Changes between Version 5 and Version 6 of Passwords


Ignore:
Timestamp:
Aug 27, 2013 3:30:25 PM (11 years ago)
Author:
jhickey
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • Passwords

    v5 v6  
    11= Your site claims that my awesome password is in the dictionary.  I checked the dictionary and 'qwerty1234' is not in it. =
    22
    3 We are a computer security testbed, so please use a strong password. You may be reading this because you were told that your new password, 'qwerty1234', is in the dictionary. We don't mean the Oxford English Dictionary here. What we use is a large list of dictionary words *combined* with actual passwords that have been found in the wild. For example, the  RockYou hack ended up revealing the unencrypted passwords of 32 million people (and about 14 million unique passwords). Since this list is one of the go-to lists for the bad guys, we use it too. This means that a lot of passwords that seem clever or obscure fail our test because someone else thought up the same thing. The longer your password, the less likely it is to be in the dictionary. Try combining multiple words mixed with numbers and symbols. That way you get an easy to remember password that also will pass our dictionary checks.
     3We are a computer security testbed, so please use a strong password. You may be reading this because you were told that your new password, 'qwerty1234', is in the dictionary. We don't mean the Oxford English Dictionary here. What we use is a large list of dictionary words *combined* with actual passwords that have been found in the wild. For example, the  [http://arstechnica.com/security/2010/01/32-million-passwords-show-most-users-careless-about-security/ RockYou hack] ended up revealing the unencrypted passwords of 32 million people (and about 14 million unique passwords). Since this list is one of the go-to lists for the bad guys, we use it too. This means that a lot of passwords that seem clever or obscure fail our test because someone else thought up the same thing. The longer your password, the less likely it is to be in the dictionary. Try combining multiple words mixed with numbers and symbols. That way you get an easy to remember password that also will pass our dictionary checks.
     4
     5If you are interested in more about password security and cracking, this arstechnica article is a pretty good introduction: [http://arstechnica.com/security/2013/05/how-crackers-make-minced-meat-out-of-your-passwords/ Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331”]