the myth of strong passwords

[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable
User avatar
neil
Posts: 944
Joined: Mon Jan 22, 2007 5:50 pm
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

the myth of strong passwords

Postby neil » Fri Jul 17, 2009 1:43 pm


User avatar
ChaoticReality
Posts: 1113
Joined: Sun Nov 23, 2008 10:16 am
Location: Edinburgh!
Contact:

Re: the myth of strong passwords

Postby ChaoticReality » Fri Jul 17, 2009 9:07 pm


chombee
Posts: 1327
Joined: Thu Apr 20, 2006 3:01 pm
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Re: the myth of strong passwords

Postby chombee » Sat Jul 18, 2009 11:28 am

Actually security by obscurity means something slightly different. Agree with Neil on this, I think we want simplicity all the way.
I've had it with you. If I had an image of a laser gun I would absolutely position it right here in my hand...
Ha! I have a real laser absolutely positioned in my hand!

User avatar
Jane
Posts: 1557
Joined: Thu Sep 16, 2004 3:10 pm
Contact:

Re: the myth of strong passwords

Postby Jane » Sat Jul 18, 2009 12:10 pm

I HATE needing a strong password, when they make you use at least some caps and at least some numbers it means I have no way of remembering my thousand different passwords so have to write them down in giant permanent marker letters all over my web presence to remind me what they are. This is not good. xxXX

User avatar
ChaoticReality
Posts: 1113
Joined: Sun Nov 23, 2008 10:16 am
Location: Edinburgh!
Contact:

Re: the myth of strong passwords

Postby ChaoticReality » Sat Jul 18, 2009 4:10 pm


User avatar
neil
Posts: 944
Joined: Mon Jan 22, 2007 5:50 pm
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Re: the myth of strong passwords

Postby neil » Sat Jul 18, 2009 5:00 pm

We have also had to deal with hacks at the forest. The bb has been taken down, so has the blog we used to run. It's fine; we dealt with it. What I'm saying is, it's not national security that's at stake. It's not worth causing people loads of hassle and putting them off from signing up & using the site.

chombee
Posts: 1327
Joined: Thu Apr 20, 2006 3:01 pm
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Re: the myth of strong passwords

Postby chombee » Fri Jan 22, 2010 5:14 pm

I read a good idea about passwords today. It said that making people type both their username and a password is pointless typing. The username doesn't improve security any cause it's plainly visible and accessible to any observer. If the system made sure that everyone had a different password, then you could login by typing your password only. This'd mean that passwords could be longer (so more secure) and it would still be less typing cause you don't need to type a user name. To make sure everyone has a different password you don't ask users to come up with a password, instead the system generates a handful of passwords and lets the user choose the one they like. The passwords should be easy to remember. It suggested randomly generated combinations of English words like:

savory manlike oracle

exclusive malformed seal

old free papaya

blooming small labyrinth

rotten turnip sob story

There are trillions of possible passwords like this in English, making them much harder to guess.
I've had it with you. If I had an image of a laser gun I would absolutely position it right here in my hand...
Ha! I have a real laser absolutely positioned in my hand!

User avatar
neil
Posts: 944
Joined: Mon Jan 22, 2007 5:50 pm
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Re: the myth of strong passwords

Postby neil » Fri Jan 22, 2010 5:48 pm

That's quite a good idea.

My first thought was what if someone mistypes and accidentally logs on as someone else? But this wouldn't happen with random groups of 3 words.

My second thought is what if someone starts randomly typing in groups of 3 words?

chombee
Posts: 1327
Joined: Thu Apr 20, 2006 3:01 pm
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Re: the myth of strong passwords

Postby chombee » Sat Jan 23, 2010 4:00 pm

You'd be unlikely to hit anyone's password at random because the number of users is much smaller than the number of possible passwords (which is literally trillions). I think it's no different from taking a list of all our bb usernames (which is easy to get) and repeatedly pickling a random username and trying out a random password with it, but with the manlike oracles the passwords are much harder to guess than the kinds of passwords people usually come up with themselves.

Guessing someone's 4-digit internet banking pin is far easier, there are only 10,000 possible pins.

I admit the idea feels a little uncomfortable but it really is more secure, although I haven't actually done the math.
I've had it with you. If I had an image of a laser gun I would absolutely position it right here in my hand...
Ha! I have a real laser absolutely positioned in my hand!

joachim
Posts: 31
Joined: Sat Mar 13, 2010 7:39 pm
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Re: the myth of strong passwords

Postby joachim » Sun Mar 14, 2010 10:49 am


chombee
Posts: 1327
Joined: Thu Apr 20, 2006 3:01 pm
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Re: the myth of strong passwords

Postby chombee » Sun Mar 14, 2010 4:01 pm

No, it's not vulnerable to a dictionary attack.
I've had it with you. If I had an image of a laser gun I would absolutely position it right here in my hand...
Ha! I have a real laser absolutely positioned in my hand!

User avatar
swithun
Posts: 2683
Joined: Wed Mar 29, 2006 12:24 pm
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Re: the myth of strong passwords

Postby swithun » Sun Mar 14, 2010 6:35 pm

It would be vulnerable to a dictionary attack cubed. Mwahhhahha.

User avatar
Jane
Posts: 1557
Joined: Thu Sep 16, 2004 3:10 pm
Contact:

Re: the myth of strong passwords

Postby Jane » Mon Aug 15, 2011 9:40 pm

Image

sean is so smart.


[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable
[phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1266: count(): Parameter must be an array or an object that implements Countable

Return to “Website/Online”

Who is online

Users browsing this forum: Google [Bot] and 1 guest