|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Tippia
Sunshine and Lollipops
|
Posted - 2010.10.13 16:51:00 -
[1]
Edited by: Tippia on 13/10/2010 16:55:01
Originally by: De'Veldrin
Originally by: Guilliman R
Originally by: Buck Marui
Originally by: Paknac Queltel You know we once had someone working for us who had her current city of residence and some date as her password? She still wrote it down and taped the paper to her monitor. No password remembering scheme will help regular users.
Haha, and to tape it to the monitor... HAHA
You'd be sad if you know how many people actually do that in offices..
The part that kills me is that people think replacing characters in a word with numbers that look like a letter are secure.
P@55w0rd really isn't that hard to figure out - really.
Meh.
There's always the I-wrote-it-down-feint password scheme:- Pick three letters.
- Pick a short sentence (with proper capitalisation and punctuation).
- Write said sentence down on the monitor post-it.
- When entering a password, use that sentence, but always skip the three letters picked in step 1.
You now have a reasonably complex, not-quite-dictionary-attackable password that is essentially only three letters long. ùùù ôIf you're not willing to fight for what you have in ≡v≡à you don't deserve it, and you will lose it.ö ù Karath Piki |
Tippia
Sunshine and Lollipops
|
Posted - 2010.10.13 17:34:00 -
[2]
Edited by: Tippia on 13/10/2010 17:36:40
Originally by: Buck Marui which is easily brute forced, and/or guessed especially since you used correct punctuation.
Yes, but the hope is that people will notice the post-itÖ with the neat "Password:" written on ità
àstill, you're right. Even so, since you're writing it down anyway, you can mess up both spelling and punctuation (or just use gibberish) ù the actual password is in the three letters, not what's written on the note.
Quote: Bit long-winded I think though
Yes. And good luck if you lose the post-it. ùùù ôIf you're not willing to fight for what you have in ≡v≡à you don't deserve it, and you will lose it.ö ù Karath Piki |
Tippia
Sunshine and Lollipops
|
Posted - 2010.10.13 23:29:00 -
[3]
Originally by: Barakkus You do realize md5 is very easy to crack right? You're better off using Blowfish.
Why would you want to use a cipher for hashing? They serve two rather different purposesà ùùù ôIf you're not willing to fight for what you have in ≡v≡à you don't deserve it, and you will lose it.ö ù Karath Piki |
|
|
|