Page 1 of 6 12345 ... LastLast
Results 1 to 15 of 80

Thread: How secure is your password?

  1. #1

    How secure is your password?

    Saw this link a while back, and it's got me split because in one way I think it's great info, on the other hand, it could be a bad thing.

    It checks your password and tells you how safe it is. However, there's a note on the site that says "We could be stealing your password, but we're not, be careful where you enter your password".

    Well, if you were stealing my password, do you think you'd say "I'm stealing your password?". Granted, having any password and not having any login information for anything at all is pointless, but it's still interesting to think how easy it would be to get people put it in their passwords.

    I'd recommend if you're paranoid, don't type your password, but type something close. If your password is "William564", put in something similar instead. You'll get the same results.

    I was a bit shocked to see how much can be cracked "instantly", but also quite happy to see my combinations run into the 100's of days to crack with a normal PC trying to crack it.

    https://howsecureismypassword.net
    Last edited by Scott Shepherd; 07-05-2014 at 12:45 PM. Reason: fixed you're instead of your
    Lasers : Trotec Speedy 300 75W, Trotec Speedy 300 80W, Galvo Fiber Laser 20W
    Printers : Mimaki UJF-6042 UV Flatbed Printer , HP Designjet L26500 61" Wide Format Latex Printer, Summa S140-T 48" Vinyl Plotter
    Router : ShopBot 48" x 96" CNC Router Rotary Engravers : (2) Xenetech XOT 16 x 25 Rotary Engravers

    Real name Steve but that name was taken on the forum. Used Middle name. Call me Steve or Scott, doesn't matter.

  2. #2
    It is always best to use a combination of Letters both capitols and not, numbers and special symbols, even though I have been to some sites that do not allow symbols (how dumb is that). You can be pretty safe as long as the password is long enough and does not spell anything. Password crackers 1st look for common words. For some reason I think you already know all this.

  3. #3
    Join Date
    Feb 2003
    Location
    Griswold Connecticut
    Posts
    6,927
    My strongest password would take 58 years according to them. My weakest is about 10 seconds.
    "The first thing you need to know, will likely be the last thing you learn." (Unknown)

  4. #4
    Join Date
    Feb 2007
    Location
    Piedmont Triad, NC
    Posts
    793
    Interesting site. I used my typical password generator using 20 characters and got this reply "It would take a desktop PC about 5 quintillion years to crack your password"

    Sweet, I feel pretty confident about that. Using 30 characters, I get "It would take a desktop PC about 4 undecillion years to crack your password"

    Tony
    "Only those who have the patience to do simple things perfectly will acquire the skill to do difficult things easily.”
    Friedrich von Schiller (1759-1805)

    "Quality means doing it right when no one is looking."
    Henry Ford

  5. #5
    Join Date
    Sep 2006
    Location
    Deep South
    Posts
    3,970
    Accounts that people would really want to keep secure - bank account access for example - will only allow three tries and then you are locked out until you get the password reset by some secure method. The probability that some thief would guess even 6 random letters that are known to be all caps with no numbers or special characters in three tries is approximately zero. The problem I see in password security is using the same combination of characters on multiple accounts. One should never do that. If the person who maintains this forum were to decide to fake the website and grab our passwords when we attempt to log in, he could probably gain access to hundreds of accounts just because so many people use only one password for everything.
    Last edited by Art Mann; 07-05-2014 at 2:19 PM.

  6. #6
    Join Date
    May 2007
    Location
    Fort Smith, Arkansas
    Posts
    1,985
    lol mine was 26 THOUSAND years. Edited to say I went back and it actually looks like it might be an ad for Roboform or a way to drive customers to their website.
    Last edited by Michael Weber; 07-05-2014 at 3:03 PM.
    My three favorite things are the Oxford comma, irony and missed opportunities

    The problem with humanity is: we have paleolithic emotions; medieval institutions; and God-like technology. Edward O. Wilson

  7. #7
    Join Date
    Nov 2007
    Location
    Glenelg, MD
    Posts
    12,256
    Blog Entries
    1
    I wouldn't hold too much of a candle to how they're determining the strength. It makes some assumptions about passwords that are not necessarily valid.
    Hi-Tec Designs, LLC -- Owner (and self-proclaimed LED guru )

    Trotec 80W Speedy 300 laser w/everything
    CAMaster Stinger CNC (25" x 36" x 5")
    USCutter 24" LaserPoint Vinyl Cutter
    Jet JWBS-18QT-3 18", 3HP bandsaw
    Robust Beauty 25"x52" wood lathe w/everything
    Jet BD-920W 9"x20" metal lathe
    Delta 18-900L 18" drill press

    Flame Polisher (ooooh, FIRE!)
    Freeware: InkScape, Paint.NET, DoubleCAD XT
    Paidware: Wacom Intuos4 (Large), CorelDRAW X5

  8. #8
    Join Date
    Feb 2003
    Location
    In the foothills of the Sandia Mountains
    Posts
    16,622
    "It would take a desktop PC about 465 million years to crack your password"

    Great, now I just have to remember it.
    Please help support the Creek.


    "It's paradoxical that the idea of living a long life appeals to everyone, but the idea of getting old doesn't appeal to anyone."
    Andy Rooney



  9. #9
    You all really went to the site, I'll just have to guess what it would have told me. Better change your passwords now. Lol

  10. #10
    Join Date
    Nov 2007
    Location
    Glenelg, MD
    Posts
    12,256
    Blog Entries
    1
    Quote Originally Posted by Alan Gan View Post
    You all really went to the site, I'll just have to guess what it would have told me. Better change your passwords now. Lol
    Why? It has no concept of who I am other than my IP, nor does it know what possible accounts said passwords are attached to.

