Click Banner For More Info See All Sponsors

So Long and Thanks for All the Fish!

This site is now closed permanently to new posts.
We recommend you use the new Townsy Cafe!

Click anywhere but the link to dismiss overlay!

Results 1 to 1 of 1

  • Share this thread on:
  • Follow: No Email   
  • Thread Tools
  1. TopTop #1
    Zeno Swijtink's Avatar
    Zeno Swijtink
     

    How To Pick A Password That's Secure And Easy To Remember

    How To Pick A Password That's Secure And Easy To Remember
    CHRIS GAYLORD, Staff Writer - The Christian Science Monitor


    The man accused of one of the juicier hacking cases of the past few years is no Internet mastermind. On June 24, a French citizen who goes by the pseudonym "Hacker Croll" will face charges that he broke into Facebook pages, e-mail accounts, and the Twitter feeds of then-Sen. Barack Obama, singer Britney Spears, and other celebrities.

    How did he break in? Police say that he's just a good guesser.

    By cruising through blogs and social-networking pages posted online by his victims, he allegedly dug up enough information to guess people's passwords and security questions.

    This trick is pretty easy to pull off. Try combinations of family names, graduation dates, birthdays, favorite bands or sports teams - all information that many of us share willingly online.

    This isn't a call to scrub down your Face-book profile until it's pointless. But Hacker Croll's story is the latest of many (often-ignored) reasons to improve your online passwords. But since doing so is such a nuisance, here's a simple, easy-to-remember way to craft secure passwords for all the websites that you visit.

    Before we roll out the grand plan, let's walk through why most passwords stink.

    First, do not use common words or patterns. The most frequent password on the Internet is "123456" - nearly 1 in every 100 people uses it. It's simple, can be typed quickly, and is the first thing hackers will try. Throw in the next 4,999 most popular terms and they make up 20 percent of all passwords used online.

    These numbers come from computer security firm Imperva in Redwood Shores, Calif. The company stumbled upon a list of 32 million passwords posted by a bragging hacker who had recently snatched the data from RockYou, which designs software for Facebook and MySpace.

    This rare look into people's password habits showed how lax or at least unoriginal people can be, says Rob Rachwald, who helped write Imperva's report.

    Hacker Croll's tactic works well when targeting specific people, but Mr. Rachwald says that most online thieves cast wide nets.

    "It's not me trying to guess individual passwords," he says. "Hackers use so-called 'dictionaries,' " lists of common terms and phrases that a computer tries one after another until it finds a match.

    Since 1 in 5 accounts draws from the same pool of 5,000 passwords, an automated program has pretty good odds - especially since Imperva estimates that modern PCs can race through 110 tries each second.

    That leads to the second rule: The longer a password, the better. Eight to 10 characters work best.

    [PIMG]https://www.csmonitor.com/var/ezflow_site/storage/images/media/images/0426-password-chart/7780968-1-eng-US/0426-password-chart_full_600.jpg[/PIMG]

    Why? Even if you avoid common terms, some hackers could still attempt to "brute force" their way into your account. This means telling a computer to try every permutation that it can think of until it busts in. On average, a five-character password will last a couple of hours against such a barrage, according to John Pozadzides, CEO of software company iFusion Labs. Eight characters will hold up for centuries. (See chart, above.)

    This also explains why sticking to lower-case letters is a bad idea. "Adding just one capital letter and one asterisk," Mr. Pozadzides says in his report, "would change the processing time for an eight-character password from 2.4 days to 2.1 centuries." (While he calculates hacker speeds differently from Imperva, the scale is what's impressive.)

    The solution? To pick a lengthy string that's easy to remember, but gibberish to others, think of a phrase. For example, Hamlet's line: "To be, or not to be: that is the question." Boil this down to an initialism: TbontbTitq. Now swap in some numbers and special characters: Maybe "2" instead of "to" and "?" to replace "question". (Zeroes make nice "O's" and "3" works as an "E".) You've now got 2bon2bTit? - a 10-character chain with all the fixings.

    Add another layer of security by extending it for each website. That way, if someone figures out one of your passwords, they don't gain access to all of your accounts. Attach Fk to your Facebook password or maybe Hm to Hotmail. Better yet, reverse the order of these additional letters to further obscure their meaning.
    | Login or Register (free) to reply publicly or privately   Email

  2. Gratitude expressed by:

Similar Threads

  1. New Password!
    By Sara S in forum Censored & Un-Censored
    Replies: 2
    Last Post: 12-30-2009, 08:13 PM
  2. Remember When...
    By Sara S in forum WaccoReader
    Replies: 0
    Last Post: 01-16-2009, 05:31 PM
  3. Just another thing to remember
    By babaruss in forum Poetry and Prose
    Replies: 0
    Last Post: 11-16-2008, 03:54 PM
  4. Your password isn't long enough...
    By Barry in forum Censored & Un-Censored
    Replies: 0
    Last Post: 03-11-2008, 10:00 PM
  5. What to do on Election Day to Secure your Vote
    By lorilani in forum General Community
    Replies: 0
    Last Post: 11-07-2006, 10:48 AM

Bookmarks