Obliviator Posted January 17, 2005 Share Posted January 17, 2005 12 would suffice for now, unless computer speed were to increase exponentially. For those who want to do the math, say that you were to use an alphanumerical passwords with casing, symbols, and ALT+characters. Alphanumerical passwords with cases alone allows 62 different combos. Add that to about 10 symbols and ALT+characters and thats 82 different combos. Since the password length is 12, calculate 82^12, which is about 100,000,000,000,000,000,000,000 different combos. If a cracker managed to take over 10,000 super computers, each capable of trying a billion passwords per/s, it would still take about 100,000 days to crack. But say that halfway between all those possibilities lies your password; that would result in your password being cracked in 50,000 days, or about only 150 years. Link to comment Share on other sites More sharing options...
Spyder2k Posted January 18, 2005 Share Posted January 18, 2005 I'm of the opinion the encryption algorithms should be lenghty, slow and ineficient with zero possibilities of optimization. That way increasing the bit size of the password hashes would suffice.Newayz, with reference to the windows, anything above 8 characters (of course the more the merrier) is good. Take a look here http://www.securityhorizon.com/security_wh...ved/lanman.html Link to comment Share on other sites More sharing options...
prathapml Posted January 18, 2005 Share Posted January 18, 2005 For average-level security, 6 characters in a password (with a word mot in a dictionary) would be sufficient. Link to comment Share on other sites More sharing options...
brian873 Posted January 18, 2005 Share Posted January 18, 2005 A good tip I picked up, is to use a sentence if you want a lengthy password. Using the first letter as your code.Sentence = My Dog Is Lazy And Sleeps From 9 Until 12 Each DayPassword = MDISLASF9U12EDSentence = The Bhoys Humped Rangers 1 Goal To Nil On The 9 1 05Password = TBHR1GTNT9105You can vary it however you like adding caps and longer sentence but it is pretty handy and easy to remember.Also remember to change it ever so often !Hail Hail Link to comment Share on other sites More sharing options...
indianarchie Posted January 18, 2005 Share Posted January 18, 2005 hmm..for a good password..atleast 8 characters with a mix of upper and lower casing. Also put in some numbers. Preferably the password should be something not found in a dictionary eg (VMFe48Jk). Also it should be something that cannot be easily associated with the person..for eg the birthdate. oh and most important..dont write it down! Link to comment Share on other sites More sharing options...
gamehead200 Posted January 18, 2005 Share Posted January 18, 2005 I usually use 6 to 10 characters depending on what I'm setting a password on! Link to comment Share on other sites More sharing options...
Shotgun Posted January 18, 2005 Share Posted January 18, 2005 Windows doesn't use LM hash for passwords >15 characters. It's better to have passphrases, with a symbol or high-ascii (ex: alt-255) combination thrown in to really throw off hackers. Here are some excellent references on good passwords:Why you shouldn't be using passwords of any kind on your Windows networks . . .Rainbow Crack--Not a New Street Drug10 password myths Link to comment Share on other sites More sharing options...
LaRcOs Posted January 18, 2005 Share Posted January 18, 2005 supercalafradgalistickexpealadociousNuff said Link to comment Share on other sites More sharing options...
prathapml Posted January 19, 2005 Share Posted January 19, 2005 Haha! That's your password?be afraid.... VERY afraid... (j/k) Link to comment Share on other sites More sharing options...
Shotgun Posted January 19, 2005 Share Posted January 19, 2005 supercalafradgalistickexpealadociousNuff said Nuff said. False sense of security.With Rainbow tables, that password is broken to its knees in less than 10 seconds... Such RT tables *do* exist. Ever heard of Distributed computing? Link to comment Share on other sites More sharing options...
prathapml Posted January 19, 2005 Share Posted January 19, 2005 rainbow tables linkie? Link to comment Share on other sites More sharing options...
Shotgun Posted January 23, 2005 Share Posted January 23, 2005 To explain Rainbow Tables a bit (withouth violating forum rules)...Rainbow Tables is a method where instead of trying different character combinations to try to "guess" an encoded password, it has a LARGE quantity of already encoded character combinations (Rainbow Tables) in which it is only a matter of seconds to compare an encoded password versus the encodings of hundred of different password combinations. The method was developed by Dr Philippe Oechslin of The Swiss Federal Institute of Technology in Lausanne. He developed what is currently known as Faster Cryptanalytic Time-Memory Trade-Off, in which large combinations of characters are encoded (using the current Windows pw encoding method) then saved for later reference. One thing to note is that Rainbow Tables are large (300Mb+) and are very time & cpu intensive to generate. Only people with sufficient cpu-power have been able to generate RT tables large enough (>45 characters) to crack almost 90% of previously thought as "secure" passwords in use today. This is public, legal information currently discussed in popular computing and IT magazines worldwide. Since the development of this method, IT engineering communities have already begun the development of stronger encrypting technologies to subvert and try to get ahead of this and future methods that could render current "safe" encrypting technologies useless or even, obsolete. Link to comment Share on other sites More sharing options...
gamehead200 Posted January 23, 2005 Share Posted January 23, 2005 Why is this here? [ Moved. ] Link to comment Share on other sites More sharing options...
HighDarkTemplar Posted January 23, 2005 Share Posted January 23, 2005 25 characters for me :-)Best RegardsNerevar Link to comment Share on other sites More sharing options...
lordflyingpoo Posted January 28, 2005 Share Posted January 28, 2005 i use 12 characters, in which the words are in the dictionary. and no hackingas of yet. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now