sftware g asked:
-
Recent Posts
- sharing files in a way that they cannot be copied?
- Which social network open source platform should I use?
- Does anyone know what an Open Source project is?
- Hi Everybody. i am looking for one requirement. i.e language converter with meaning. ?
- Is there an open source software that will measure the effectiveness/strength of the passwords?
- Any friendly open source software for interior design drawings?
- Any open source software to create icons?
- Reviews website applications
- Can the Linksys (WRT54GS) router handle a load of 25 people and 8 public IP address used for NATTING?
- What is the best open source php mysql user management system?
-
Categories
- Add-ons
- Books & Authors
- Camcorders
- Cell Phones & Plans
- Computer Networking
- Corporations
- Decorating & Remodeling
- Desktops
- Drawing & Illustration
- Earth Sciences & Geology
- Elections
- Engineering
- Gender & Women's Studies
- Government
- Higher Education (University +)
- Homework Help
- Laptops & Notebooks
- Law & Ethics
- Law Enforcement & Police
- Lesbian, Gay, Bisexual, and Transgendered
- Malaysia
- Mathematics
- Music & Music Players
- Other – Business & Finance
- Other – Computers
- Other – Education
- Other – Electronics
- Other – Games & Recreation
- Other – Hardware
- Other – Home & Garden
- Other – Internet
- Other – Science
- Other – Social Science
- Other – Society & Culture
- Other – Visual Arts
- Other – Yahoo! Widgets
- PDAs & Handhelds
- Philippines
- Politics
- Polls & Surveys
- Printers
- Problems with Service
- Programming & Design
- Security
- Small Business
- Software
- Standards & Testing
- Subaru
- Technology
- Video & Online Games
- Xbox
- Yahoo! Answers
- YouTube
-
Pages
-
Calendar
July 2010 M T W T F S S « Dec 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 -
Archives
5 Comments
Ummm… would you really trust an Open Source program to read everyone’s password on your system? Just fork out the cash for the system mod, it’s safer!
here’s a hint passwords should contain letters and numbers. and it should be something unique, not something used everyday.
There is no absolute measure of password strength. However, there are several techniques you can use to perform a relative rating.
* Hacker’s password dictionaries. Make sure no on chooses an easy-to-guess password. Here’s a sample list:
* Length – the shorter the password, the easier to guess
* Character set – if you only have 26 characters to guess, it is easier to guess. Adding numbers and punctuation makes it harder to guess because there are more choices.
* Mixed case – by allowing mixed case passwords, you double from 26 characters to 52 characters that hackers need to guess.
It is fairly easy to write a program that assigns your own priority to each of these criteria, and arrives at an overall score.
However, this score is not absolute.
both FireFox & Netscape (@ least in its version 7.x release) offer a password strength goody
Netscape may be a little outdated, but you may want to give FF a shot >;) look under Tools > Options > panel Privacy > panel Passwords > click on button [Set Master Password]
nota bene: the mesurement is done localy, so unless you have a keyloger worm running on your PC, your passwords will be perfectly safe.
PS (from sysadmin…): you may not want to go & tell your users that you can read their passwords; post them a list of standards, insteads:
- combination of lovercase & UPPERCASE letters, numbers and any special characters your domain controler may accept
- @ least 8 characters
- do not allow to always use the same password (thus, password renewal means different password. users are gonna hate you for that one >;D
Creating strong passwords isn’t rocket science. It’s just a matter of very simple numbers. The longer the password, the stronger it will be gainst a “brute force” attack. And the larger the character set used the longer it will take to succumb to an attack.
Passwords should never be less than 8 characters. Anything less than 8 can be cracked in a few hours. And 8 character passwords using just the 26 letters of the alphabet can be cracked in less than a day with modern equipment.
A bullet proof password, at least with the state of the art of computer science today, should be at least 14 characters long. It should contain a random mix of upper case & lower case letters, digits, and punctuation marks. Such a password would take several thousand years to crack and it will probably be several decades before computing capacity is strong enough to shorten that to a workable length of time.
Most password crackers use a dictionary attack for the first pass. As such, any commonly used words should never be used as a password! A dictionary attack using a dictionary of 30,000 words would only take a couple of minutes to break a password that was in the dictionary. Most dictionaries also include sequential keystrokes, such as asdfghjkl; which look random to the human eye but won’t fool a cracker.
You don’t need a program to “test” the crackability of passwords. In fact, I’d be suspect of one that does as it could be “spyware” that phones home to report passwords being tested to add them to a dictionary. Just follow the simple rules I’ve outlined here and you will NEVER have a password cracked again. To summarize:
1. At least 14 characters long.
2. Random sequence of characters.
3. Upper case letters.
4. Lower case letters.
5. Digits
6. Punctuation marks.
Boost your security by changing your password every 90 days or less. And don’t reuse passwords on important sites such as banking sites or e-commerce sites. And NEVER select the option to save your password!