dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
24
share rss forum feed


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
Reviews:
·Optimum Online
·Clearwire Wireless
reply to rahvin112

Re: Stupid is as Stupid does.

said by rahvin112:

It's pretty rare actually that anything short of 12+ random numbers, letters and special characters isn't part of the lists.

Really? I use pass-phrases, They take the form of "W#en T#e $un $h|n#$ |t'$ V#ry 3r|g#t 0ut$|d#" A 40 character+ pass-phrase with special characters replacing letters. Which can be remembered quite easily if you craft it intelligently. I don't think such a random phrase crafted this way will show up on any list, and the number of combinations and permutations is beyond the capability of anything short of a bank of supercomputers to discover in time to make the discovery usable. I use such pass-phrases on my computers as well.

Short of cracking the algorithm itself, which as far as I know has not been done yet, systems protected this way are as secure as they can be.

--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"


familypizza

join:2013-01-07
said by TamaraB:

said by rahvin112:

It's pretty rare actually that anything short of 12+ random numbers, letters and special characters isn't part of the lists.

Really? I use pass-phrases, They take the form of "W#en T#e $un $h|n#$ |t'$ V#ry 3r|g#t 0ut$|d#" A 40 character+ pass-phrase with special characters replacing letters. Which can be remembered quite easily if you craft it intelligently. I don't think such a random phrase crafted this way will show up on any list, and the number of combinations and permutations is beyond the capability of anything short of a bank of supercomputers to discover in time to make the discovery usable. I use such pass-phrases on my computers as well.

Short of cracking the algorithm itself, which as far as I know has not been done yet, systems protected this way are as secure as they can be.

For sure, except the people posting in here about their non dictionary 30+ character passwords (with special characters) do not reflect what 95% of people actually use.

No one is trying to say AES is weak... they're trying to say if you use a weak / semi weak password (which most normal users do) then you are susceptible to having their network possibly used by unauthorized users.

davidkassa

join:2013-06-03
Madison, WI
reply to TamaraB
This is a pretty good method, but crackers definitely know this "trick". I encourage everyone to read this article. »arstechnica.com/security/2013/05···sswords/

It talks about how even pass-phrases are easily cracked when simple substitution is used. The ultimate recommendation is use a password manager and make your long passwords truly random.