servant of YHWH עבד יהוה

Friday, October 22, 2004

make the switch to pass phrases

Do you see a pattern here? Pass-phrase LENGTH, not complexity defeats these attacks. Short, but complex passwords should be shunned as they are not truly secure anymore and you are deceiving yourself if you think they are. Long pass-phrases (14 characters or more) are the future (along with 2-factor or more authN, but that's another blog for another day) and are the only way to go if you want to ensure that you won't get hacked via any type of password based attack of any kind.



News source: Robert Hensing's blog

posted by Servant of YHWH עבד יהוה at 9:06 am

6 Comments:

  • From wits0,

    Make it alphanumeric. Use a password making program

    Example 10 characters one : qX&m5!pM42
    Save in a file somewhere on your PC and then copy paste it when you need it. Use a firewall.

    Or use a program like Key Maker set to(say) 10 characters, say, and enter "KOSMAS" to generate this : js58zq16l8
    Everytime you use Key Maker, just enter your human language password to create an equivqlent jibberish one - this way it's easier to remeber the pw.
    because the jibberish equivalent is constant according to the human language one.

    By Anonymous Anonymous, at 1:01 am  

  • I will check out that Key Maker program, sounds good. Nowdays with those brute force types of password breakers, it's sensible to change passwords every once in a while. Some bloggers commented that the most guaranteed forms of security would be facial and voice authentication. Interesting to note but not expecting it anytime soon for normal daily use. :) Yes and you are right to point out that using a firewall is good, be it software or hardware. Unless people do not care what gets snooped on their systems, a firewall is a must.

    By Blogger Servant of YHWH עבד יהוה, at 12:24 pm  

  • From wits0:

    **Keymaker** URL for d/l : http://www.softnik.net/download/keymaker_setup.exe

    Installed size only around 379KB

    A interesting newer substitute URL : http://www.goodkeywords.com/
    - haven't installed this one.

    By Anonymous Anonymous, at 2:29 pm  

  • So how does this program differ from a password maker? Apart from having to type in a phrase in order for the password to be created, how does this work? Also, is this just a password creator, or a program in which one has to call up everytime they need to enter a password?

    By Blogger Servant of YHWH עבד יהוה, at 11:11 pm  

  • From wits0:

    Password makers usually makes one or many passwords of any selected length according to your chosen settings. Afterwards you are, I presumed, expected to keep them nicely sorted and listed, linked to where/how you sued them in password archiving programs like freeware PINS which is itself accessible only by a master pw on your PC.

    Key Maker makes one jibberish one at a time that is related to your human language pw and with the chosen preset configuration unchanged, will always produce the same jibberish one.

    By Anonymous Anonymous, at 3:01 am  

  • Oh I see, ok I see the difference now. Thanks for the clarification. This should give me more reason to want to use it now.

    By Blogger Servant of YHWH עבד יהוה, at 7:49 am  

Post a Comment

<< Home