I was thinking of using, 3rd grade girlfriend's name followed by "I bet she turned out to be one great piece of ass"... Too long?
Password managers?
- Thread starter Scataphagos
- Start date
Something you should consider before using a password manager is using 2FA for your important logins.
I've enabled 2FA on every important login to mitigate password loss. These include:
I've enabled 2FA on every important login to mitigate password loss. These include:
- Google mail
- Yahoo mail
- Interactive Brokers
- Oanda
- Purse.io
- Github
- Cex.io
- Coinbase
Keep in mind many account hacks occur by hackers resetting your passwords and not by brute force attacks.
Now that's worth a "like"!
Geez, Louise. I was beginning to wonder if everybody lost their sense of humor..
http://masterpasswordapp.com addresses these issues. I think there's a Wiki page on how it works. Just began using it. Some effort is needed, though, to get migrated.
When it comes to brute forcing a password, wouldn't it be simpler and more secure to use very strong passwords 10 digits long?
A strong password would apply to a system that allows upper and lower-case letters, 10 numbers, and special characters. Let's say there's 10 special characters.
So that's 52 letters, plus 10 numbers + 10 special characters. Over the course of a 10-character password, it's
72^10 = 3,743,906,242,624,487,424. That's ~3.8 quintillion combinations. Since most websites needing tight security with their password formats usually allow only 3-5 tries before a lockout and need to manually reset, doesn't it follow that the chances of being brute-forced are just about zero?
As far as an account being hacked, well, just keep a post-it note in your room/office where you work with the passwords listed, and don't store them on your machine. And use a unique password for each website, so if one account is compromised, they can't get to the rest.
A strong password would apply to a system that allows upper and lower-case letters, 10 numbers, and special characters. Let's say there's 10 special characters.
So that's 52 letters, plus 10 numbers + 10 special characters. Over the course of a 10-character password, it's
72^10 = 3,743,906,242,624,487,424. That's ~3.8 quintillion combinations. Since most websites needing tight security with their password formats usually allow only 3-5 tries before a lockout and need to manually reset, doesn't it follow that the chances of being brute-forced are just about zero?
As far as an account being hacked, well, just keep a post-it note in your room/office where you work with the passwords listed, and don't store them on your machine. And use a unique password for each website, so if one account is compromised, they can't get to the rest.
Last edited:
Typically, the attack is on the database(s) storing all of the passwords, and not just on your login screen.
So a lot depends upon how the passwords are being stored by the company (e.g. Yahoo, etc.), regardless of how long your password is.And, it may not take as long as you think. Research 'Rainbow Tables.'
Typically, the attack is on the database(s) storing all of the passwords, and not just on your login screen.
Indeed. Thus the admonition that you do not use the same password for each site. If one is hacked, at least that is the only password that is compromised.