My Amazon.com account got hacked, but fortunately their security gear caught it, and canceled the purchase. This is like the 3rd or 4th time over a
period of about 10 years that this has happened. FYI: the only work I had to do was change my password.
I need to bit the bullet [re the work/inconvience involved] and come up with a better (much) system of selecting passwords for each and every account that I need to log into with a password, i. e., a different password for each registration and words that are not in the dictionary, but a combination of numbers & letters (and maybe symbols).
There are numerous FREE online password generators (user variable length choice, etc.,), but I'm real leary of pulling a password down from an online site that I've never heard of. Ditto re software (often shareware) that does the same thing.
In all seriousness, I'm wondering IF the best plan would be to simply use my Scrabble game, and pull out some letters (& never the same length for a password) when I needed a password (since there are no numbers in Scrabble I'd have to put some numbers on tiles too).
The purpose of this post is to see what the members of this forum do with the issue of password theft, and how they combat it, and IF they use some sort of a password generator.
Most password hackers use a method known as "Brute force", as described here:
Naturally, a long password is harder to crack, with that method, than a short one.
Use numbers and letters. Maybe, even, other strange symbols, too, if they're allowed.
A bugger to remember, those, though.
I keep all of my passwords in a secure file on one of my machines. Then, if I need to remember one, then all I must do is look it up. Scrabble does have numbers on it, the scores. So, what you could do is, say, substitute the letter for the score attached to that letter. one of my passwords, that I no longer use, BTW, was G3t@n3w0N3, obviously, the longer the better. You could also use the equivalent ASCII codes for letters.
In my lifelong pursuit of making the simplest thing so complicated that it becomes incomprehensible, I offer up the following webpage URL re password
creation strategies [I stumbled across this webpage re my "research" via Google].
This *VERY* scientific (*sounding*) webpage claims that the password "D0g" [the 2nd character is a zero] is much more difficult to crack than the password "PrXyc.N(n4k77#L!eVdAfp9".
To say that this 'claim' turned everything that I thought that I ever knew re password creation, and the ability to foil a malicious hacker attacker on its proverbial head would be an understatement of how floored I was by this claim.
Not being the least mathematically inclined, and certainly not willing to take this claim at face value, I'm wondering if any of the more technically astute members of this board see any validity in what this site claims re creating passwords.
I'd have thought that Gibson Research would have not made such a claim, you live and learn.....but then.......
Upon reading your link, you have omitted one vital fact the password under test was not "D0g" but "D0g....................." which, using brute force, takes far longer than "PrXyc.N(n4k77#L!eVdAfp9" as it is one character longer. The mathematics is simple enough, if, only using lowercase alphabet characters there are 26 combinations of a 1 character password, at 2 length it becomes 26x26, at three, 26 cubed, and so on, so the longer the password, the harder it is to beat. Heck, even "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" would be almost impossible and take a bloody long time to find using brute force.