G+_Bill Taggart Posted May 29, 2013 Share Posted May 29, 2013 Consider using a password that means nothing to you... Don might like reading this... http://www.dailymail.co.uk/sciencetech/article-2331984/Think-strong-password-Hackers-crack-16-character-passwords-hour.html?ito=feeds-newsxml http://www.dailymail.co.uk/sciencetech/article-2331984/Think-strong-password-Hackers-crack-16-character-passwords-hour.html?ito=feeds-newsxml Link to comment Share on other sites More sharing options...
G+_James Karaganis Posted May 29, 2013 Share Posted May 29, 2013 I have never used passwords that mean anything to me. I do not understand people that do. Link to comment Share on other sites More sharing options...
G+_James Karaganis Posted May 29, 2013 Share Posted May 29, 2013 For that matter, none of my passwords mean anything to anyone. Link to comment Share on other sites More sharing options...
G+_Tony Bossaller Posted May 29, 2013 Share Posted May 29, 2013 I'd actually be curious on how many of those were collisions and not the actual password. Since they had the original passwords, it would be trivial to compare but would give a decent idea on how effective passwords are in a world where collisions are getting easier to fabricate. Link to comment Share on other sites More sharing options...
G+_Robert Jazo Posted May 29, 2013 Share Posted May 29, 2013 Ultimately this shows that passwords just need to go. I have been moving to two-factor authentication when possible, but eventually we need to work out better methods of establishing identity on the Internet. Link to comment Share on other sites More sharing options...
G+_Derek Gourlay Posted May 29, 2013 Share Posted May 29, 2013 My issue with this article is there is no mention about the hashing algorithm used for the hashed + salted passwords. Also I wonder what EC2 instance was used to produce that graph... Link to comment Share on other sites More sharing options...
Recommended Posts