I have a macro keyboard so i just set long ass password phrases i make up on the spot and make my keyboard auto-type it for me. Whatever the password limit is for the site is my phrase length.
[QUOTE=xianlee;47564916]is that actually the case? random letters, numbers, symbols is more insecure then just say 5 words in a row?[/QUOTE]
It depends.
8 random ASCII characters is more insecure than 4 random words with some capitalization and numbers.
However, 200 bytes of random ASCII-like characters is probably going to be more secure than what most people can come up with anyway.
The former prevents brute force attacks (not dictionary attacks though, they would probably get it relatively quick), and the latter (200 bytes of random ASCII-like characters) is pretty unlikely to be broken at all.
I think it's worth remembering that pretty much 100% of websites made by anyone with more than two brain cells to rub together will have temporary lockout and/or Captcha verification that triggers after more than 3/5 tries, effectively making bruteforcing times much, MUCH longer.
Even if the computer in question can pull off 4 billion password combinations per second (which would require a pretty powerful system), it's not gonna be capable of inputting a whole lot before getting locked out temporarily or requiring manual Captcha input, and then there's the whole network lag/Too Many Requests lockout issue.
Even at a rate of 1 password/second, a relatively-short 8-character password like 'a0a0a0a0' would probably take 69081 centuries to bruteforce, assuming dictionary attacks and trying common patterns are out of the question.
It's good to have a relatively long password, but I think this kind of thing concerns people with zero anti-bruteforcing measures in place the most.
[QUOTE=ROFLBURGER;47491312]wheres that one flash game where you enter your password and it tells you how long it takes to crack it
[editline]9th April 2015[/editline]
[url]https://howsecureismypassword.net/[/url]
just enter something close to your password if you're paranoid
for example my password is ****** so i entered ######[/QUOTE]
Apparently zzzzZzzzzZzzzzZzzzzZ takes 165 quadrillion years to crack
I have my doubts.
Sorry, you need to Log In to post a reply to this thread.
