Password Thread

I flip a coin a bunch of times

OPisAfaggot696969

File: 2017-01-16_13-50-19.png (44KB, 491x577px) Image search: [Google]

44KB, 491x577px

KeePass's password generator.

Phrase-based password with some foreign words from different languages, and a few random non-alphanumeric characters sprinkled in there.

For example:
>Xenophobic KURVA! C'est 4 u. Arigato, Al-Kitab-san~

>>58519217
>hey anon can you tell me your password I need to use your pc for a sec

>>58519332
>implying anon communicates with anyone outside of 4chan

>>58519101
00000000000000000000000000000000000000000000000000000000000000000000000000000000+1234

For one thing I don't post the method online.

>>58519169
This

Got a single word in French, written close to phonetic then I've added a number and an non hexa char at the end.

For more security, I add at the beginning an modular set of characters

(For me it #(1)(2)! , with (1) for first letter of the site +1 (a become b, b become c, and so on. (2) is the second letter of the site, still +1)

>>58519101
>screencap recognizable area of login screen.
>md5sum screencap.jpg = username
>sha1sum screencap.jpg = password
>I don't actually do this, so feel free to steal the idea.

Realistically 16 characters is safe in any situation. So I aim for the double.

>>58519101

Fuck Snowden. Fucking anti-Trump cuck.

>being /g/
>not using this
http://world.std.com/~reinhold/diceware.html

>>58519332
>said no one ever

pwgen is pretty good

>>58519101
slap muh dick in keybaord several times

>>58519101
I have a simple password for my manager connected to huge passwords that are inhumane

>>58519101
just write your own password generator its not that hard with random to just pick from random characters from a string of random numbers, symbols, and letters.

then write a password manager that encrypts the file add un + password to file for each thing you have. the only reason password strenght is emphasized is because normies literally choose things like 'password' and 'hello' etc so hackers can just bruteforce accounts pretty easily given them parameters. once their account is hacked many accounts follow because their other accounts probably use hte same password.

binary code for words
steam is binary for "benis"

>>58519101
I use KeePassX high entropy password generator.

>>58519169
KeePassX > KeePass

1. Bang head on keyboard
2. Use password manager

>>58519332
"ill type it. i use this password for everything so i dont really want to tell you.."

>>58519101
Set your password as: 偉大

File: pepewink.jpg (37KB, 499x499px) Image search: [Google]

37KB, 499x499px

>>58519101
I use a password manager that I wrote myself. Plenty of websites around to help you make a strong password, remembering them all is a different story tho..

I use my GPG key.

Master Password is pretty nice

>>58520282
>>screencap recognizable area of login screen.
>they change the colour slightly

>using text in your password
>not using face recognition

>>58520420
Do you don't like a guy who exposed a massive Orwellian taxpayer-funded program that collected reams of data on your Internet habits because he disagrees with you on about an election?

>>58524685
>using face recognition
>not a direct machine-mind interface

>>58519101
I just choose 10 - 15 character long strings of random numbers, symbols and upper-and-lowercase letters. Then I write them down on paper.

File: password_strength.png (91KB, 740x601px) Image search: [Google]

91KB, 740x601px

>>58519101
For ones I don't need to remember, I generate a 40 digit key in LastPass

For the ones I need to remember I just string together two or three random words and a number.

>>58519101
More like: "I gave up my future only to jeopardize national security and become a SJW cuck on twitter".

I cannot believe there are still people who believe his bullshit. It's a disgrace, he's a disgrace, and you're a disgrace for posting this picture. Sad!

File: b7c.jpg (46KB, 650x427px) Image search: [Google]

46KB, 650x427px

>>58524006
>autistic 40-digit+ password
>"I use this password for everything"
That's fucking retarded

Password manager.
Nothing beats a 16 character long randomly generated sequence of symbols, digits, uppercase and lowercase letters.

for the password manager password, I use various phrases like "BloodForTheBloodGoD_SkullsForTheSkullThrone"

My password manager makes them

>>58525197
>randomly generated
Stopped reading there.

Password managers are a meme, nothing in computers is pure Radom yet. There are attacks that can be done to obtain the "seed". Once that is compromised, reversing the algorithmn for the password manager and adding the seed is trivial.

>>58525315
>nothing in computers is pure Radom yet
>sequences derived from human input is not random

kek

>>58525315
Password managers are a tool of defense against the possible incompetence of the service that you use the passwords on.
If your entire system is compromised, you have bigger problems to deal with than your MMO account.

>>58525315
Theres nothing general to protect you against a targeted attack but you aren't that important or you'd already know how to protect yourself against a targeted attack

>>58525364
>assuming password manager programmers are competent
>what is an indirect attack?

TOP FUCKING KEK. Found the Security+ or CISSP retard.

>>58525373
t. NSA

>>58525379
Oh wait, were you expecting a reply this whole time?

Here's one.

>>58519101
01000111 01101001 01110110 01100101 00100000 01101001 01110100 00100000 01100010 01100001 01100011 01101011 00100000 01011111 01011111 01011111 01011111

File: 1450747031063.jpg (92KB, 1024x1024px) Image search: [Google]

92KB, 1024x1024px

>>58519101
Type randomly in notepad
Save result Physical note and file
Use it as password

>>58519101
Password generator

File: 1476116103954.png (38KB, 499x338px) Image search: [Google]

38KB, 499x338px

>>58525315
>>58525379
sigh

>>58523077
pass > keeplebx > keepleb

>>58519101
Half the word L33T

File: 1464370383988.jpg (51KB, 460x480px) Image search: [Google]

51KB, 460x480px

>>58525509

>>58519332
I have a few passwords that I legitimately could not tell people, only type in or long-windedly explain how to go about typing them.
Never had that happen to me and if it did, I'd tell them I'll make a guest account for them.

I've been looking into it and it's surprisingly hard, though I'm only a layman

short passwords can be beaten by random guessing (brute force)
having a hard to guess password or one with symbols is really no help

longer passwords are venerable to dictionary attacks, where whole words instead of individual characters are used
pre-recorded phrases like quotes are extremely venerable to this
I think dice-ware passwords are venerable to an extent as well

I dont trust password managers myself
because you could be screencapped or keylogged while setting them up if you are already infected
or because your password isn't worth much to an attacker, but the program is worth a million passwords and it seems all to regular that we only find out about a breach years later
sure they provide good protection for those shitty little passwords and I'd use them for that, but for your more important passwords you might want more security

trying to set up a good multi-phase security with a token, but not sure where to start

>>58525175
You realize it's a fake excuse right ?

>>58524936
>what is a dictionary attack
>>58526507
>venerable
what? you mean passwords are respected?

For people using password managers with generated passwords: Don't you fear you will get locked out from all the websites, when something happens to your database or key file (e.g. you accidentally delete it or it will be corrupted)

>>58526507
>I think dice-ware passwords are venerable to an extent as well
only if they're too short
it's simple math m8

>>58526507
>breach
you obviously use a local password manager
>willingly giving someone else all your passwords
hahaha, good one

>>58519101
I dont, all my passwords are 015989 but I use two step vefirication in everything

>>58519101
Use the password "hunter2".

>>58519101
Your password is blocked on 4chan, give it a try!

Password: ****************

>>58527132
No. I store it on ZFS, specifically because with snapshots and ECC memory it's the most safe place to store data.

>>58527208
see: >>58527201

>>58519101
1p'4s'9'f16gg25t'
its easy once you understand how hard brute forcing passwords are. i guide you to how i got the password above.
take a phrase
opisafaggot
now lets modify the phrase so its easily remembered by not easily cracked. we are going to replace every vowel with '0' so we have
0p0s0f0gg0t

password is looking strong but we can make it stronger with some special characters. lets try adding ' after what is every word. youll have to forgive me, my shift key isnt working but just use your favorite special character
0p'0s'0'f0gg0t'
now you might be thinking that theres way too many 0's here. but thats not a problem. just add an increasing number after the 0 or instead of using 0's use a sequence. take x squared
1p'4s'9'f16gg25t'
there, no you have a strong password and all you have to remember is
opisafaggot
x squared
' after every word

>>58526973
like I said >>58526507
dictionary attacks can be very effective against passwords that are pure dicewords; however when a diceword is hardened I believe it becomes magnitudes more secure

>>58527148
take for instance "the lord is my shepherd"
it has about 80 bits of entropy
but anyone could tell you it's a weak password

a long password is always good, but any password that uses whole words is weaker by a magnitude because instead of guessing individual characters that are unrelated to each other

in the same way an attacker can run common phrases, the attacker can run only combinations of whole words

and the longer the password, the more effective this is relative to brute force

>>58527155
here's my reasoning
it's an easy way of protecting passwords for things you might otherwise not bother to secure
like your porn site, newsletters etc

if you lost all these at once, you would certainly be very unhappy
but that's simply a trade of between better overall protection vs. putting too many eggs in one basket

on that basis alone I would recommend their use for trivial passwords, because they protect you against mass user level hacks online
eg. someone tried to log into a million pornhub accounts with the password "password"

but the bigger advantage is that they protect your main passphrases/passwords from a sieve attack

breaches of low level passwords can easily enable attacks on entirely unrelated passwords by the same author
eg. I guess your shitty pornhub password, then use it to make a rule, which I then use to attack your main passwords

even in the catastrophic event your password manager is compromised, it could provide no clue at all as to passwords made elsewhere

i use password123 on everything and haven't had a problem yet .. Snowden's a hack

>>58527234
sorry to break it to you, but this is not a great
if your password was "n00bs"
an attacker would try "noobs", then "noobs1" "noobs2" ...."n00bs" "n00b5"
before they tried six digits of giberish "t76ygu" "fmiet0"

a brute force attack will try ungodly amounts of combinations
combinations that follow a pattern will always be tried before giberish

it's still a very strong password, don't get me wrong
but if you used a "rule" to make it, a rule could be used to beat it
ESPECIALLY if you use that same rule across multiple passwords
the fact you provide " ' " effectively as a word break hurt you greatly in this case, because it allows your "rule" to be reverse engineered from known passwords

File: tumblr_mux23qNq5X1s3v8rqo2_500.gif (828KB, 500x281px) Image search: [Google]

828KB, 500x281px

>>58519101
I leet mai waifu's name, times five, then throw in a few '#+/)!]~.

Different accounts I use her full name, surname, favourite food et cetera.

>>58527208
*************

>>58527246
diceware implies they're completely randomly chosen words, which implies they're not connected to each other.
it's obviously crucial that the words aren't connected in a guessable manner, you can flip up a random page in a dictionary and pick a word from there. Repeat that until you have a sufficient number of words(4-8)

>>58527443
yeah thats true for 5 characters. not for anything longer than 8. it becomes nigh impossible to crack
obviously you wouldnt use the same rule for every password. just easy ones you can remember.
what i demonstrated is effectively all you need for a password

>>58527208
*****************

>>58527588
wow it really works

>>58527490
the words arn't connected, but the letters are

that's all a dictionary attack does, guesses increasingly uncommon combinations of words

and using the diceware list of words is crazy stupid, because it's been around long enough and there are probably pre-calculated probability based table attacks (is this a "rainbow table"?)

the point I'm making is that a very long password phrase is far from as secure as it's entropy potential might suggest

>>58527538
it's a good password for sure, but computers are only getting stronger and hackers are only getting better at one of the oldest hacking techniques

"8 digits" isn't going to cut it at some point even if your password is completely random

I make weird ass sentences like: Why does Seth Meyers smile so much?

>>58527746
please, if you're getting in over your head don't discuss shit
diceware is secure, taht's not how things work
i don't want to have to explain everything

I use lyrics of obscure Italian rap and disco music.

>>58527746
sure if you are worried about attacks from gpu clusters then just pick a longer phrase. But unless you have information like nuclear codes no one is going to dedicate the hours and hardware just for you at 8 characters.

>>58519101
I use apg
https://packages.debian.org/wheezy/apg

>>58519101
Obscure James Bond characters

i go to random.org and generate 1000 random strings and pick one

>>58519101
pwgen 10 1

>>58524632
You would only need to take the screencap once you absolute tit

>>58527443
Brute forcing a reasonably long gibberish with an arbitrary made up rule has an absurd complexity once you go out of 9 or so characters.

I create my passwords using a simple rule that ends up with 20 or so characters that are gibberish unless you know the pattern beforehand.

So unless someone brute forces with some sort of adaptive, star trek level AI, a 20 character password of random characters, even if created using mnemotechnique, is very safe.

>>58519101
>How does /g/ make a strong password?
Strong?

pwgen -sy 32

Strong and memorable?

curl -s https://0x0.st/8Ix.bin | shuf | head -n 8

>>58527795
8 characters, numbers+single case letters(uppercasing or lowercasing letters before hashing is a common misconfiguration), hashed with MD5
a single GTX can do 25 billion hashes per second for MD5[1]
36^8 hashes / 25*10^9 hashes per second ~ 112 seconds
not that long huh?
for mixed case letters + numbers(62^8) it's 140 minutes, but that's still worth it considering you usually do this on a bunch of passwords.

[1]https://gist.github.com/epixoip/a83d38f412b4737e99bbef804a270c40

ok so this all bull shit when you realize most websites (important ones anyway) have ways of preventing brute force attacks

>>58519217
This. Probably don't need to go to that extent, though. Plus you should make the phrase mnemonic. Like your initials so you can remember it: Autobahn Betamax Cinco.

Fun fact: They can even be common words like Alpha Bravo Charlie and still be extremely strong.

>>58527901
Who worth cracking uses MD5 for anything except file checksum?

For 9 letters it is 4000 seconds, for 10 it rises it to 40 hours for lowercased numbers and digits.

For an actual 96 character ascii character set with 10 characters your gtx requires 84 years to crack it with 100% certainity, so 42 on average.

>>58527924
That is not how it works.

You first get a database of user:password. Both are ofc hashed and salted.

Then you obtain user names which you are intrested in, for example by using a dictionary attack on the user name hashes.

You obviously need the salt function as well.

From that point you try to brute force passes for each user.

Once you get both, you can simply input them into the website and get what you want.

Say you have 1000 users.

FIrst get their names, then do a pyramid of attacks on the passwords starting from the easiest methods and ending with brute forcing what remains.

Since most people are idiots and use user/qwerty kind of passes, you can, with a reasonable gpu farm, guess 70-90% of user/password pairs.

>>58527795
I think about 8 hours
but it's entirely dependent on the kind of hardware the attacker has

but keep in mind that the probability of a brute force increases as the number of combinations decreases

if there are a million combinations, it's just as likely your password will be number 2500 as 999,999

>>58527208
iw4nt2bth3l1ttl3g1rL

Will your password really be bruteforced with the cooldowns that everything uses now?

>>58528070
not him, but websites are fairly clever about protecting against automated interface

a simple lock out after an incorrect guess slows down brute forces to the point it's barely worth bothering

facebook for instance detects if you try to access from another region, or from multiple regions simultaneously
and everyone can work out when there is a cluster of suspicious access
eg. every computing in a public library, every computer in a university faculty, thousands of PCs in a small town like you see in russia

>>58528070
contd:

1000 users - getting names is easy as most people are 'niggerdick2121' so a dictionary attak will work. Say, 10 seconds per one on average.

Password - assume secure hash, not md5, so you need to try dictionary attack if that fails for, say 1 minute, then switch to brute forcing. If that fails after 10 minutes simply give up because this pass cannot be cracked _easily_.

Overall - for one user you spend 670 seconds, for 1000 users you spend 186 hours.

Unless you have a botnet going on, then if your GPU farm spent 186 hours at 10kw, you used 1860 kwh of energy. Check your local utility how much that it cost if you disregard cost of the GPUs.

It obviously is actually a lot less, because most passes are cracked with a dictionary/rainbow table and minority acutually goes to brute force or even fails after that.

In the end it all boils down to hash/second and money gained from this operation.

>>58524771
>Using direct machine-mind interface
>Not using astral projection system

>>58528139
Brute forcing is done on a dropped user/pass databases, not through a public interface. If anyone tried 25 billion attempts at guessing a pass then even the easiest DDOS protections would trigger on any website.

>>58525315
are you literally a fucking nigger?

>>58528190
>Brute forcing is done on a dropped user/pass databases
explain that one to me, not sure what you mean

>>58528223
Someone obtained a database of users and passwords to a website - say, paypal - and dumped it to a file for later processing.

They could have gotten that data by hacking the site, or by social engineering, or phishing an employee data or whatever.

>>58528070
>You first get a database of user:password. Both are ofc hashed and salted.
>Then you obtain user names which you are intrested in, for example by using a dictionary attack on the user name hashes.
Who hashes usernames?

>>58528311
Someone who does not want a potentially circulating database to be cross examied with other, potentially already cracked, databases from other sites.

If there is 'niggerdick2121' on facebook and also there is 'niggerdick1212' on instagram then it is quite possible that it is the same person and use the same password.

All of a sudden you get two hashes to play with and if you have pass to one then you just might have the pass to other.

Hashed/salted usernames protect somewhat from this.

>>58519101
use password1
the 1 always throws people off.

>>58528355
But usernames are public information, so unless you're suggesting the attacker has access to the database but not the salt, it won't buy you much

>>58528396
Also, unless you store usernames in plaintext somewhere, how are you going to have somebody's username appear next to the retarded comment they left?

Simple, I use:

username: password
password: username

File: 1470884943063.jpg (28KB, 720x720px) Image search: [Google]

28KB, 720x720px

>>58519101
I basically just make a password based on what I'm signing up for, and try to make it as long as possible.
For example, if I'm signing up for razer synapse, the password can be sidewaysforattentionupwardsforeffect
Or something of that nature.

>>58528396
Are they? I don't share my bank login data around, nor my ebay, aliexpress logins.

You need to remember that on each site content creators are about ~10% of the total people on that site. The rest just lurk, rarely showing themselves to the public.

Moreover - salted/hashed username somewhat protects from directly showing whose password you are working on as long as salt and hash functions are unknown to the attacker.

>>58528403
Storing content away from authentication is like, trivial... so trivial that google and facebook offer authentication services. Do you think that each time someone reads a comment by 'niggerdick2121' the 'retards.com/forum' logs to its authentication service to get the user name?

>>58528223
Since astral projection is a singular experience you could, in theory, be 100% safe from threats

>>58528491
So you're basically operating under the assumption that they will be able to leak your authentication database but not your content database?

>>58528667
I am operating unnder the assumption that they need to leak: my content, my autenthication and my salting / hashing. When my authentication is 'somewhere else', especially when it is some other entity, then my entire website is much more secure anyways.

Each hindrance for an would be attacker makes my users more secure, especially one that costs me $0.00001 and costs the attacker $1 per user.

>>58527746
>what is entropy?

>>58524711
It's OK. Someone told him that Snowden's a "cuck" so that'll never change in his mind.

But more likely b8.

>>58519332
Choose log in as a guest user.

>>58525315
Then generate your passwords on airgapped system. Don't pretend to be a retard.

>>58525315
Protip: On password managers, the password generation is seeded with entropy generated from user input

>>58526973
>dictionary attack on a website that blocks your account after 5 incorrect password inputs.
good luck with that

>>58527943
>your initials
Found you, Andrew Bartholomeus Clarke

the same two passwords since 2003.

got a new one recently, but still use those two.

>>58529354
>user input
>entropy
your funny kiddo, i'm gonna kill you last

>thinking a good password will protect you while you have a NSA keylogger on your PC

>>58528128

No. Most of /g/ is stuck in the past, modern brute forcing is pointless/dead end.

As some stated it is possible on a dropped database but that is so few and far between you do not want to worry about it. If a database is leaked and that company tells you, then change that shit.

When databases get hacked is it safe to assume that hackers only have access to hashed passwords?

>>58530086
No. It depends entirely on how the website stored the usernames and passwords. Many websites still store passwords in plain text. You can check for this by pretending to forget you password and see if they mail it to you in plain text after you give your email address.

Of course, most reputable websites use a salted hash, but it isn't in use by everyone

I have a phrase I know since childhood that makes no sense and is spelled incorrectly.

Make some letters into special characters and add a number sequence and I'm golden

>>58531416
So you use the same password for every website?

>>58520084
>tfw I too have my own personal password algorithm so I don't have to remember any one pass word but I still have like 20 different ones

>>58531570
You could always salt it with service or website name.

>>58531592
This is the best way to cover your ass in case of leak from a shady website

>>58519101
you mean pass phrase

>>58519101
I always use phrases.
e.g.
1 order of General Tso's Chicken for $7.27.
When Hydrogen plays it's time to put on the Mask.

>>58529347
Protip: there are ways to indirectly attack and obtain values for the seed.

Also, protip: this is assuming your downloaded binary of the manager didn't get tampered on the fly as it was being downloaded. You could PGP verify it, but there is a chance the author of the password manager got compromised. And if I was an intelligence agency, I would already take steps compromising these managers.

Memel0rd420

>>58531613
So you use the name of the service as your password? Wow sure is secure

>>58519101
http://www.dinopass.com/

>>58531771
One numbeR 9 L@rge with extra dip

the4wiz5zard3cametoki2lltherhino187

>Not having random chino russian german passwords...
中gz2hänasd123123khoüe134234ё 國ASFZD3I%&/()=)(/nkas609upvafsd哲 ж з 學書и й к л м p c т y ф х ц ч電子§$%&/()!(ZUJNSJDUI化計 $%&/!Hн o п%&ER&T=U) ZHE U"Ü劃

>>58524189
GREAT! thx senpai

>>58535829
Chinesephilosophybookelectronicplan .... with random anglo germanic chars inserted inbetween...

>>58519101
>>58527234
IGaveUpMyFuture
1G4v916pM25F36f49t64r89
1*G4v91*6p*M25*F36f49t64r89*
Is this legit

>>58519101

pwgen -N 1 32

>>58519101
How did he get caught. I figure a guy smart enough to get an NSA job would be smarter at leaking docs.

>>58537714
they have it set up so its impossible to not get caught. its impressive he managed to get out the door in time

>>58525315
>manually changes one character in the generated password
>entire 'seed' attack goes out the window

>>58537856
So what did get him caught? I don't understand what stops someone from going to an unsecured wifi hotspot and dumping this information online with tor and wikileaks.

>>58537952
You cant pull the information without them knowing who did it. As I said, its impressive he got out the door.

>>58519101
i type the same word over and over till it's 20 characters or more

>>58537968
again, how?

>>58519101
like this:

mordor[~]> md5sum opisafaggot
c606e51c59e12c10fbeaf439fc058f00 opisafaggot

I change the "s" in password to a dollar sign

>>58537714
>Snowden's identity was made public by The Guardian at his request on June 9, 2013.[93] He explained: "I have no intention of hiding who I am because I know I have done nothing wrong."[20] He added that by revealing his identity he hoped to protect his colleagues from being subjected to a hunt to determine who had been responsible for the leaks
He essentially became an attention whore

>>58519101
i use the lyrics of my favorite anime song

>>58538149
So they didn't reveal him. I think the part where he ran off to China around the same time as the leak would make him the prime suspect without any other evidence. I wonder if he could have pulled off staying anonymous if he played it cool.

>>58519101
I choose a random pokemon, substitute all A I and E's for 4 1 and 3's respectively, a @ sign, then add either the pokedex number OR the generation in which it was released.

p1k4chu@25

>>58538184
Honestly I think he knew he wouldn't have been able to keep it cool. Also after running to China he basically threw up the biggest red flag possible. It's possible the NSA already knew as soon as he hopped on that plane and Snowden released his identity before they could do it for him. By doing so he was able frame it as a good deed rather than let government frame it first.

>>58538218
Yeah, that would have been crazy stressful. It would just be constant anxiety wondering if you slipped up on one thing that would reveal you.

>>58527208
Tescoisfavoriteexpress

>>58519101
pwgen

>>58538072
Its not like they have desktops laying around with all the nsa information. Its tied to a server and they know which computer is being used and who is using it. This isnt a hacker movie where you plug in a usb device and it installs a virus on the server. If you dont understand something so basic you might not be able to get it.

>>58538533
>This isnt a hacker movie where you plug in a usb device and it installs a virus on the server
ahem... Stux ghem... net ahem...

File: passwerd.png (153KB, 960x531px) Image search: [Google]

153KB, 960x531px

ssh-keygen

>>58519141
...and what password do you come up with by flipping a coin?

>>58525315
so change one fucking character holy shit dude

File: wX3sWDn.jpg (47KB, 616x699px) Image search: [Google]

47KB, 616x699px

4 word diceware plus some numbers and characters if i need to remember it, 40 character keepass random if i dont

Write a python script that changes password to 128 character differential cloud randomized string every minute

>>58538149
hes not an attention whore. when you work for the government in positions like his you lose a lot of rights granted for civilians. he has said he would return to the states if he was given a civilian trial.
the thing about this is people go missing in his shoes. but making himself public it ties the governments hands in a lot of wways.
it was his smartest option.
>>58538184
snowden has praised the government on their ability to track and find out information.

>>58540533
> ...and what password do you come up with by flipping a coin?
0 or 1 insta brute

>>58528447
>just make a password based on what I'm signing up for
ever her of a dictionary attack?

>>58540131
Split it in 7 bit blocks and you have ASCII

File: Screen Shot 2017-01-18 at 12.44.28 AM.png (61KB, 732x550px) Image search: [Google]

61KB, 732x550px

>>58519101
this

xXxth3haxx0rxXx

Make it easy enough for yourself to remember, make sure to use some non-alphanumeric characters, and make sure it's around 16 characters or so. Try writing some stuff down on a piece of paper and see where you can go from there.

Use a different password for everything.

Your password is much likely to be cracked than it is exposed from a data breach, so be prepared to change it at any time.

gibberish

>>58519101
i use password, password123, freeaccount, fuckmybank, fuckmycredit, and spreadmyanus

 echo $( < /dev/urandom tr -dc '[:graph:]' | head -c256 | cut -c 1-16 ) 

>58519217
French fag detected