 Passwords That Should Never Be Used, How to create strong passwords and hacksafe passwords |
|
|
|
|
  |
  May 25 2006, 12:23 AM
Post
#1
|
|
|
Newbie [Level 1]  Group: Members Posts: 10 Joined: 24-May 06 Member No.: 24,181  |
 QUOTE Strong passwords are your first step in securing your systems. If a password can be easily guessed or compromised using a simple dictionary attack, your systems will be vulnerable to hackers, worms, Trojans, and viruses. Trojan, virus, and worm authors have had great success attacking systems with weak and/or default passwords. Take IRC/Flood Trojan for example. McAfee’s virus profile states that IRC/Flood has over 120 variants and has infected over 60,000 machines in the last 30 days. IRC/Flood succeeds by checking for 22 different different easy to guess admin passwords (variants vary). Unfortunately, there are a lot more where IRC/Flood came from, W32/Tzet.worm, W32/Random.worm, and W32.HLLW.Gaobot.gen are in the wild just to name three. Hackers also have no problem compromising systems with weak passwords. Programs like L0pthCrack for example make the process simple and efficient. Creating a password-cracking dictionary is not even a challenge. Type the words "Creating Password Cracking Dictionaries", without the quotes, in to your favorite search engine. A comprehensive dictionary can be downloaded or created from scratch in short order. Below is a list of commonly used weak passwords that should NEVER be used. If any of these passwords look hauntingly familiar and are being used, you need to change the password immediately. PCLinuxOnline has a great article: Link: Full Article hope this could help u from now on to choose better passwords  Have a nice day! |
 |
 
|
|
May 25 2006, 06:50 AM
Post
#2
|
|
|
Privileged Member Group: Members Posts: 702 Joined: 17-February 05 Member No.: 3,817 |
I totally agree with this idea but isn't it understood? Most of the webmasters would know this much, atleast.
Last time I visited a friend of mine and when he was logging on to his hotmail ID he was typing his password for a long time and I asked him what was he doing. He told me that he was typing his password consisting of alphabets and numbers that made up to 70 characters. It was one of the longest password I've ever heard of. And you know what he said, his email ID has the safest password. |
|
|
|
|
May 25 2006, 05:53 PM
Post
#3
|
|
|
Member [Level 1] Group: Members Posts: 52 Joined: 22-May 06 Member No.: 24,107 |
You could easily use a phrase as a password, and to include numbers in it, use any number as a space (like "this0is0the0safest0password0in0the0world0hurray"). This yaw you wouldn't forget it. Of course you could use a gigantic phrase but I don't know if that is even possible to store in the passwords database..
Other type of password that can be used is the "numb3r5_4nd_l3773rs" type. Or you can even type a backwards phrase, so the dictionaries wouldn't be able to guess them (like "nac uoy fi em kcah ot yrt")
|
|
|
|
|
May 26 2006, 12:58 AM
Post
#4
|
|
|
Newbie [Level 2] Group: Members Posts: 34 Joined: 26-May 06 Member No.: 24,302 |
More importantly than typing in common passwords, is the concept of default passwords. For example, how many wireless products come with default passwords where the owner is too stupid to think to change it. Now people are being arrested for connecting to wireless networks, but I think the fault should be placed on the people who aren't securing those networks in the first place, the product makers.
|
|
|
|
|
May 26 2006, 04:37 AM
Post
#5
|
|
|
Premium Member Group: Members Posts: 184 Joined: 29-April 06 From: San Francisco, CA Member No.: 22,735 |
Also, make use of symbolic (literally, not literary) passwords [^*@&%!!@#$*12342568 9ABCDEFGHIJKLMNOPQ...] arranged into random strings of blah. Takes forever to crack according to this article:
http://www.thecrypt.co.uk/lockdown/recovery_speeds.html |
|
|
|
|
May 26 2006, 01:23 PM
Post
#6
|
|
|
.::UniCorN::. Group: Members Posts: 973 Joined: 19-September 04 From: Dalian CHN Member No.: 1,192 |
it is a good idea all of you gave above.a security password must include number ,letter and symbol...certainly capitalization aslo need not lack.however,it is not a perfection.there is a good way to protect your password.the order of your typing them...you can type the latter part with keyboard then use mouse to input the fore part to avoid some spy software.
|
|
|
|
|
May 26 2006, 06:16 PM
Post
#7
|
|
|
Proud to be hosted Group: Members Posts: 993 Joined: 11-July 04 From: NL Member No.: 75 |
Pheeew, I'm glad my password isn't on that list, altrough I didn't expect that to be the case
|
|
|
|
|
May 26 2006, 07:40 PM
Post
#8
|
|
|
Super Member Group: Members Posts: 469 Joined: 30-September 04 From: Manila, Philippines Member No.: 1,349 |
i use an alphanumeric combination for my passwords. i tried to open a friend's account using his favorite artist's name and it worked. i told him at once about that, and asked him to change his password immediately or else I would hack his accounts. hehehe he changed the passwords to all of his accounts. some people are so vulnerable to hacking because they use simple words as passwords.
|
|
|
|
|
May 26 2006, 08:37 PM
Post
#9
|
|
|
Member [Level 1] Group: Members Posts: 52 Joined: 26-May 06 Member No.: 24,344 |
QUOTE(Radioactive @ May 25 2006, 12:53 PM)  You could easily use a phrase as a password, and to include numbers in it, use any number as a space (like "this0is0the0safest0password0in0the0world0hurray"). This yaw you wouldn't forget it. Of course you could use a gigantic phrase but I don't know if that is even possible to store in the passwords database.. Other type of password that can be used is the "numb3r5_4nd_l3773rs" type. Or you can even type a backwards phrase, so the dictionaries wouldn't be able to guess them (like "nac uoy fi em kcah ot yrt") They arn't the best examples of passwords that you should use... You need Special characters like: @~{}]['#/()*"$%"^! Lowercase Letters like: abcdefghi Uppercase Letters like: ABCDEFGHI Numbers like: 01234567 All this will create the best password for example: L@tS0fcH4r5_|v|4kE490oDPA5Svv0rD^£ |