NullSmurf
Das Bruce
- Joined
- Jan 18, 2006
- Messages
- 7,858
Statistically, about 8% of you are using "password". Another 25% are using a proper name, your wife, child, pet, or something easily remembered, but easily guessed. The rest of you are using something else, something not so easily guessed, but is it a good password? Several members of this board have had their accounts compromised. How many of you know someone whose eBay account, Paypal, or some credit card account "cracked"? I think these are good suggestions, shamelessly copied in part from Dieter Faulbaum.
Some hints (from the Internet) how to build a good password:
It should never:
it should:
it could:
By the way, someone I know JUST YESTERDAY had his PP account cracked.
Some common hack methods include the "dictionary" attack - a guessing game running through the more common words in the dictionary. Second, is the brute force attack. Brute force starts with "a" and works its way up to "zzzzzzzzz", trying every combination in between. CP's host software, Invision Power Board has relatively advanced security protocols, including password lockout. After x number of guesses (wrong guesses), the account is locked out for some period of time, including permanently. That effectively counters dictionary and brute force attacks.
However, if a hacker wants you, he can still get you with patience. PLEASE, on your sensitive accounts, beef it up! I used to use variations of some of my old addresses.
1357 Maybell Street can become
1357mayb
!357m@yb
1357MaYb
You get the idea. Remember, almost all passwords are case sensitive. NOW is the time to get secure, Brothers
Some hints (from the Internet) how to build a good password:
It should never:
be an entry in a dictionary (of any language)
be trivial like "ABC"
include your own (nick-)name or the name of any member of your family
be composed of (`own') telephone numbers or birthdays
contain the name of an institution (school, work, etc)
comprise a (last) name of a well known personality, town, place, building or firm
build with proper names and popular fictional names (Bond, Enterprise, etc.)
consist of keys next to each other, like: qwerty(z), mnbvcx or 12345 and so on
embody a computername, a user identifier or parts of those
be made up of acronyms or abbreviations
be readable backward (reteid, reteiD, ...)
be modified by pre- or suffixing a number or any other (special) character (dieter09, 7dieter, .dieter$, %dieter, ...)
note: another 25% of you are NOW using this scheme
be trivial like "ABC"
include your own (nick-)name or the name of any member of your family
be composed of (`own') telephone numbers or birthdays
contain the name of an institution (school, work, etc)
comprise a (last) name of a well known personality, town, place, building or firm
build with proper names and popular fictional names (Bond, Enterprise, etc.)
consist of keys next to each other, like: qwerty(z), mnbvcx or 12345 and so on
embody a computername, a user identifier or parts of those
be made up of acronyms or abbreviations
be readable backward (reteid, reteiD, ...)
be modified by pre- or suffixing a number or any other (special) character (dieter09, 7dieter, .dieter$, %dieter, ...)
note: another 25% of you are NOW using this scheme
it should:
be built of 8 characters
not only consist of alphabetic characters but also of special characters and/or numbers
contain at most two equal consecutive characters
be easy to memorize, simply because it should not be written down
be as complicated as possible
not only consist of alphabetic characters but also of special characters and/or numbers
contain at most two equal consecutive characters
be easy to memorize, simply because it should not be written down
be as complicated as possible
it could:
consist of a (totally) wrong written word
enclose more than one word
be one word embedded in another
A Build by a "pass-phrase": make up a sentence like "A cat sits curled up on the roof."; now take the initials of each word Acscuotr.
replace some words by visual assimilable special characters curled up => @
roof => ^
and the new password results in Acs@ot^.
enclose more than one word
be one word embedded in another
A Build by a "pass-phrase": make up a sentence like "A cat sits curled up on the roof."; now take the initials of each word Acscuotr.
replace some words by visual assimilable special characters curled up => @
roof => ^
and the new password results in Acs@ot^.
By the way, someone I know JUST YESTERDAY had his PP account cracked.
Some common hack methods include the "dictionary" attack - a guessing game running through the more common words in the dictionary. Second, is the brute force attack. Brute force starts with "a" and works its way up to "zzzzzzzzz", trying every combination in between. CP's host software, Invision Power Board has relatively advanced security protocols, including password lockout. After x number of guesses (wrong guesses), the account is locked out for some period of time, including permanently. That effectively counters dictionary and brute force attacks.
However, if a hacker wants you, he can still get you with patience. PLEASE, on your sensitive accounts, beef it up! I used to use variations of some of my old addresses.
1357 Maybell Street can become
1357mayb
!357m@yb
1357MaYb
You get the idea. Remember, almost all passwords are case sensitive. NOW is the time to get secure, Brothers
