Wireless network authentication that accepts thousands of attempts every second?
[QUOTE]The attack relied on victims setting simple passwords which could be guessed by software within seconds.[/QUOTE]
wow such a unique vulnerability, i wonder how gopro thought they could get away with it
Any system that requires a password should lock out the attempt after a few tries in succession, period. I don't really care what it is.
And people need to stop using simple ass passwords. It does't have to be MatRIX98238%($#ka. Just make it a simple phrase that has 5 words in it with a number and capital letter, damn
-snip-
apparently people get uppity when a picture directly relevant to somebody's post is posted
[QUOTE=ArcticRevrus;47860369][IMG]https://imgs.xkcd.com/comics/password_strength.png[/IMG][/QUOTE]
I'm so sick of this image, people talk as if it's the answer to the universe with passwords and just have to post it every single time anyone mentions password security
ok we get it now you can stop
it's only in [I]every single thread[/I] regarding password security
the issue is that you still have to remember the phrase either way, and the system you used, so wtf is the point, it doesn't make anything simple at all
[QUOTE=J!NX;47860376]I'm so sick of this image, people talk as if it's the answer to the universe with passwords and just have to post it every single time anyone mentions password security
ok we get it now you can stop
it's only in [I]every single thread[/I] regarding password security
the issue is that you still have to remember the phrase either way, and the system you used, so wtf is the point, it doesn't make anything simple at all[/QUOTE]
It is basically the answer to the universe of passwords though.
It's pretty much one of the best ways to remember your password while still making it complicated enough not to get guessed.
Most password stealing doesn't happen by brute forcing anyway. Hell, most "ways to get behind a system that uses a password" doesn't have anything to do with using your password in the first place.
Companies should start forcing users to make 16+ character long passwords with numbers, capital letters, and perhaps non-alphabet/numeric ASCII characters (~, *, _, +, etc.) so this will stop happening once and for all.
[QUOTE=J!NX;47860376]I'm so sick of this image, people talk as if it's the answer to the universe with passwords and just have to post it every single time anyone mentions password security
ok we get it now you can stop
it's only in [I]every single thread[/I] regarding password security
the issue is that you still have to remember the phrase either way, and the system you used, so wtf is the point, it doesn't make anything simple at all[/QUOTE]
I always wondered about the password in that comic, what if you use combined dictionary attack? As long as all the words are generic english and contain no symbols or numbers you'd need a password longer than 4 words.
[QUOTE=U.S.S.R;47867513]Companies should start forcing users to make 16+ character long passwords with numbers, capital letters, and perhaps non-alphabet/numeric ASCII characters (~, *, _, +, etc.) so this will stop happening once and for all.[/QUOTE]
Yeah that seems really fucking convenient.
[QUOTE=itisjuly;47867668]I always wondered about the password in that comic, what if you use combined dictionary attack? As long as all the words are generic english and contain no symbols or numbers you'd need a password longer than 4 words.[/QUOTE]
let's assume you use a word dictionary of the most common 3,000 words -- which is pretty small by password word dictionary length. if you're attacking a password that uses 3 words you'd still have over 27,000,000,000 unique combinations in the worst-case. if you enforce a 1 second delay before a password can be entered again, it would hard-limit you to a worst-case of 855 years.
Sorry, you need to Log In to post a reply to this thread.
