![]() It's not a password strength meter, but rather a cracking-time meter, and it's instructive to see how the cracking time goes up when you lengthen the password. The calculator delivers an estimate of how long a brute-force attack would take to crack a given password. Gibson's website offers a Search Space Calculator that analyzes any password you enter based on the character types used and the length. And every added character makes that attack massively more difficult. If an attacker can't crack your password using a dictionary attack or other simple means, the only recourse is a brute-force scan of all possible passwords. Long-time PC maven Steve Gibson suggests that the secret to long, strong passwords is padding. In that case, you could generate multiple passphrases and clip out the first word from each. You may quite reasonably worry about using a passphrase generated by someone else's algorithm. If you have trouble coming up with unrelated words for your passphrase, there are many online passphrase generators, including the aptly named. What would you picture for "butter-proceeds-goof-scream?" Pick words that don't naturally go together, then invent a mnemonic story or image to link them. Pro tip-don't use a character that requires pressing the shift key. No problem! Just pick a character like the hyphen or equals sign to separate the words. Not all password managers permit spaces in the master password. Was it Tr0ub4dor&3, or Tr0ub4dor3&? Or maybe Tr0m30ne&3? A passphrase like correct horse battery staple is significantly more difficult to crack, due to its length, but also much easier to remember. Snarky, smart webcomic XKCD took aim at wacky password schemes that suggest starting with a common word, replacing some of the letters with similar-looking numbers, and tacking on a few extra characters. But sheer length also serves to make cracking harder, and one way to achieve a long, memorable password is to use a passphrase. The reasoning is that by expanding the pool of characters, you vastly expand the time required to crack the password. Password pundits always advise including all four types of characters: uppercase letters, lowercase letters, digits, and symbols. You'll start with your own meaningful song or quotation and convert it to a unique password that nobody else could guess. Your poetic password will be completely different from these examples, of course. Adding a memorable number rounds out the password, perhaps 1854 (his birthdate) or 1900 (his death). Oscar Wilde", you could come up with By eeiat.-OW. Starting with the quote "Be yourself everyone else is already taken. If the passage doesn't have a strong meter, you can just take the first letter of each word, using the existing punctuation and capitalization. Let's try this line from Romeo and Juliet: "But soft, what light through yonder window breaks?" From that, you'd get bS,wLtYdWdB? You could add A2S2 for Act 2, Scene 2, if that's something you'll never forget. Start by writing down the first letter of each syllable, using capital letters for stressed syllables and keeping any punctuation. Whatever the stanza or verse, you can turn it into a password. It might be from Shakespeare, or Pussy Riot, or the Bonzo Dog Doo Dah Band. Make It PoeticĮverybody has a favorite poem or song that they'll never forget. Here are some tips on selecting a password that's both memorable and unguessable. You still have to remember one insanely secure master password to lock down that password manager. And you've enlisted a password manager to deal with your plethora of passwords. A virtual private network, or VPN, wraps your network traffic in protective encryption. You've installed an antivirus or security suite. Let's assume you've done everything right, security-wise. On the plus side, this also means a dishonest employee can't break into your password store, and the NSA can't force the company to turn over your data. If you forget the master password, nobody can help you. But it also must be totally memorable, not like the gibberish that comes from a random password generator. ![]() The master password must be totally unguessable, because anyone with access to it can unlock all your secure sites. Almost every password manager relies on a master password to lock up all those saved passwords.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |