. But technically speaking, adding one to the length is stronger than adding one to the complexity.

    Surprise. I'm nerdy. Haha. If anyone sees errors, feel free to point them out

Similar Threads

  1. Tips
    By XTC46 in forum Site Feedback/Questions/Suggestions
    Replies: 15
    Last Post: August 24th, 2005, 07:52 PM
  2. Creating a Secure SUSE Linux server for FTP and SSH
    By gore in forum The Security Tutorials Forum
    Replies: 3
    Last Post: March 16th, 2005, 10:33 PM
  3. Secure Passwords Tutorial
    By NeonWizard in forum The Security Tutorials Forum
    Replies: 5
    Last Post: August 13th, 2004, 06:54 PM
  4. The history of the Mac line of Operating systems
    By gore in forum Operating Systems
    Replies: 3
    Last Post: March 7th, 2004, 08:02 AM
  5. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 08:01 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •