Testing Your Passwords

[Cheerful Charlie]

I found a site to test the strength of passwords you might be using, or are considering using. I found some of my passwords are not as strong as I though. Short passwords are often easily hacked. I like using several words I can remember. Fairly strong, but could be better. This is a fun site to play with.

Password Strength Meter

How strong are your passwords? Test how secure they are using the My1Login Password Strength Test.

www.passwordmonster.com

 

[Cheerful Charlie]

Playing with this site.

Password, orcsgremlins
Weak 2 days to crack

OrcsGremlins
10 months

OrcsGremlins!
3 years

5rcsGr5ml5ns!
145 million years to crack

5rcsGr5ml5ns5
3 billion years to crack

5rcs5ndGr5ml5ns5
4 million, trillion years to crack

Yet not too hard to remember
Start with orcsgremlins and transform in an easy way to remember

 

[bilby]

I found a site to test the strength of passwords you might be using, or are considering using. I found some of my passwords are not as strong as I though. Short passwords are often easily hacked. I like using several words I can remember. Fairly strong, but could be better. This is a fun site to play with.

Password Strength Meter

How strong are your passwords? Test how secure they are using the My1Login Password Strength Test.

www.passwordmonster.com

So, you send your passwords to this site, and in return for you gifting them your passwords and ip address (which they can then link to other data sources to mine likely username/password pairs), you get back a lovely arbitrary number for how long it might take to brute-force your passwords if you hadn't been in the habit of giving them away?

Sounds fantastic!

If you like being robbed.

 

[Cheerful Charlie]

No, I try things, but not a password I will use. Just similar to learn how to make a strong but easy to remember password. I ain't that stupid. One thing I learned is to have a strong password, I need at least 12 characters long. I did find that some things that I had assumed were very strong ways to create a password weren't really that strong. I am testing ideas for passwords, not actual passwords I will be using.

Doing this was also very entertaining.

 

[excreationist]

It is interesting…

Anyway I used Chrome to automatically remember my passwords and I manually create my own like this: (it has no inherent meaning and is not meant to be memorable)

x3M3p2xP

I can make it fill in the passwords automatically for my iPhone and my Windows and Mac computers. I can also lookup the password in case I want to see what it actually is.

These days I also make every password different.

Also if you use unusual symbols or characters it would be less likely to be in a rainbow table or a brute force crack....

 

[Cheerful Charlie]

I tried a certain password that I was told would take 36 Billion years to crack.
But a second password tester told me it would take only 138,000 years to crack. I have no idea how these things calculate such numbers.

And now on to the issue of user names.

 

[Cheerful Charlie]

Cracklib-check is a Linux password checker that does not us a website to check passwrd strength. I might have to install this. Run it in a sandboxed VM.

 

[steve_bank]

Sp, you check a password on an online site, and then you use the password you gave to check?


Sounds like an easy way to get people's passwords........

 

[Cheerful Charlie]

Sp, you check a password on an online site, and then you use the password you gave to check?


Sounds like an easy way to get people's passwords........

No. I never test a password I will use. I will test different ideas for creating an easy to remember but very strong password. But not an actual password. If I can figure out easy to remember passwords that will take a million years to crack, I am happy.

 

[Elixir]

I will test all the ones I use because surely they don’t think anyone would do that ….

 

[steve_bank]

To access my medical records at the Univ Washington I have the option of dual authentication which I use.

When my name and password is authenticated I am sent a text message with a number to enter.

I'd think random passwords are the most secure, but harder to remember.

 

[ZiprHead]

Sp, you check a password on an online site, and then you use the password you gave to check?


Sounds like an easy way to get people's passwords........

No. I never test a password I will use. I will test different ideas for creating an easy to remember but very strong password. But not an actual password. If I can figure out easy to remember passwords that will take a million years to crack, I am happy.

You think others are savvy enough to know and do this?

 

[Cheerful Charlie]

Sp, you check a password on an online site, and then you use the password you gave to check?


Sounds like an easy way to get people's passwords........

No. I never test a password I will use. I will test different ideas for creating an easy to remember but very strong password. But not an actual password. If I can figure out easy to remember passwords that will take a million years to crack, I am happy.

You think others are savvy enough to know and do this?

I don't know. On the other hand, lots of people use passwords like 12345678. It takes seconds to crack. People install devices and fail to reset the default passwords. People use "Go Astros!" etc for passwords. Many people make cracking their passwords easy.

 

[excreationist]

One technique is to use acronym... "Our Father, who art in heaven, hallowed be thy name" becomes "ofwaih". Then combine that with different cases and numbers/symbols.

 

[bilby]

Correct Horse Battery Staple

 

[steve_bank]

Just send me all your passwords and I will test them for you. You can trust me.

 

[Cheerful Charlie]

One technique is to use acronym... "Our Father, who art in heaven, hallowed be thy name" becomes "ofwaih". Then combine that with different cases and numbers/symbols.

Beware the rainbow tables my son,
The teeth that byte, the algorythms that catch!

 

[excreationist]

One technique is to use acronym... "Our Father, who art in heaven, hallowed be thy name" becomes "ofwaih". Then combine that with different cases and numbers/symbols.

Beware the rainbow tables my son,
The teeth that byte, the algorythms that catch!

That could be used as a unique acronym..... (some people might use the Lord's prayer one)

 

[ZiprHead]

One technique is to use acronym... "Our Father, who art in heaven, hallowed be thy name" becomes "ofwaih". Then combine that with different cases and numbers/symbols.

My brother gave me the idea to use a solitaire app to generate a random password. Of course add cases and special characters.

 

[steve_bank]

Pick a big book.
Using a random number generator or table pick several pages and words on the pages.
Link the words for your password.


Keep the book in plain sight on a bookcase so it won't stick out wnen the Men In Black go trough your place.

Write down the pages and the number of each word on a page.