Pages:
Author

Topic: Creating strong password. - page 3. (Read 1289 times)

full member
Activity: 686
Merit: 125
October 20, 2018, 06:26:37 AM
#30
This is a great information, thanks for sharing. I think I want to add something small to it, that do not use one password for different accounts, and you can have a small notebook in which you can write the passwords in them.
Yes, we have all initiative and it is also a common sense when it comes to keeping safe of the password we use for an account. I have different way of keeping my password too. I wrote it in the word and save as a document and zip it in a folder. I have also to copy the document in a removable storage device for a back up of my password. Thus, I have to keep it discrete for it has a lot of password that includes private key for all of my digital wallets.

Does it mean "LooksStrong" password can be cracked for 59 years? really? I used some really good password generator before and it can actually generate thousands of passwords in an hour but unfortunately Im not successful using it because I only test it in a very strong password characters with special characters and numbers.
No, not really it is just a reference for you on how to create a password and how many years it could be cracked. But, it doesn't mean that the password could only be cracked on 59 years for there could be chances that it will be cracked less than 59 years. My post only specified how difficult password could be cracked using special characters and uppercase letters password.
member
Activity: 546
Merit: 11
October 20, 2018, 06:01:23 AM
#29
This is a great information, thanks for sharing. I think I want to add something small to it, that do not use one password for different accounts, and you can have a small notebook in which you can write the passwords in them.
member
Activity: 298
Merit: 11
Be happy =)
October 19, 2018, 02:57:50 PM
#28
And so if we use a password with 12 characters (including case, numbers, and 1-2 special characters) such a password cannot be decoded, at least brute. There are many more intelligent ways to steal a password from a victim. Therefore, be safe and do not use the same password everywhere
legendary
Activity: 1232
Merit: 1195
October 19, 2018, 05:23:40 AM
#27
Does it mean "LooksStrong" password can be cracked for 59 years? really? I used some really good password generator before and it can actually generate thousands of passwords in an hour but unfortunately Im not successful using it because I only test it in a very strong password characters with special characters and numbers.

A password generator is not a cracking tool. I wouldn't rely on that image and using something as simple as LooksStrong as a password either and it's better to be safe than sorry. Passwords should be much stronger and longer than that but they don't need to be ridiculously so, especially if you run the risk of forgetting it which is another security risk arguably even a bigger one than hackers.

One of the most critical problems, in my opinion, is the difficulty of generating those words from the ordinary user where it is difficult for the user to remember passwords such as "fw5J||59TanCRys."

it will come down to the purpose of that password in my opinion. for example password of an Email account is not of the same importance as password for the encryption of a key printed on a paper wallet. the first one can simply be "myHard@MailPass69:)" but the second one should be harder since you would need to enter the first one multiple times and losing an Email is not important most of the times but you only want the second password once so it can be "s2ujkCb27$6hdb@7bn5+Dpc3*9dm"!



Nobody is going to be able to bruteforce a gmail password so that doesn't need to be ridiculously strong, but obviously don't use something simple. Email providers normally usually have 2fa options as well so make sure you utilize them for an extra layer. 
legendary
Activity: 3472
Merit: 10611
October 19, 2018, 01:27:06 AM
#26
One of the most critical problems, in my opinion, is the difficulty of generating those words from the ordinary user where it is difficult for the user to remember passwords such as "fw5J||59TanCRys."

it will come down to the purpose of that password in my opinion. for example password of an Email account is not of the same importance as password for the encryption of a key printed on a paper wallet. the first one can simply be "myHard@MailPass69:)" but the second one should be harder since you would need to enter the first one multiple times and losing an Email is not important most of the times but you only want the second password once so it can be "s2ujkCb27$6hdb@7bn5+Dpc3*9dm"!

there is also password managers that are safe to use, and some open source, that can handle generation and storage of strong passwords which you can use in a safe manner.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
October 18, 2018, 11:35:39 PM
#25
Damn. I thought the mainstream browsers (at least Chrome and Firefox) had fixed this issue already. The best solution at this point is bookmark each website and use an extension with an anti-phishing system like EAL or Metamask to make sure you’re in the right website.
Yes, it is the best solution. My firefox browser had lots of bookmarked websites wether old topics or new ones that is helpful even until now.

