What makes a password Strong?

-
Okay, I'm going to start by busting the mythconception.

8 Characters, with 1 number, 1 lower case, 1 capital and 1 special character IS NOT SAFE!

The minimum password length you should have (system permitting) is 15 characters.  Length is better than complexity.

I'm going to insert the XKCD comic from a couple years ago that explains this.

Length is basically synonymous with complexity.  

Using a longer pass phrase (a rhyme or sentence or something you create from random dictionary words) is much more secure than any 8 character password. The above example is still valid, although more powerful computers can throw double the number of guesses per second so 265 years, but still.  I typically use 24-30 character passwords with a number and special character thrown in.  Sometimes even sentences with the spaces. 
For Example "This is a bad password!"  still has 40 bits of entropy and is about 125 years to brute force.  
"This is a really, really bad password!" has about 50 bits of entropy and is about 10,000 years to brute force.  

Comments

Post a Comment

Popular posts from this blog

Virtualization: What is it and do I need it?

-
There is a lot of talk about Virtual Machines now but the reality is that it's not for everyone.  TLDR:  Do you play online or graphic intensive games? Don't use a VM.               Do you do heavy video editing or work?  Don't use a VM.               Do you browse on the web ALOT?  It might be a good idea to use a VM.               Do you watch a lot of porn? It might be a good idea to use a VM. Now, for a more in depth look at when and why to virtualize a computer.  Let's say you are heavily into gaming, but you want to keep your work stuff separate from your gaming stuff.  So on your Windows computer you create a Virtual Machine which is basically a computer within the computer.  Microsoft does this through a special service called Hyper-V which is just a fancy name for software based hardware. There are other virtual machine vendors out there like VMware, Virtual Box, Parallels. What a virtual machine does is create a virtual physical computer which you c
Read more

Smart Home tips.

-
Smart home technology is becoming ever more popular.  But everyone forgets about one key component that can ruin your experience.  Your home router.   Most people who are not tech savvy use their providers router.   These are typically capable of handling up to 6 devices without major slow downs.   Once you add that 7th device, things become sluggish.  Add 8 and your network may seem downright slow.    My home has about 18 devices 7-12 of which are active all the time.   I use a mid-high end ASUS router with 8 antenna and 3 networks across multiple channels.   I divide my traffic up by putting TV's, Lights, and other appliance types on 1 network.    I put computers, desktop and laptops on the second wireless network. And my phones and kids tablets are on the third network.   I also have an Akita Smart home Monitoring device in addition to my routers packet inspection and firewall features.    I also enable all the default firewall capabilities of every device (where applicable).  F
Read more

Is it possible to have to much security?

-
Part of me really wants to say No, there is no such thing as to much security.  But the reality is that there is such a thing as too much security! What, but in this age of digital everything, Equifax, target, Facebook hacks/leaks how can there be too much security? Simple! When it drastically impedes your ability to do your fu(k!ng job, it is to much security. I was troubleshooting a networking issues for my day job a couple months back and it took 8 people at 6 companies to identify on which network segment and what piece of equipment was the source of the problem.  There were, routers, switches, and firewalls from different vendors and different networks all looking at packet traces to figure out which stupid piece of equipment was responsible because there were so many different layers of security and routing.  (8 firewalls in between.) This is what I'm talking about.   IT WAS NOT NECESSARY.  All those extra layers of firewall and routing were completely unnecessary f
Read more