    Paranoia is only useful when there's logic behind it...
    Hi-Tec Designs, LLC -- Owner (and self-proclaimed LED guru )

    Trotec 80W Speedy 300 laser w/everything
    CAMaster Stinger CNC (25" x 36" x 5")
    USCutter 24" LaserPoint Vinyl Cutter
    Jet JWBS-18QT-3 18", 3HP bandsaw
    Robust Beauty 25"x52" wood lathe w/everything
    Jet BD-920W 9"x20" metal lathe
    Delta 18-900L 18" drill press

    Flame Polisher (ooooh, FIRE!)
    Freeware: InkScape, Paint.NET, DoubleCAD XT
    Paidware: Wacom Intuos4 (Large), CorelDRAW X5

  11. #11
    Join Date
    Feb 2003
    Location
    Doylestown, PA
    Posts
    7,551
    Something that would help with password security is for sites where security matters - where financial and sensitive personal information reside - would be to not limit passwords to 8 or 12 characters. Something like fragments of 3 or 4 sentences is easier to remember than 10 or 15 random characters. Here is a similar site but gives strength when attacked with parallel GPUs or medium sized botnets. It also has a dictionary checker.

    http://password-checker.online-domain-tools.com/

    Here is the result of a password sort of relevant to a woodworking site:

    Li3-Nielsen52+Ver1tas=WWBlis$

    pw1.png

  12. #12
    Join Date
    Jul 2005
    Location
    Eastern Iowa
    Posts
    751
    Quote Originally Posted by Curt Harms View Post
    .... Something like fragments of 3 or 4 sentences is easier to remember than 10 or 15 random characters.
    This.
    For sites like Sawmill I have a one word password, sometimes with a number thrown in. For email, Amazon, insurance companies, financial institutions, I have a sentence related to that institution with special characters/numbers inserted in appropriate places. Even with a 12 character limit, something simple like "Iliv3@Iowa52" . Following capitalization rules-helps to remember; substituting 3's for all e's; finishing up the 12 character max with the numbers from my zip code, is easy to remember and gives a time of 344,000 years according to the first web site and 77% on the 2nd, which seems to be the best you can do with a 12 character limit.

    My online banking is a twenty character sentence AND I opted to have the bank text me to send a 1-time use access code anytime I try to log in from an unfamiliar machine.
    Comments made here are my own and, according to my children, do not reflect the opinions of any other person... anywhere, anytime.

  13. #13
    Join Date
    Mar 2006
    Location
    SoCal
    Posts
    22,493
    Blog Entries
    1
    I'm sure we are all smart enough not to put our actual passwords into such a thing. As a service it is a nice barometer to let you know if the sort of format you use for your password is adequate. Certainly upper and lower case with a number and a special character would be a minimum. It would be nice if more folks would accept a set of characters divided by a space and if most common punctuation and math symbols were accepted. I carry over 60 passwords around in my head at work and these change on an irregular basis. After a few decades of doing this it is like walking and chewing gum . . . oops! Almost tripped there . . . better be more careful.

    At any rate, if one gives it a bit of thought, a dozen characters that can be altered in some pattern per account is not real hard to come up with. On the other hand, just how interesting is my stuff, anyway? I don't mean my bank or credit cards and so forth. I mean how much is a small town in China focusing on one of my PC's? There is some protection in being boring BUT, if you want a real eye opener, hang a filter on your broadband connection at home and be awed and inspired by the amount of stuff hitting your machine! Who knew you were so interesting!?! ;-)
    Last edited by glenn bradley; 07-06-2014 at 11:32 AM.
    "A hen is only an egg's way of making another egg".


    – Samuel Butler

  14. #14
    Join Date
    Nov 2007
    Location
    Glenelg, MD
    Posts
    12,256
    Blog Entries
    1
    Quote Originally Posted by glenn bradley View Post
    On the other hand, just how interesting is my stuff, anyway? I don't mean my bank or credit cards and so forth. I mean how much is a small town in China focusing on one of my PC's? There is some protection in being boring BUT, if you want a real eye opener, hang a filter on your broadband connection at home and be awed and inspired by the amount of stuff hitting your machine! Who knew you were so interesting!?! ;-)
    This ^^^^^^^^^^^^
    Hi-Tec Designs, LLC -- Owner (and self-proclaimed LED guru )

    Trotec 80W Speedy 300 laser w/everything
    CAMaster Stinger CNC (25" x 36" x 5")
    USCutter 24" LaserPoint Vinyl Cutter
    Jet JWBS-18QT-3 18", 3HP bandsaw
    Robust Beauty 25"x52" wood lathe w/everything
    Jet BD-920W 9"x20" metal lathe
    Delta 18-900L 18" drill press

    Flame Polisher (ooooh, FIRE!)
    Freeware: InkScape, Paint.NET, DoubleCAD XT
    Paidware: Wacom Intuos4 (Large), CorelDRAW X5

  15. #15
    Quote Originally Posted by glenn bradley View Post
    I'm sure we are all smart enough not to put our actual passwords into such a thing.

    There is some protection in being boring BUT, if you want a real eye opener, hang a filter on your broadband connection at home and be awed and inspired by the amount of stuff hitting your machine!
    If any of you want some real fun try running WireShark. Talk about an interesting afternoon spent watching the world of CyberSpace fly by. ~

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •