[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y ] [Search | Home]
4Archive logo
Passwords.
If images are not shown try to refresh the page. If you like this website, please disable any AdBlock software!

You are currently reading a thread in /g/ - Technology

Thread replies: 57
Thread images: 3
File: password.jpg (59 KB, 413x310) Image search: [iqdb] [SauceNao] [Google]
password.jpg
59 KB, 413x310
Passwords.

How many characters do you reccomend?
How can I make it complicated yet easy to memorize?
How many different passwords do you reccomend?
Should I have my shopping password different from lets say a fitness website?

I recently got my account broken into and now after creating new accounts I need some tips
>>
Put three short words together and capitalize specific characters, like, your initials or something.

I don't really come here btw
>>
>>52891997
Just buy 1password
>>
just use keep ass
>>
>>52892047
Fuck no. That shit scares me. I can't trust a program to do that for me.
>>
>>52891997
I use two generic computing terms that vaugly relate to the thing I'm making a password for
>>
>>52892931
Also minimum of ten characters
Max of 40

Make it like an inside joke something that seems unrelated, but to you applies perfectly
New password for every site
>>
>>52892047
>trusting a program you have to buy
>>
while true; do tr -cd [:alnum:] < /dev/urandom | head -c 32; echo; done | head -n 1000 | openssl aes-256-cbc -e -out data.bin
>>
Any suggestions for password manager?
I dont mind lastpass but dont want to spend that much, let alone more, android support was killer.

are there any other good options for both android and linux?
>>
>>52893071
see
>>52893029
>>
Needs at least 35 characters 14 of them should be symbols the rest a mix of numbers and capital and lower case letters. I pwrsonally have 17 different 47 character passwords following this model
>>
File: password_strength.png (91 KB, 740x601) Image search: [iqdb] [SauceNao] [Google]
password_strength.png
91 KB, 740x601
>>52891997
Srs advice
>>
>>52893124
applying that knowledge here:

[email protected][email protected]

just remember 40 cent sandwich
>>
>>52893164
Well why not use this then?
c<>f[}G#`[@UZml6a{<l#0B<Q3%Oi.R_3pV3Q/"qCkfhFch2N|-Lg:!'\=XsAbT_LIG["s_$z';h$i_0(/z4;2iZv`&|c/tGGz4fyWuooxFS[ET!qj9r2O"H>6cf.q

You have obscurity for the sake of it. You have random characters,that you're not going to remember. And who wants to spend 5 minutes typing their password to login to their email and spend 2 minutes using it.
>>
>>52893124
If people only used alphabet letters, a slight modification on the algorythm trying to guess the password would make the search much faster.
>>
>>52893234
You really dont know how mathematics works do you?
>>
>>52893220
because mine is easy for me to remember because i came up with it... fortey percent dollar sandwich. after each word, 40 % $, and numbers substituting letters where it's possible.
>>
>>52893251
obviously not if he misspelled algorithm.
>>
>>52891997
Last name and birthday noob
>>
>>52893124
None of that advice matters when shit requires youth use number and punctuation and shit.
>>
>>52893312
correct.horse.battery.staple1
correct!horse.battery.staple1
correct!h0rse.battery.staple1

You're making this too easy
>>
>>52893251
Start by only testing the char from 'a' to 'z' and 'A' to 'Z'.
You only test 52 cases per slot instead of 255.
>>
>>52893312
bru$h.t33th.3rice.da1Ly
[email protected]
[email protected]@y
[email protected]@11z.1c.@.yr
>>
>>52893363
Were not making passwords that have to pass the turing test.Just logical secure passwords that dones require 10 chinease boys computing pi based on the current time,date,and your geolocation
>>
>>52893363
You're autistic, but you're right.
If people weren't forced to use different kind of characters, most of them would just use a simple chain ranging from 'a' to 'z' as password(not even considering upper cases as an option because people are lazy) , making it really easy to crack most of them.
>>
>>52891997
32 characters is what I use

Use keepass
>>
>>52893124
The calculation of bits of entropy there are wrong. They assume you know the format of the password which you do not and noone ever addresses that when the comic is brought up. Still, the horse password is better.
>>
Guns serials. Add maker/model if needed
>>
>>52893071
look into pass
>>
Diceware. It's a very easy was to make memorable, high-entropy passphrases.
>>
>>52891997
alright i mean do you seriously need people to tell you shit that is just fucking common sense?

i remember you from your last thread "should i tie my shoes with the loop, swoop, and pull method or bunny ears? why is one better than the other?"
>>
>>52893777
>common sense
http://arstechnica.com/security/2015/09/new-stats-show-ashley-madison-passwords-are-just-as-weak-as-all-the-rest/

Now fuck off
>>
You know what's a good password?

1234567890987654321password

thisisaverylonganddifficultpasswordsogoodluck

dontforgettopickupagallonofmilk
>>
Make a random password and save it on your browser.
>>
>>52891997
>How can I make it complicated yet easy to memorize
Not possible.
>easy to memorize
>has patterns
>therefore easy to brute force guess by crackers
No, your clever pattern for coming up with passwords is not clever. Yes, people have added your pattern to their salt cracking programs.
>>
>>52893777

Many people in this thread would disagree
>>
>>52894398
Was directed at
>>52894375
>>
>>52894375

That simply isnt true. Passphrases can be both easy to memorize and have high entropy. See Diceware.
>>
>>52894439
It's only high entropy if you use a large enough dictionary. Most of the retards on /g/ are going to have trouble remembering.

defenestrationborealisalbaniadeuterolophus
>>
>>52894494

SEE DICEWARE

A four word passphrase from a 10,000 word dictionary has a very large amoubt of entropy.
>>
>>52894511
That only gives you 53 bits of entropy, which is nothing.

A standard 20 char random password gives you 120 bits, which is about what is needed against hash cracking.
>>
>>52894590

53 bits is sufficient for passwords to websites that normies visit. Google, facebook, etc will lock you out before you get anywhere near the password.

To defend offline systems like encrypted files a longer string of words would be needed. I use a 15-word string that I've hidden within a non-descript document and printed out.
>>
>>52894699
>Google, facebook, etc will lock you out before you get anywhere near the password.
Do you know how password leaks work? Cracking always happens offline.
>>
>>52894790

Such an attack against a large corporation would require alot of time and effort. If you regularly change your password, the window for them to decrypt your password and use it would be very minimal.
>>
>>52893124
A TA at my university recommended this
>>
>>52894217
>>52893386
>>52893345
>>52893220
>>52893164
thanks faggots all added to my pass.txt on my Kali Linux on my MemePad x1337
>>
My password is: 1nst4ll_Gent00
>>
File: JkOEv90.png (335 KB, 1024x1191) Image search: [iqdb] [SauceNao] [Google]
JkOEv90.png
335 KB, 1024x1191
95.9 bits
is that good enough /g/?
>>
My passwords are passwords that take time to rehearse, but depending on the account sways its length and complexity. For example for my encrypted drive I use a 50 length password that consists of random characters and the character previous and after is never the same as the current. So for example I have letter, symbol, number, letter(caps), symbol, number... I never use the same character within a 10 character chunk. Will take around 2.6 billion years for a supercomputer to break.
>>
>>52897265
mine is 1nstallg3nt00
seems like a popular choice here
>>
>>52893029
DON'T RUN THIS IT MAKES MUSTARD GAS
>>
>>52897534
Rules in passwords like no repeated characters make passwords easier to crack if they are discovered.
>>
My strat is pick a phrase that's not associated with you and use the first letters of the phrase.
Go to the store, pick up bread and milk.
Gttspubam
Then I throw in numbers of a not random sequence but unrelated to my other passwords and unrelated to my phrase. We'll subtract by 2,then 3 starting with 18.
18Gtts16pubam13
Caps the first bits.
18Gtts16Pubam13
Add specials by using the number scheme (subtacting by 2,3, so then 4 on this pass..18,16,13,09) and dropping shift to make them special, put that on the end, or front.
18Gtts16Pubam13)(

Boom. Pretty random, easy to memorize.
>>
>>52891997

Have a nonsensical base phrase of 6+ characters. Then for each service/website/game take 4 letters from its name in a specific positions and add them to specific positions in the base phrase. This way you'll have unique, nonsesical, 10+ character password for everything and you can remember them easy.

Base phrase: Geru?72e

Steam: Gseru?t72eem
Paypal: Gperu?a72yep
>>
Diceware
>>
>>52892965
>trusting a program to store your passwords safely for free
Thread replies: 57
Thread images: 3
Thread DB ID: 515772



[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y] [Search | Home]

[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y] [Search | Home]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the shown content originated from that site. This means that 4Archive shows their content, archived. If you need information for a Poster - contact them.
If a post contains personal/copyrighted/illegal content, then use the post's [Report] link! If a post is not removed within 24h contact me at [email protected] with the post's information.