| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 24357 | 2002-09-09 06:09:00 | Scary Truth about Insecurites | Chilling_Silence (9) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 77911 | 2002-09-09 06:09:00 | I'm currently in the proccess of cracking my Lotus Notes ID File Password, I searched through many google pages to come up with a cracker, Just for the fun of seeing if it can be done. Currently my password is a mix of cpital, lower-case letters, and 1 number. All up, it's `11 Characters long. I'm doing this by Brute Force, was what the cracker program labelled it (Download was about 0.034MB Big - Took half a second! I specified my file (I copied it and specified the second, just in case it got changed or corrupted, and told it max # of characters to do, whether I wanted to do dictionary or by brute force, whether it was all lower case, mixed, numbners, special characters and the like. Click begin and it's doing it. It'll be about 3-4 hours at least I'd assume before it's finished. Is there any other precautions I ought to be taking? It's a long password, and it's amix, so I guess that's all I can do! Changing regularly I guess would help, but is there nothing else?? Chilling_Silence BTW, I'd love to try somebody elses.... Just kidding :p |
Chilling_Silence (9) | ||
| 77912 | 2002-09-09 06:17:00 | Whatever the mix of character cases, I bet that it was a word which can be found in a dictionary. Adding a digit is no help (an extra 10 whacks at each sample word). If you are worried, I am sure there are lists of rules for good passwords. Try "good passwords" in google. But one common technique is to think of a phrase: e.g. "What the hell can I use for a safe password"? Then take the first charcacter of each word. Or the second or third character of each word. So you get, say, "Wthciufasp". This will give the crackers more work. That's the sort of idea. |
Graham L (2) | ||
| 77913 | 2002-09-09 06:23:00 | The number is inbetween two words. I used to use ful mixes, but they were rather limited in length coz otehrwise I'd forget them. The first one (Not used, account closed that was using it) was xxsdhp99, is something like that better than something like (Hypothetical, I'm not dumb enough to post a real password here): Just2Cold81 Which would be better? Chilling_Silence |
Chilling_Silence (9) | ||
| 77914 | 2002-09-09 06:33:00 | The second one is out because of the "actual" words nono. Try that search string on google ... it gets some good matches. It's difficult ... safe passwords tend to be hard to type quickly, and can be forgotten. That's the reason for the phrase idea ... you've got a chance of remembering it. If they are too hard to remember, people write them down, and leave them in safe places (like a PostIt on the monitor, or on the keyboard). |
Graham L (2) | ||
| 77915 | 2002-09-09 06:36:00 | Okay, Post-it's are a BIG NO-no! | Chilling_Silence (9) | ||
| 77916 | 2002-09-09 06:37:00 | It's been going for nearly fourty minutes and has done almost 900,000 tries, but it's still at only 3 characters!! Mine has 11 so it could be a LONG time! | Chilling_Silence (9) | ||
| 77917 | 2002-09-09 06:39:00 | But they help you log in. (And anyone else). Ain't it fun, keeping secrets safe? Richard Stallman (who wrote Emacs, and started GNU) ran computers at MIT which didn't have passwords. He believes in open computing. | Graham L (2) | ||
| 77918 | 2002-09-09 07:46:00 | Open computing is good. You don't screw around with others files as they can just as easily do it to you. In most cases anyway. |
-=JM=- (16) | ||
| 77919 | 2002-09-09 08:08:00 | i've never tried it (open computing) -- unless you count using my parents pc along with the rest of the family. That's not the same as sharing pc's with all sorts of random people... i've met a few real idiots in my time... most people don't know how to look after their own files let alone mine. I prefer the locked and barred approach... 12 letter random passwords. not mixtures of word and numbers -- TOTALLY random. Hit 8-12 random keys, writing them down as I go. After using the password 3 times it's usually stuck in my head pretty good, chuck out what it was written on. No one can remember it, even if I DO tell it to them. It's real good if you want someone else to check your email etc... tell them the password and they type it in at the same time, they can't remember it 3 seconds later. :D Random combinations are just as simple to type in as any real word once you get used to them. |
loser (538) | ||
| 77920 | 2002-09-09 10:25:00 | I stick to 16 random letters, I dont add numbers, for some reason my ability to remember the password is seriously impeded if I add more than a token number, but 16 letters... no problem... | flying_green_leprachaun (1767) | ||
| 1 2 | |||||