For me , a strong password is enough long with number, and special characters that hacker can not access to our  account
Refer to Ognasty's suggestion or refer to op's infographic, however it's up to you on what password you would like for example:
1P4a3S5sW1o4r3D5* looks hard enough to where I got that sample password but it's a word Password and numbers 1 4 3 5 and special characters just like Ognasty's suggestion or the Op's infographic. I think you only read the title which is all about creating a strong password, good luck with that mate.
legendary
Activity: 2758
Merit: 6830
October 18, 2018, 11:51:33 AM
#24
At this point I wouldn't even trust looking at the address bar. It's a lot safer to type it in yourself(or via a browser bookmark). There was this Binance phishing site in the past with the url: biṇaṇce.com. Yes. Take a look at it a bit closer. biace.com. There's a dot under both n's. That's tricky as hell.
Damn. I thought the mainstream browsers (at least Chrome and Firefox) had fixed this issue already. The best solution at this point is bookmark each website and use an extension with an anti-phishing system like EAL or Metamask to make sure you’re in the right website.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
October 18, 2018, 11:29:05 AM
#23
Take note that legit and secure website read like this (https:) and not secured website has only like read like this (http:) without letter s. This is the only thing I know about secured or legit website and not secured website. I guess there are many good members here that could explain further on your posts. You may create also a thread for this for the newbies. This is very important for the awareness of the new comers here. This will let them avoid  scam and phishing activities.
This has nothing to do with a "legit" website. Anyone can get a free SSL certificate in 2 minutes (literally) and then have HTTPS in their website.

You shouldn't be looking at the text before the domain but at the domain itself. E.g: If you are on Binance, double check if it's binance.com and not binaence.com or binance.tk; Most phishing websites try to take advantage of the user who type the wrong domain or click at the unknown email with the fake website.
At this point I wouldn't even trust looking at the address bar. It's a lot safer to type it in yourself(or via a browser bookmark). There was this Binance phishing site in the past with the url: biṇaṇce.com. Yes. Take a look at it a bit closer. biace.com. There's a dot under both n's. That's tricky as hell.
full member
Activity: 658
Merit: 126
October 18, 2018, 11:26:28 AM
#22
I think some of us aware of this thing today because as you see in every application,  they required a strong password to pass the registration of accounts. In fact,  there are only few application didn't care on what combination you will put.
sr. member
Activity: 656
Merit: 250
October 18, 2018, 10:55:09 AM
#21
Does it mean "LooksStrong" password can be cracked for 59 years? really? I used some really good password generator before and it can actually generate thousands of passwords in an hour but unfortunately Im not successful using it because I only test it in a very strong password characters with special characters and numbers.
legendary
Activity: 2758
Merit: 6830
October 18, 2018, 10:36:06 AM
#20
Take note that legit and secure website read like this (https:) and not secured website has only like read like this (http:) without letter s. This is the only thing I know about secured or legit website and not secured website. I guess there are many good members here that could explain further on your posts. You may create also a thread for this for the newbies. This is very important for the awareness of the new comers here. This will let them avoid  scam and phishing activities.
This has nothing to do with a "legit" website. Anyone can get a free SSL certificate in 2 minutes (literally) and then have HTTPS in their website.

You shouldn't be looking at the text before the domain but at the domain itself. E.g: If you are on Binance, double check if it's binance.com and not binaence.com or binance.tk; Most phishing websites try to take advantage of the user who type the wrong domain or click at the unknown email with the fake website.
full member
Activity: 686
Merit: 125
October 18, 2018, 10:08:36 AM
#19
A great idea of yours sharing this kind of information for all to get aware and have an idea by choosing a good password but we should also consider it's still possible to get scammed when you open too many sites which has too many adds and maybe if you don't know it's a fishing site until you can't open your account.
Definitely but that is a different story, I agree that those hacking sites could phished one out just by letting you logging in a fake website or application that looks like real.

Take note that legit and secure website read like this (https:) and not secured website has only like read like this (http:) without letter s. This is the only thing I know about secured or legit website and not secured website. I guess there are many good members here that could explain further on your posts. You may create also a thread for this for the newbies. This is very important for the awareness of the new comers here. This will let them avoid  scam and phishing activities.
full member
Activity: 373
Merit: 100
October 18, 2018, 09:18:09 AM
#18
A great idea of yours sharing this kind of information for all to get aware and have an idea by choosing a good password but we should also consider it's still possible to get scammed when you open too many sites which has too many adds and maybe if you don't know it's a fishing site until you can't open your account.
legendary
Activity: 1232
Merit: 1195
October 18, 2018, 05:39:14 AM
#17
Take a look on this sample password and the time that the password could be crack!

Quote

Note: CTTO (Credit to the Owner of that Picture)

I don't think this is wholly accurate. The second one would take less than a day to crack according to https://howsecureismypassword.net/

"looks5strong" would be four years.

Regardless, sometimes it doesn't matter how strong your password is if your security is lax in other areas and that's where people often slip up. If you get a keylogger or some other virus that can grab your passwords from your browser then you're screwed either way. I've seen people boast online that their passwords are 30 random characters but yet they keep them in a notepad or in their email. Sometimes all attackers need is access to your email and then they can reset your accounts at will.
sud
sr. member
Activity: 826
Merit: 301
October 18, 2018, 05:26:16 AM
#16
@gorkem

You mean screen keybaord? This is good idea, I'm doing it whenever I have to log in somewhere using unknown computer, so the potential keylogger won't hijack my password. Another thing is to always turn on 2 factor authenticator (application one, not SMS), it greatly reduce the risk of hacking your account.
hero member
Activity: 868
Merit: 502
October 18, 2018, 05:21:10 AM
#15
Good recommendation) but if Your computer is infected with a virus any password can be hacked.To minimize the risk it is worth paying attention to browser extensions.If possible, do not install anything.I also use a touch keyboard when entering passwords.
sud
sr. member
Activity: 826
Merit: 301
October 18, 2018, 05:06:24 AM
#14
Very interesting topic. I think everyone using online services should take to heart, especially in crypto space when your money is at stake. I really started thinking about strong passwords as a safety measure, when I was making my first account on coinbase (which was the first crypto related service I used). So I made a pattern that helps me remember all my passwords on different sites without always checking - I'm using my core word and add another part which depends on the service name, of course everything includes lower and upper case letters, numbers and special characters. Same goes for passphrases to all my crypto wallets.
legendary
Activity: 2646
Merit: 3911
October 18, 2018, 03:27:06 AM
#13
We could use this in cryptocurrency for we know that password is a vital part in creating accounts to store crypto in wallets, accounts for trading crypto and etc.
Strong passwords are a part of protecting your account but not only your account security. There are better ways to protect your account from using a unique password though it is the basis for protecting your account.

One of the most critical problems, in my opinion, is the difficulty of generating those words from the ordinary user where it is difficult for the user to remember passwords such as "fw5J||59TanCRys."
So the best solution is to save those words "notepad, paper," copy and paste it every time. Which will be dangerous if there are viruses on your computer.
One of the best sites that offer that service is[1]

[1] https://strongpasswordgenerator.com/ "offline"
legendary
Activity: 3472
Merit: 10611
October 18, 2018, 12:17:29 AM
#12
that picture is a little misleading in my opinion, which i believe is because you are posting it out of context and without that explanation of the author. these words are probably examples but only by looking at the picture you won't get that.
for example the second one "looksstrong" shouldn't take 10 days to crack since it is words that are found in a dictionary. of course the "s" in "looks" makes it a little harder but it is still pretty simple to crack. same with "LooksStrong" although capitalization makes it a lot safer but it is not yet "safe".
part of the misleading part that i mentioned is because it is using words, you may look at "LooksStrong" and think a 2 word password with capitalization is strong and takes 59 years to crack so you use a 2 word password with capitalization like "MyPassword" and it cracks in 3 seconds!

generally speaking you want all conditions together not just some: length + hi/lo chars + symbols + numbers
here is an interesting website: http://www.passwordmeter.com/
legendary
Activity: 2170
Merit: 1789
October 17, 2018, 11:04:24 PM
#11
A strong password has a big entropy. Try to use an entropy calculator to see the entropy of your password. Using something like https://apps.cygnius.net/passtest/ is good (use it offline).
Pages:
Jump to: